|
infernal machines posted:you probably know this already, but you can export the config via the web ui and it works for a restore via a new install. they've moved the option a couple times in the last few releases but it's still there. thanks I didn’t know this and was praying I configured the container config volume correctly for “next time”
|
#
?
Dec 22, 2023 00:39
|
|
|
|
| # ? Jun 1, 2024 18:20 |
|
|
it's very necessary because the whole thing runs on mongodb and there is a non-zero chance of any given controller upgrade completely destroying the database
|
|
#
?
Dec 22, 2023 00:41
|
|
|
rjmccall posted:again, they hacked phone companies and ransomed their user data. video games just make for better headlines yeah. the internet chatter on this has been even dumber than normal.
|
|
#
?
Dec 22, 2023 03:06
|
|
|
Subjunctive posted:interesting about wifi 7! is that going to be backwards compatible, in that Wifi 6E devices will get 6E performance, or will the get whatever they’re getting now? I am quite interested in 6E for streaming to my Steam Deck my understanding is that Wi-Fi 7 uses the same frequencies as Wi-Fi 6/6E, the 2.4 GHz, 5 GHz, and 6 GHz bands and Wi-Fi 7 supports a superset of the modulations supported in previous Wi-Fi standards. so yeah a Wi-Fi 6E device shouldn't really care whether it's connected to a 6E or 7 access point. where things might get weird is if they make cheapo access points that don't have enough radios to support all the bands or something, like i think the Wi-Fi 6E access points need three separate radios to support simultaneous operation on each of the 2.4, 5, and 6 GHz bands. oh lol and i missed that intel apparently already launched their client adapter https://ark.intel.com/content/www/us/en/ark/products/230078/intel-wi-fi-7-be200.html looks like it's already on amazon and aliexpress if you search for be200ngw quote:the thing I love about the UniFi in-walls is that they’re also switches so I get a few extra ports for things, but those need to be 2.5GbE for it to matter to the stuff in the office. maybe I stick the AP in the ceiling on its own run, and just use a normal switch in the office yeah if you have two cable runs an access point and a desktop switch could work? like an unmanaged 5 port 2.5 GbE netgear MS305 is a hundred bucks
|
|
#
?
Dec 22, 2023 04:04
|
|
|
I am a fan of setting the UniFi APs up standalone with the app, and then never touching them again until they go to e waste . Same SSID, dump to LAN , done perfect for a house . No janitorial service required .
|
|
#
?
Dec 24, 2023 19:29
|
|
|
https://social.wildeboer.net/@jwildeboer/111635854222526516 https://www.postfix.org/smtp-smuggling.html https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ quote:So here’s the short timeline: June 2023, SEC consult finds the attack. Informs CISCO, Microsoft, GMX/Ionos. After feedback they inform CERT/CC in August. 3rd of December CCC accepts their proposal for 37C3. 18th of December they publish their findings to the world. This is where the postfix community first hears about this and can finally start working on a fix.
|
|
#
?
Dec 24, 2023 21:13
|
|
|
lol that of those 3 links, only the secfuck consult page has a cookie notice immediate red flag imo
|
|
#
?
Dec 24, 2023 21:26
|
|
|
shackleford posted:https://social.wildeboer.net/@jwildeboer/111635854222526516 the outbound thing doesnt actually seem like a vulnerability because its only a problem if the (actual) inbound vulnerability exists at the destination, or am i missing something?
|
|
#
?
Dec 24, 2023 21:47
|
|
|
it's definitely a vuln if you're sending mail you don't even know you're sending lol
|
|
#
?
Dec 24, 2023 21:54
|
|
|
but they arent. the receiver is creating mail that the sender didnt send
|
|
#
?
Dec 24, 2023 21:55
|
|
|
microsoft not understanding newlines in tyool 2023 is definitely the most shaggar thing i'll give you that
|
|
#
?
Dec 24, 2023 21:58
|
|
|
microsoft does understand newlines, they arent vulnerable. i dont think you read it. the people who are vulnerable are linuxes that have incorrect newline handling.
|
|
#
?
Dec 24, 2023 21:59
|
|
|
Truga posted:microsoft not understanding newlines in tyool 2023 is definitely the most shaggar thing i'll give you that smtp is cr-lf i.e. same as windows.
|
|
#
?
Dec 24, 2023 22:04
|
|
|
from the posix post about it:quote:One different email service B that does support malformed line endings in SMTP such as in <LF>.<CR><LF>. When this is followed by "smuggled" SMTP MAIL/RCPT/DATA commands and message header plus body text, email service B is tricked into receiving two email messages: one message with the content before the <LF>.<CR><LF>, and one message with the "smuggled" header plus body text after the "smuggled" SMTP commands. All this when email service A sends only one message. email service A sends only one message containing what service B incorrectly interprets as newlines. Service A is not vulnerable since there is nothing wrong with sending <LF>.<CR><LF> as part of a message. The problem lies exclusively with service B incorrectly treating <LF> on its own as a newline. Cybernetic Vermin posted:smtp is cr-lf aka newline Shaggar fucked around with this message at 22:15 on Dec 24, 2023 |
|
#
?
Dec 24, 2023 22:04
|
|
|
LF on its own or CR on its own are both objectively incorrect for a newline sequence.
|
|
#
?
Dec 24, 2023 22:05
|
|
|
if you don't have the LF the teletype won't advance a line and if you don't have a CR the print head won't move back to the left side of the paper!
|
|
#
?
Dec 24, 2023 22:14
|
|
|
shaggar uses an actual teletypewriter for posting and you guys are messing up all the formatting if you don't do both a carriage return and a line feed
|
|
#
?
Dec 24, 2023 22:15
|
|
|
it is a good additional point that other notable users of cr-lf includes all linux/unix terminals, only the rickety clownshow of a terminal system is set up to replace newlines with a full cr-lf in-flight (feel free to stty -onlcr if you want to experience the full joy of end-to-end 'correct' line endings)
|
|
#
?
Dec 24, 2023 22:19
|
|
|
code:
|
|
#
?
Dec 24, 2023 22:31
|
|
|
plenty of blame to go around, but writing an rfc with "the sender must not" and then basing anything off of that seems unwise
|
|
#
?
Dec 25, 2023 00:31
|
|
|
Shame Boy posted:shaggar uses an actual teletypewriter for posting and you guys are messing up all the formatting if you don't do both a carriage return and a line feed its amazing how linux people are so incredibly wrong that they dont even understand why they're so wrong.
|
|
#
?
Dec 25, 2023 00:44
|
|
|
NFX posted:plenty of blame to go around, but writing an rfc with "the sender must not" and then basing anything off of that seems unwise yeah SMTP is historically garbage, but lol @ an update in 2008 thats like "please, smtp servers are bad, microsoft you write the only functional mail agent that anyone uses, please do this hack so nobody has to fix our legacy linux poo poo"
|
|
#
?
Dec 25, 2023 00:47
|
|
|
the same MUST NOTs appear in 2821 lmao at 1996-2001 era microsoft exchange being a functional anything
|
|
#
?
Dec 25, 2023 00:59
|
|
|
i actually had to write an smtp "server" (ingested messages but processed data out of them instead of it being an actual mailbox) and can confirm there are a billion dogshit devices out of the cheapest possible factories that have garbage, broken smtp implementations that ignore things like "standards" fun project, but every client somehow had some idiotic flaw
|
|
#
?
Dec 25, 2023 01:18
|
|
|
Zamujasa posted:i actually had to write an smtp "server" (ingested messages but processed data out of them instead of it being an actual mailbox) and can confirm there are a billion dogshit devices out of the cheapest possible factories that have garbage, broken smtp implementations that ignore things like "standards" But enough about Microsoft products.
|
|
#
?
Dec 25, 2023 01:19
|
|
|
i think the one client that i know ran on windows had the annoying habit of keeping the connection open for a solid minute after sending a message rather than hanging the gently caress up and getting on with our lives, but that one is at least explicable.
|
|
#
?
Dec 25, 2023 01:22
|
|
|
posting comedy opinions about newlines aside obviously the big fuckup here is postfix, going "emails are not supposed to contain this byte" as some kind of "undefined behavior, earth blows up and unicorns fly out my butt" in a public-facing internet server is clearly not a thing to do. well, the really really big fuckup is the disclosure timeline. i wouldn't have paid this exploit a single mind if it hadn't been released so inconveniently timed for many. though tbh i think that also lessens the impact a lot since a bit more convincing phishing only has a holiday window when few important mails are read to happen.
|
|
#
?
Dec 25, 2023 09:50
|
|
|
Shame Boy posted:i wanna say mikrotik but their wifi offerings have always seemed like they were afterthoughts that are perpetually like 5-10 years out of date i've had a really good experience with the latest stuff -- cap ax only downside is uplink is limited to two bonded gig e ports
|
|
#
?
Dec 25, 2023 21:38
|
|
|
last Christmas, you bonded my ports the very next day, gave my bandwidth away this year, to save me from tears I'm GPON with someone special
|
|
#
?
Dec 25, 2023 22:57
|
|
|
if you're ok with used enterprise stuff, Ruckus networks has pretty good APs and switches. for the APs they have an "unleashed" firmware branch which removes the need for a dedicated controller. they skipped wifi 6e though, and not much in the ways of used R770s (their wifi 7 AP) floating around for decent prices yet if you needed anything in the 6GHz band.
|
|
#
?
Dec 26, 2023 00:11
|
|
|
https://mastodon.social/@hanno/111652849296151306 posted:Security vulnerabilities in Antivirus software are no big deal, right? I mean, they never get exploited for real, right? Like this one, where Barracuda just ran a random, unaudited perl library with eval in it as part of its Antivirus, and then some malware used it. That's basically a non-issue some infosec people like to overblow because they don't like AVs. https://a2mi.social/@peterhoneyman/111653420798720533 posted:@hanno i visited the ann arbor office of barracuda a long time ago. i knew that they had a way to remotely login to their customers’ servers and i asked where the private keys were stored. my escort pointed at a workstation in the large open office. sometimes i would stop in front of their big plate glass window on maynard st. and stare at that workstation.
|
|
#
?
Dec 27, 2023 19:05
|
|
|
undocumented registers used to bypass iphone memory protections also quote:
|
|
#
?
Dec 27, 2023 19:53
|
|
|
dang
|
|
#
?
Dec 27, 2023 20:53
|
|
|
and here I just thought all the updates were devs getting those PRs in before the holidays
|
|
#
?
Dec 27, 2023 20:56
|
|
|
apparently kaspersy was a high value target
|
|
#
?
Dec 27, 2023 22:37
|
|
|
why do so many iPhone exploits use NSExpression/NSPredicate stuff? is it just a flexible thing to express an exploit in, or is the query processor itself brittle and vulnerable?
|
|
#
?
Dec 28, 2023 00:29
|
|
|
Subjunctive posted:why do so many iPhone exploits use NSExpression/NSPredicate stuff? is it just a flexible thing to express an exploit in, or is the query processor itself brittle and vulnerable? it's just incredibly flexible. it's a sort of node-based query generator that makes it easy to assemble long complicated expressions at runtime involving a lot of dynamic temporary state, which is a good fit for what an exploit is trying to do anyway I'm really curious how they figured out what the secret registers do. although the circumstantial evidence is that they're a top-tier state actor so for all we know they actually did an espionage on apple or arm and found some old internal documentation everyone had forgotten about
|
|
#
?
Dec 28, 2023 00:36
|
|
|
yeah the register stuff is crazy, I bet there is some hunting going on inside Apple around who knew about that stuff
|
|
#
?
Dec 28, 2023 01:26
|
|
|
the attackers having an outlandish theory that the relatively fresh gpu will have some brittle memory security mechanisms for testing, and lucking into finding documentation for a still-active and forgotten debug interface is my best guess. it's a lot of convenient domain knowledge, but we also don't know the extent of their reverse engineering other than whoever sold/provided this mechanism to the apt targeting kaspersky were willing to part with that crown jewel rather than use it to develop further exploits - so they have a more convenient chain for local development now the apt that targeted kaspersky? what a weird bunch, that's a very aggressive profile to have on (alleged) security researchers. i did joke elsewhere about the target list being mixed up, but i'm used to seeing dissidents targeted with significantly more care. they were escalating up their payload chain using device fingerprinting, uptime, etc so there's no effective throttling happening and no one sitting there thinking it's weird they've partially reinfected this device progressively further up the chain like 20 times. there wasn't a hint of a limit on total infections at a time, or per-device thresholds, or even just doing the attacks every other day. they were pretty tight lipped on the iocs and infrastructure the attackers were actually using, but they also went public with this so they must have figured informing apple would make it obvious the entire campaign got compromised. anyway i've been writing up notes/quick reviews (as i watch) for 37c3 and i'll get around to posting them as the youtube videos come out in daily batches. have a handful of must watches, and some very questionable talks. some are even connected!
|
|
#
?
Dec 28, 2023 02:05
|
|
|
|
| # ? Jun 1, 2024 18:20 |
|
|
Wiggly Wayne DDS posted:
|
|
#
?
Dec 28, 2023 02:16
|
|
