|
Computer Serf posted:an app like signal can be audited and considered perfectly secure but by running it on an iphone full of other software with potential remote exploits, or something like a baseband modem with a backdoor and direct memory access then an attacker like an international commercial spyware engineering company like nso group only needs to find the weakest link in the stack to gain access. cyber security works better if you assume you can’t trust most of the stack. or you can just lean on someone and get them to take some screenshots
|
# ? Mar 29, 2023 01:28 |
|
|
# ? May 29, 2024 14:55 |
|
drk posted:or you can just lean on someone and get them to take some screenshots yeah tbh the instant i saw my boss instruct me to use message-destruction services because we are about to, quote, "do some hella illegal poo poo so dont want the feds *fakes gagging noise* to bring down the entirety of our criminal enterprise" id be taking screenshots left and right
|
# ? Mar 29, 2023 02:02 |
|
FDIC tells Signature’s crypto clients: be your own bank https://twitter.com/Reuters/status/1640879042428653571
|
# ? Mar 29, 2023 02:36 |
|
DominoKitten posted:drat. Trying to bribe a bank employee (who was actually a fed) was how the FBI awarded my penny ante ponzi father a stay at Club Fed for a little under a year. If a fed goes undercover as a bank employee and you try to bribe them, can you be charged with bribing a fed or only a private citizen?
|
# ? Mar 29, 2023 02:46 |
|
A question I cannot answer. The Feds took the easy route and nailed him for lying to him when they started putting the screws to him, and he took it “for the good of the family” even though he swore up and down he’d done nothing wrong. It’s true that fighting it just would have made everything worse for everyone, though.
|
# ? Mar 29, 2023 03:14 |
|
|
# ? Mar 29, 2023 03:20 |
|
ellie the beep posted:yeah tbh the instant i saw my boss instruct me to use message-destruction services because we are about to, quote, "do some hella illegal poo poo so dont want the feds *fakes gagging noise* to bring down the entirety of our criminal enterprise" id be taking screenshots left and right Snapchat somehow can tell when someone takes a screenshot, can Signal do that?
|
# ? Mar 29, 2023 03:30 |
|
IUG posted:Snapchat somehow can tell when someone takes a screenshot, can Signal do that? Does snapchat just check if a screenshot is taken by the os screenshot feature though? I feel getting around that should be pretty trivial. Hell does it check if you just decided to take a video capture of your entire desktop as it's trivial to take an individual screen shot from that.
|
# ? Mar 29, 2023 04:24 |
|
Or just use a camera
|
# ? Mar 29, 2023 05:22 |
|
but thats what a tech illiterate boomer would do. a infosec catch 22.
|
# ? Mar 29, 2023 05:34 |
|
Seth Pecksniff posted:One of my friends works in cyber and once when we were talking she told me "Nothing is unbreakable. Nothing." It's dependent on if you wanna be a math nerd about it. You can technically have perfect cryptographic secrecy, but you won't, because perfect secrecy is hilariously difficult to implement and exponentially less worthwhile than secrecy which is infeasible to break; even if computational power to break P-521 theoretically existed, it's not meaningfully relevant to almost anyone. Generally, if the NSA is willing to dedicate all their resources to figuring out what exactly you sent over some messaging app, you are 100% hosed regardless. And as we've seen time and time again with Bitcoin, the best and most modern cryptographic security protocols are completely loving worthless if the people using them are stupid
|
# ? Mar 29, 2023 16:31 |
|
Modern cryptography is unbreakable for the time being. Pending some really exotic math that solves the cipher in a new exotic way, we're reaching the size of numbers of probabilities that means you're just as likely to walk into a miniature black hole. But everything starts and ends as something a human can read and your knee caps or phone OS are breakable. Weakest link and all. To say nothing of the jokes about cryptography only being failed, not failing or the warnings against rolling your own cryptography solution. We could maybe get past the human failure and human readability issues if we could train a large language model to be a perfect scam machine and stick it in a black box and be like "dunno where all this money came from, the AI is smart I guess."
|
# ? Mar 29, 2023 16:44 |
|
Blade Runner posted:And as we've seen time and time again with Bitcoin, the best and most modern cryptographic security protocols are completely loving worthless if the people using them are stupid "A steel door in a cardboard frame."
|
# ? Mar 29, 2023 17:04 |
|
i like how Burn Notice and other dumb shows break the lock instead of trying to beat the lock. or as the above post says, break the wall around the safe. or in the case of a floor safe, use the expensive titanium golf clubs to break the floor around the floor safe. (oh and then drop the safe from the 2nd floor to break it open , then frame the conman and trick the police into arresting him )
|
# ? Mar 29, 2023 17:13 |
|
Signal is extremely good and up to life or death journalism standards. But a sufficient subpoena can get you a phone backup.
|
# ? Mar 29, 2023 19:00 |
|
but before all that non sense the government just buys all the advertising data pertaining to you which contains stuff they would need a judge to sign off first to find out
|
# ? Mar 29, 2023 19:14 |
|
divabot posted:Signal is extremely good and up to life or death journalism standards. But a sufficient subpoena can get you a phone backup. Signal isn’t secure if the device memory can be hacked silently, exposing the unencrypted plain text of the messages. Both iOS and Android flagship devices have been exposed from vulnerabilities in 0-click remote exploits. Amnesty International posted:The Pegasus attacks detailed in this report and accompanying appendices are from 2014 up to as recently as July 2021. These also include so-called “zero-click” attacks which do not require any interaction from the target. Zero-click attacks have been observed since May 2018 and continue until now. Most recently, a successful “zero-click” attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021. Amnesty International posted:Evidence gathered through our technical analysis of Omar Radi’s iPhone revealed traces of the same “network injection” attacks we described in our earlier report that were used against Maati Monjib. This provides strong evidence linking these attacks to NSO Group’s tools.
|
# ? Mar 29, 2023 19:59 |
|
Pegasus is nation-state stuff, and at that point you're already hosed. Signal remains the absolute best available. (I spent some time talking to the people dealing with the El Salvador deployment of Pegasus and especially in regards to Signal, so I have some slight idea about how this works in practice and not just in long slabs of copypasta. Burner phones are relatively expensive in El Salvador, but not unusably so. Given how the mainstream centrist political parties in El Salvador started as fascist death squads versus communist guerrillas, they have some knowledge of using pretty-good tools effectively.)
|
# ? Mar 29, 2023 20:18 |
|
https://youtu.be/31D94QOo2gY is a super cool talk that goes into detail about the kind of silent direct access sim cards have
|
# ? Mar 29, 2023 21:48 |
|
Also the classic trick of there being more than two people involved and you just pay one of them to tell you what's going on. AKA "social engineering" because no way can something as effective as spying not be an engineering discipline.
|
# ? Mar 29, 2023 22:28 |
|
Strategic Tea posted:Also the classic trick of there being more than two people involved and you just pay one of them to tell you what's going on. I know somebody who became a "cyber-security consultant" more or less entirely on the strength of winning exactly one of those Defcon social engineering contests, aka "call Payroll and imply that you're a big deal at the company, see if they'll give you their password". No prior experience in cyber security. Now she's on national TV from time to time to talk about it.
|
# ? Mar 29, 2023 23:05 |
|
Strategic Tea posted:Also the classic trick of there being more than two people involved and you just pay one of them to tell you what's going on. Literally everyone at FTX flipped on SBF in exchange for a promise to consider it when sentencing them for their many, many crimes Someone taking pics of the #binance-crimes groupchat seems far, far more likely than some cloak and dagger poo poo, or using nation-state level hacking to hack CZ's phone
|
# ? Mar 29, 2023 23:13 |
|
Blade Runner posted:It's dependent on if you wanna be a math nerd about it. You can technically have perfect cryptographic secrecy, but you won't, because perfect secrecy is hilariously difficult to implement and exponentially less worthwhile than secrecy which is infeasible to break; even if computational power to break P-521 theoretically existed, it's not meaningfully relevant to almost anyone. Generally, if the NSA is willing to dedicate all their resources to figuring out what exactly you sent over some messaging app, you are 100% hosed regardless. I'm reminded of an article that was floating around in here or the Epstein thread, about how there's two types of threats. Threat type A is everyone who is not Mossad. In that group you can marshall your resources appropriately to the perceived threat. Threat type B is Mossad. You are hosed, there is no point in hiding. Does anyone know what I'm talking about? It was an article from the early oughts I think.
|
# ? Mar 29, 2023 23:29 |
|
drk posted:Literally everyone at FTX flipped on SBF in exchange for a promise to consider it when sentencing them for their many, many crimes You know who shared secret chats with CZ? SBF
|
# ? Mar 29, 2023 23:40 |
|
Boxturret posted:You know who shared secret chats with CZ? That would be the greatest turn of events, and he does like talking about crimes
|
# ? Mar 29, 2023 23:45 |
|
drk posted:That would be the greatest turn of events, and he does like talking about crimes no I think he literally posted screenshots from the secret chat room all the big exchange ceos have where they discuss how to control the economy this was right when cz did the move and started the chain reaction that caused FTX to implode
|
# ? Mar 30, 2023 00:17 |
|
DickParasite posted:I'm reminded of an article that was floating around in here or the Epstein thread, about how there's two types of threats. Threat type A is everyone who is not Mossad. In that group you can marshall your resources appropriately to the perceived threat. Threat type B is Mossad. You are hosed, there is no point in hiding. Turns out that little things like international law make life harder for other countries unless you really hosed up.
|
# ? Mar 30, 2023 00:21 |
|
How about you chill out and understand that "mossad" was a generic term for powerful modern spy agency instead of making this an -ism thing?
|
# ? Mar 30, 2023 00:30 |
|
Boxturret posted:no I think he literally posted screenshots from the secret chat room all the big exchange ceos have where they discuss how to control the economy back when I was in the ugly crypto circles there were absolutely people in telegram groups who blatantly talked market manipulation all day. They would even spread the word before they would move the market. Guess where most of them lived? Tax havens/Dubai.
|
# ? Mar 30, 2023 00:44 |
|
For the curious, this is the article I was referring to. quote:My point is that security people need to get their priorities straight. The “threat model” section of a security paper resembles the script for a telenovela that was written by a paranoid schizophrenic: there are elaborate narratives and grand conspiracy theories, and there are heroes and villains with fantastic (yet oddly constrained) powers that necessitate a grinding battle of emotional and technical attrition. In the real world, threat models are much simpler (see Figure 1). Basically, you’re either dealing with Mossad or not-Mossad. If your adversary is not-Mossad, then you’ll probably be fine if you pick a good password and don’t respond to emails from ChEaPestPAiNPi11s@virus-basket.biz.ru. If your adversary is the Mossad, YOU’RE GONNA DIE AND THERE’S NOTHING THAT YOU CAN DO ABOUT IT. The Mossad is not intimidated by the fact that you employ https://. If the Mossad wants your data, they’re going to use a drone to replace your cellphone with a piece of uranium that’s shaped like a cellphone, and when you die of tumors filled with tumors, they’re going to hold a press conference and say “It wasn’t us” as they wear t-shirts that say “IT WAS DEFINITELY US,” and then they’re going to buy all of your stuff at your estate sale so that they can directly look at the photos of your vacation instead of reading your insipid emails about them. In summary, [url]https://[/url] and two dollars will get you a bus ticket to nowhere. Also, SANTA CLAUS ISN’T REAL. When it rains, it pours.
|
# ? Mar 30, 2023 01:41 |
|
Oh look, new crypto conspiracies! https://twitter.com/WhaleChart/status/1641012938679959555
|
# ? Mar 30, 2023 01:44 |
|
100+ nations all in agreement to flush the world's economy down the toilet purely coincidentally, this means that your best move, financially, is to hold this bag for me
|
# ? Mar 30, 2023 01:52 |
|
notwithoutmyanus posted:Oh look, new crypto conspiracies! 1. lol 2. the majority of US treasury debt is held domestically, not by nefarious foreigners (and the biggest foreign holder is Japan, who we've been cool with since 1945 or so)
|
# ? Mar 30, 2023 01:55 |
|
So it's gone up 75% in the last month. Seems normal.
|
# ? Mar 30, 2023 01:56 |
|
If all these countries sell treasuries at the same time, wouldn't their price crash (=the countries selling lose loads of money, bad news for these countries), meaning the US could just buy them back for cents on the dollar, wiping out its external debt (=no more interest payments, great news for the US)?
|
# ? Mar 30, 2023 02:11 |
|
Sentient Data posted:How about you chill out and understand that "mossad" was a generic term for powerful modern spy agency instead of making this an -ism thing? "Mossad" is a reference to "Mossad", the brutally effective Israeli intelligence and counter-terrorism organization.
|
# ? Mar 30, 2023 02:15 |
|
notwithoutmyanus posted:Oh look, new crypto conspiracies! https://twitter.com/WhaleChart/status/1641012938679959555 who would they sell them to?
|
# ? Mar 30, 2023 03:19 |
|
Mumpy Puffinz posted:who would they sell them to? George Soros, duh
|
# ? Mar 30, 2023 03:30 |
|
istewart posted:George Soros, duh Soro's has all his money in USD, why would he want it to collapse?
|
# ? Mar 30, 2023 03:35 |
|
|
# ? May 29, 2024 14:55 |
|
DickParasite posted:For the curious, this is the article I was referring to. jfc, that article could've been reduced to about 3 paragraphs if that dude learned how to write a concise sentence and figured out that no one thinks he's funny
|
# ? Mar 30, 2023 04:31 |