|
mystes posted:I think that other oses have ways of locking the screen that aren't just drawing a window on top of everything. I mean, there are only so many ways you can make a screen locker.
|
# ? Jan 20, 2021 22:14 |
|
|
# ? May 30, 2024 01:54 |
|
mystes posted:I think that other oses have ways of locking the screen that aren't just drawing a window on top of everything. but that’s not very open source of you; how am i supposed to spend endless hours curating a bespoke free as in freedom distribution to install on my computer that is purely used to install said stack?
|
# ? Jan 20, 2021 22:14 |
|
if you want to know more than you should about how X screen lockers (don’t) work you can go check jwz’s blog (and why you this isn’t the Linux thread so why would you waste your time)
|
# ? Jan 20, 2021 22:34 |
|
e: previous page
|
# ? Jan 22, 2021 00:19 |
|
https://twitter.com/RachelTobac/status/1352409636792492035
|
# ? Jan 22, 2021 08:28 |
https://www.bbc.co.uk/news/technology-55749959quote:Some of the laptops given out in England to support vulnerable children home-schooling during lockdown contain malware, BBC News has learned.
|
|
# ? Jan 22, 2021 09:37 |
|
https://twitter.com/antumbral/status/1352569985600679938
|
# ? Jan 22, 2021 13:36 |
|
Lol just submit a pr to add a vulnerability while you're add it.
|
# ? Jan 22, 2021 13:47 |
|
wow that's hosed up. it'd be one thing if the research was about intentionally getting these requests reverted via PRs, but the paper's just fingerprinting:quote:Firefox e: quote:Ethics and disclosure quote:Nonetheless, browsers like Brave have recently adopted built-in anti-fingerprinting techniques which can affect our attack’s performance (while Tor has done so for years, we do not consider it in our experiments since it is not susceptible to our favicon attack). Wiggly Wayne DDS fucked around with this message at 14:39 on Jan 22, 2021 |
# ? Jan 22, 2021 14:12 |
|
what are the chances someone deliberately broke the favicon cache specifically to avoid that sort of attack
|
# ? Jan 22, 2021 14:20 |
|
haveblue posted:what are the chances someone deliberately broke the favicon cache specifically to avoid that sort of attack
|
# ? Jan 22, 2021 14:21 |
|
I guess it does actually show that there's a problem if it's easy for someone to get them to revert changes that were made intentionally to prevent fingerprinting, which is kind of interesting, although that's obviously not what the person was trying to do, as Wiggly Wayne DDS said.
|
# ? Jan 22, 2021 14:29 |
|
haveblue posted:what are the chances someone deliberately broke the favicon cache specifically to avoid that sort of attack if it was it was done wrong and never documented. seems more likely someone just broke it
|
# ? Jan 22, 2021 15:51 |
|
mystes posted:I guess it does actually show that there's a problem if it's easy for someone to get them to revert changes that were made intentionally to prevent fingerprinting, which is kind of interesting, although that's obviously not what the person was trying to do, as Wiggly Wayne DDS said. yeah, I would expect some doc or better test around this thing (though the cache semantics were undercovered by automated test last I looked, so it might be a fair bit of work) I love the security researcher asking for susceptibility to their pet tracking vuln, though. very high energy
|
# ? Jan 22, 2021 16:01 |
Wiggly Wayne DDS posted:100%, it was part of the hardening for tor's use of firefox as a base i'm not so sure it was intentional BlankSystemDaemon fucked around with this message at 16:09 on Jan 22, 2021 |
|
# ? Jan 22, 2021 16:05 |
|
https://threatpost.com/adt-hacks-home-security-cameras/163271/quote:Former ADT employee Telesforo Aviles took note when there were attractive women at a home he serviced in the Dallas area. Then he would add his personal email address to their accounts so he could have around-the-clock access to their most private moments, according to the U.S. Attorneys’ Office. ADT: We're home even when you're not dressed
|
# ? Jan 24, 2021 03:54 |
flakeloaf posted:https://threatpost.com/adt-hacks-home-security-cameras/163271/
|
|
# ? Jan 24, 2021 04:06 |
|
flakeloaf posted:https://threatpost.com/adt-hacks-home-security-cameras/163271/ reason 5,682 why internet facing cameras inside your house may not be a great security solution: there could be a piece of poo poo watching them at any time.
|
# ? Jan 24, 2021 04:46 |
|
The worst part is that only the stupid ones get caught.
|
# ? Jan 24, 2021 05:40 |
|
Midjack posted:reason 5,682 why internet facing cameras inside your house may not be a great security solution: there could be a piece of poo poo watching them at any time. Is it just me or is having camera's inside your house weird.
|
# ? Jan 24, 2021 12:19 |
jre posted:Is it just me or is having camera's inside your house weird. I’d say it’s solidly weird, besides like idk, entry doorway and maybe your home office where you have some document safe or some poo poo?
|
|
# ? Jan 24, 2021 13:17 |
|
BlankSystemDaemon posted:we all know this won't be the first or last time, but lockscreen bypasses are always fun, especially when they involve bitlocker which is supposed to be microsofts big security framework Don't count on an unhardened consumer OS to have a magical "protect me" button. It's definitely a bypass, but it required the machine to have a user account with automatic recovery options enabled. Without a competent sysadmin and a TPM, all you should really count on bitlocker for is having a thief format the machine instead of snooping.
|
# ? Jan 24, 2021 13:32 |
SYSV Fanfic posted:Don't count on an unhardened consumer OS to have a magical "protect me" button. It's definitely a bypass, but it required the machine to have a user account with automatic recovery options enabled. Without a competent sysadmin and a TPM, all you should really count on bitlocker for is having a thief format the machine instead of snooping. Also, that's a hell of a good username.
|
|
# ? Jan 24, 2021 15:09 |
|
jre posted:Is it just me or is having camera's inside your house weird. it is. i have one just pointed at my 3d printer in case it goes apeshit while i'm not home, and one in the entryway. having one pointing at where you sleep is just begging to see shadow people when you look at the recordings
|
# ? Jan 24, 2021 15:29 |
|
jre posted:Is it just me or is having camera's inside your house weird. the service was literally marketed as a way to spy on members of your household remotely, so yeah, hella weird
|
# ? Jan 24, 2021 17:28 |
|
brains posted:the service was literally marketed as a way to spy on members of your household remotely, so yeah, hella weird I can see it just out of some theory that it would make you safer for reasons, or increase the chances of someone getting caught(more likely to get a food view of the face) but to straight market it to spy on your family...
|
# ? Jan 24, 2021 17:31 |
|
you want to be sure your family is safe, don't you? what better way to do that than by surveilling them 24/7
|
# ? Jan 24, 2021 17:35 |
|
a lot of people in a position to be able to afford to pay some guy to wire up their entire house with surveillance cameras also have hired help in the home who they want to micromanage and abuse
|
# ? Jan 24, 2021 17:40 |
|
brains posted:the service was literally marketed as a way to spy on members of your household remotely, so yeah, hella weird all those x10 ads were creepy AF in retrospect. actually at the time too
|
# ? Jan 24, 2021 17:42 |
|
RFC2324 posted:
https://www.prnewswire.com/news-releases/adt-security-hit-with-class-action-lawsuits-over-employees-video-snooping-301061013.html posted:One lawsuit was filed on behalf of ADT customers, and the other on behalf of minors and others living inside the homes. The lead plaintiff in one of the lawsuits was a teenage girl during the time that the breach occurred. ADT informed her family that the technician spied on them nearly 100 times, according to the lawsuit.
|
# ? Jan 24, 2021 19:11 |
|
edit: wrong window
|
# ? Jan 24, 2021 19:12 |
|
RFC2324 posted:
lotta people have a desire for control that IoT companies are happy to market to
|
# ? Jan 24, 2021 21:07 |
|
https://twitter.com/bethbourdon/status/1353281184894230529 Aieeee.
|
# ? Jan 24, 2021 21:47 |
|
a hilarious amount of poo poo at work claims to still requires ie and blocks you if you use anything else. forge the agent headers and it works just fine with firefox.
|
# ? Jan 24, 2021 22:41 |
|
Midjack posted:a hilarious amount of poo poo at work claims to still requires ie and blocks you if you use anything else. forge the agent headers and it works just fine with firefox. if an agent string switcher isn't just one of your standard browser addons, what are you even doing on the internet? telling the truth or something?
|
# ? Jan 24, 2021 22:50 |
|
guardians
|
# ? Jan 24, 2021 22:50 |
|
infernal machines posted:you want to be sure your family is safe, don't you? one of the other occupants in my building wants to put cctv in the stairwell so I was like hard no unless there's a policy of deletion etc and he's like why are you worried, you're not a criminal
|
# ? Jan 24, 2021 23:17 |
|
Carthag Tuek posted:one of the other occupants in my building wants to put cctv in the stairwell yeah, unless the building is going to set and enforce data privacy/retention policies that's just a huge mess. especially in europe where you have actual privacy laws
|
# ? Jan 24, 2021 23:25 |
|
In my apartment building there are more than enough residents with Ring cameras to cover all the entrances and exits
|
# ? Jan 24, 2021 23:39 |
|
|
# ? May 30, 2024 01:54 |
|
yeah looks like current law says max 30 days unless theres like a criminal investigation or similar situation im gonna insist on fde and requiring all access to the recordings being logged as well other ideas? e: no internet
|
# ? Jan 24, 2021 23:41 |