|
SpaceSDoorGunner posted:I work in a DOD hospital and another issue is that a lot of computers don’t actually lock when you pull your CAC, even though they should. This actually happened to me a couple times, I partially blame it on how SLOW the DOD images are, I was incredibly depressed as to how badly the USAF imaged machines worked, even with good hardware. Many times, even when it seemed like it wasn't locking after pulling my CAC....it actually was, it was just so god damned slow you could do a bunch of stuff before the screen would lock. CommieGIR fucked around with this message at 00:51 on Jan 10, 2021 |
# ? Jan 10, 2021 00:49 |
|
|
# ? May 24, 2024 23:42 |
|
You used to be able to loop a video in Windows Media Player to prevent it from going idle.
|
# ? Jan 10, 2021 02:10 |
|
I got my girlfriend at the time a hardware mouse jiggler (the mouse sat on a pad in an enclosure, the pad rotated underneath of it every so often to cause mouse movement) since the USB ones are by definition sketchy. Her job effectively required answering email for 30 or so minutes each day, after which she would draw or take a nap or something. Truly the most effective use of hospital resources.
|
# ? Jan 10, 2021 03:16 |
https://pbs.twimg.com/media/Erbe0YrVkAkYT_F?format=png&name=900x900 Sweet Jesus.
|
|
# ? Jan 11, 2021 12:53 |
|
yeah uh, that's not what happened reddit poster
|
# ? Jan 11, 2021 13:42 |
Wiggly Wayne DDS posted:yeah uh, that's not what happened reddit poster What happened then?
|
|
# ? Jan 11, 2021 13:45 |
|
CyberPingu posted:What happened then? tldr; massive scraping effort and bypassing of rate limits to grab original video uploads, etc with metadata embedded all archived
|
# ? Jan 11, 2021 14:24 |
Wiggly Wayne DDS posted:start here and work your way through: https://forums.somethingawful.com/showthread.php?threadid=3887592&pagenumber=313#post511528017 Lol, thats amazing. Thanks
|
|
# ? Jan 11, 2021 14:38 |
|
$current_company is using a security onion that's been installed on a decommissioned proxmox hypervisor as an IDS. It's the only vm on the box and its setup to have far more than minimum specs, and squert runs really slow at bringing up events. Normally, I wouldn't really care, but for my sins, I've been told I am now solely responsible for the IDS. So slow as poo poo was fine when I only had to check the thing once a week, but its aggravating at 5-10 times a week. So anyone with experience with SecOnion/SQUERT my question is: By nature does Squert always take about ten minutes to pull up events in a ~100 user environment[number of events?] If not I'm thinking it's because its on a five year old hypervisor, and see about getting a smaller, but newer box to throw it on.
|
# ? Jan 11, 2021 17:24 |
|
I had to take over an Alienvault one time Nobody every used it so it was easy.
|
# ? Jan 11, 2021 17:58 |
|
My knowledge of law extends to watching years of Law & Order on A&E as a kid, but would the Parler dataset be admissible in any sort of legal proceedings given the way it was collected? I mean it’s probably a goldmine for targeted observation at the very least, I guess.
|
# ? Jan 11, 2021 18:08 |
|
Martytoof posted:My knowledge of law extends to watching years of Law & Order on A&E as a kid, but would the Parler dataset be admissible in any sort of legal proceedings given the way it was collected? I mean it’s probably a goldmine for targeted observation at the very least, I guess. AFAIK what has been publicly collected would not be able to be directly admitted in court, but as long as the various prosecutors involved get access to the data through standard legal channels the public research will be very helpful in directing them where to look.
|
# ? Jan 11, 2021 18:16 |
|
wolrah posted:AFAIK what has been publicly collected would not be able to be directly admitted in court, but as long as the various prosecutors involved get access to the data through standard legal channels the public research will be very helpful in directing them where to look. This is my understanding as well. The collected data can’t be used in court, but can be used to find corroborating data that is admissible in court. Or just brow-beating people into confessing on tape.
|
# ? Jan 11, 2021 18:37 |
|
The Fool posted:This is my understanding as well. As the officials weren't the ones who actually collected the evidence, its not warrantless search tho? Like, if I hacked donnie tomorrow and turn the piss tape over to the feds, they can use it as evidence since they aren't the ones who broke the law
|
# ? Jan 11, 2021 18:44 |
|
Yeah, my understanding was if they, as law enforcement, didn't hack the data it's not considered poisonous. Of course that would need to be tested in court. They might also be able to get away with "Oh, hey. We snagged this off a share investigating the crime of Parler being hacked. Look at all this other crime we found while doing that investigation. What are the odds?"
|
# ? Jan 11, 2021 18:50 |
|
wolrah posted:AFAIK what has been publicly collected would not be able to be directly admitted in court, but as long as the various prosecutors involved get access to the data through standard legal channels the public research will be very helpful in directing them where to look. it sets up probable cause and direction for subpoenas to collect evidence directly from parler itself. the data is the same, but the feds would obtain it directly from the source, which would meet a very high bar of admissibility.
|
# ? Jan 11, 2021 18:52 |
|
RFC2324 posted:As the officials weren't the ones who actually collected the evidence, its not warrantless search tho? The actual copies of data found/provided by randoms? That can't possibly be allowed. At least I hope not. "Your honor, 69BigDickAntifa420 provided us data that they pinky swear came from parler and isn't faked" It's gotta be that the information can be used for the feds to do the same work or lead them down the path to a warrant / finding the same information? brains posted:it sets up probable cause and direction for subpoenas to collect evidence directly from parler itself. the data is the same, but the feds would obtain it directly from the source, which would meet a very high bar of admissibility. Yeah it's this right?
|
# ? Jan 11, 2021 18:53 |
|
brains posted:it sets up probable cause and direction for subpoenas to collect evidence directly from parler itself. the data is the same, but the feds would obtain it directly from the source, which would meet a very high bar of admissibility. yep, the relevant L&O episode is "The Chinese Wall", where McCoy and Kincaid have to redo the entire case separately because the original evidence was fruit of the poisonous tree.
|
# ? Jan 11, 2021 18:57 |
|
See also: parallel construction
|
# ? Jan 11, 2021 19:09 |
Anyone here follow Michael Bazzell or the OSINT stuff much? I've been slowly ramping up my online privacy which has included stepping off of almost all social media and switching to more ethical or open source projects instead. His stuff is a bit higher scope than I want to implement but still find it absolutely fascinating and an increasingly important topic.
|
|
# ? Jan 11, 2021 20:33 |
|
cage-free egghead posted:Anyone here follow Michael Bazzell or the OSINT stuff much? I've been slowly ramping up my online privacy which has included stepping off of almost all social media and switching to more ethical or open source projects instead. His stuff is a bit higher scope than I want to implement but still find it absolutely fascinating and an increasingly important topic. The new edition of his OSINT book came out this month and I can't wait to get it and start diving in. https://www.amazon.com/Open-Source-Intelligence-Techniques-Information/dp/1530508908
|
# ? Jan 11, 2021 21:09 |
|
So, the State Department site showed Trump and Pence as having resigned. The State Department said they had an incredibly secure system so it had to have been a disgruntled employee. (That's always the way to bet, obvs.) https://twitter.com/tarah/status/1348736034616479744
|
# ? Jan 11, 2021 22:39 |
|
Well, given that they've also made statements about how "so many people have access" to the edit functions that it would be hard to determine who actually did it, and given that a whole lot of them are gonna be out of a job in a week anyhow, having an employee snipe you like that on the way out does look like a pretty reasonable assumption.
|
# ? Jan 11, 2021 23:07 |
|
Arsenic Lupin posted:So, the State Department site showed Trump and Pence as having resigned. The State Department said they had an incredibly secure system so it had to have been a disgruntled employee. (That's always the way to bet, obvs.)
|
# ? Jan 11, 2021 23:11 |
|
why
|
# ? Jan 12, 2021 07:19 |
|
CommieGIR posted:This actually happened to me a couple times, I partially blame it on how SLOW the DOD images are, I was incredibly depressed as to how badly the USAF imaged machines worked, even with good hardware. I’ve been looking at various computers at the nursing station and often they’ll have very odd amounts of memory like 3.2 or 1.8, between two identical boxes. I don’t know much about windows or windows enterprise but it’s... weird. Also opening just a few windows on Firefox while charting on many computers will cause it to grind to a halt.
|
# ? Jan 12, 2021 12:52 |
Arsenic Lupin posted:So, the State Department site showed Trump and Pence as having resigned. The State Department said they had an incredibly secure system so it had to have been a disgruntled employee. (That's always the way to bet, obvs.) It's a 6ft blast door with uncrackable time locks What's that? Oh that's the side entrance, it's usually unlocked
|
|
# ? Jan 12, 2021 13:48 |
|
SpaceSDoorGunner posted:I’ve been looking at various computers at the nursing station and often they’ll have very odd amounts of memory like 3.2 or 1.8, between two identical boxes. I don’t know much about windows or windows enterprise but it’s... weird. 3.2 implies 32-bit, 1.8 implies 256MB allocated to VRAM?
|
# ? Jan 12, 2021 13:56 |
|
Jeoh posted:3.2 implies 32-bit, 1.8 implies 256MB allocated to VRAM? It’s all 64 bit though. And it’ll be other weird increments like 2.6 or 3.4 at different workstations too, and these are all identical boxes.
|
# ? Jan 12, 2021 15:08 |
|
Mimecast is telling its customers to break and rebuild their Azure connections because of what sounds like a certificate breach. The related app registration effectively has full EXO mailbox access. They've been very cagey with actual information so far. https://www.reddit.com/r/sysadmin/comments/kvs4vg/mimecastmicrosoft_certificate_remediation/ Edit: https://www.crn.com/news/security/hackers-compromise-mimecast-certificate-for-microsoft-authentication Bandire fucked around with this message at 18:58 on Jan 12, 2021 |
# ? Jan 12, 2021 17:36 |
|
CyberPingu posted:It's a 6ft blast door with uncrackable time locks WordPress is fine, WordPress plugins not so much. It gets a bad rap because people get themes/plugins that are shady or stop being maintained, and those end up creating giant holes. Treat the plugins like any public facing app and you should be fine. SpaceSDoorGunner posted:It’s all 64 bit though. And it’ll be other weird increments like 2.6 or 3.4 at different workstations too, and these are all identical boxes. IT has been robbing Peter to pay Paul on people whining about needing RAM, or at least has been applying upgrades as 'needed' instead of evenly to maintain a standard. Probably favorite nurses making the requests.
|
# ? Jan 12, 2021 18:03 |
|
I might be able to rope together money for a budget to get an actual purpose built IDS instead of this frankensteined security onion. Anyone got recommendations?
|
# ? Jan 12, 2021 18:41 |
|
Oh good, I just got a meeting invite from our CEO and a DarkTrace sales person :| Normally I'd blame someone walking past a booth at a conference, but thankfully this year has been a respite from having people get sold on flashy booth graphics
|
# ? Jan 13, 2021 00:54 |
|
DarkTrace probably spent like 5 to 10k wining and dining me over the years NGL. If you’ve got to do this meeting you should see if they’ll send you some uber eats credit or something lol
|
# ? Jan 13, 2021 02:58 |
|
I occasionally have salespeople reaching out to bribe me in exchange for listening to their pitch but I've yet to figure out the verbiage to request, say, an Uber eats contribution. Just love the total lack of ethics rules in software procurement (not really)
|
# ? Jan 13, 2021 16:04 |
|
Apropos of nothing I'm much more suggestible on a full stomach ANYHOW MOVING ALONG
|
# ? Jan 13, 2021 16:06 |
|
The Iron Rose posted:I occasionally have salespeople reaching out to bribe me in exchange for listening to their pitch but I've yet to figure out the verbiage to request, say, an Uber eats contribution. tell them it's your scheduled lunch time
|
# ? Jan 13, 2021 17:08 |
|
I remember companies sending Domino's gift cards if we signed up for a lunch-time webinar That's how we ended up getting our boss to ask for 'fromunda cheese' "They said they don't have it..." Okay, just get pepperoni then.
|
# ? Jan 13, 2021 17:10 |
|
I'll be honest, I don't see how a salesperson buying someone lunch is bribing them. I mean, it's lunch. If they show up with the keys to a new car, or a suitcase full of
|
# ? Jan 13, 2021 17:39 |
|
|
# ? May 24, 2024 23:42 |
Getting to eat well on the company dime sounds like the least bad part about being a sales person, honestly.
|
|
# ? Jan 13, 2021 17:44 |