|
lol a little snake bitten after this past fall huh
|
#
?
Feb 5, 2024 05:18
|
|
|
|
| # ? Jun 7, 2024 23:46 |
|
|
should solve the traffic flow problems in the hotel conference areas at least.
|
|
#
?
Feb 5, 2024 05:55
|
|
|
Yeah, and not having to leave the convention to go see some villages. Personally I'm kinda glad this happened given that the forums was too small to fit everything so it was still all spaced out. Though, no idea what hotel to stay at.
|
|
#
?
Feb 5, 2024 06:31
|
|
|
Optimus_Rhyme posted:Yeah, and not having to leave the convention to go see some villages. yeah this probably blew away everyone's reservations at the caesar's properties. it will be interesting to hear what really happened.
|
|
#
?
Feb 5, 2024 06:49
|
|
|
I’m sure they’re mad about the googley eyes everywhere. anyway Sahara is basically the only real option, or keep the reservation and monorail over
|
|
#
?
Feb 5, 2024 08:13
|
|
|
https://www.wired.com/story/christopher-bouzy-spoutible-race-to-unseat-twitter/ posted:When I had my first extended conversation with Bouzy in early December, Spoutible was just days away from crossing the preregistration threshold. In anticipation of hitting that milestone, he was preparing to announce that he’d have a web-only version of the platform ready for limited testing by mid-January. If all went according to plan, he’d then release a Spoutible app for phones and tablets in the spring. When I said that timeline seemed ambitious, he assured me that the work on the frontend would take only a few weeks. He’d licensed some off-the-shelf code, composed primarily in PHP, that provides a close facsimile of Twitter’s user interface, and he planned to tweak that template to suit his needs. welp https://www.troyhunt.com/how-spoutibles-leaky-api-spurted-out-a-deluge-of-personal-data/
|
|
#
?
Feb 6, 2024 03:17
|
|
|
well it aint called retainable
|
|
#
?
Feb 6, 2024 03:29
|
|
|
koolkal posted:well it aint called retainable 
|
|
#
?
Feb 6, 2024 06:47
|
|
|
aw hell yeah I hope they hack the Tesla tunnels
|
|
#
?
Feb 6, 2024 09:32
|
|
|
https://www.troyhunt.com/how-spoutibles-leaky-api-spurted-out-a-deluge-of-personal-data/ just read it
|
|
#
?
Feb 6, 2024 10:05
|
|
|
eyyy I'm spoutin' ova here
|
|
#
?
Feb 6, 2024 10:22
|
|
|
really the last two thirds of that is totally unsurprising, because once you see the encrypted password you know that the api is just dumping the entire core user record and of course that includes everything else
|
|
#
?
Feb 6, 2024 10:23
|
|
|
rjmccall posted:really the last two thirds of that is totally unsurprising, because once you see the encrypted password you know that the api is just dumping the entire core user record and of course that includes everything else
|
|
#
?
Feb 6, 2024 13:16
|
|
|
Powerful Two-Hander posted:eyyy I'm spoutin' ova here please keep your egg laying to yourself
|
|
#
?
Feb 6, 2024 13:47
|
|
|
evil_bunnY posted:WHAT YEAR IS THIS i understand your confusion as that happening really does nothing to place it in time, one of those where water turns out to be wet.
|
|
#
?
Feb 6, 2024 15:43
|
|
|
Lol that the Spoutible say the leaked data "included email addresses and some phone numbers," and next "decrypted passwords and direct messages were not disclosed." No word about everything in between that was exposed, like everything else. Not exactly honest disclosure IMO.
|
|
#
?
Feb 6, 2024 16:43
|
|
|
I can't believe they named the pii firehose "spoutible"
|
|
#
?
Feb 6, 2024 16:47
|
|
|
Clark Nova posted:I can't believe they named the pii firehose "spoutible" lol
|
|
#
?
Feb 6, 2024 16:47
|
|
|
Clark Nova posted:I can't believe they named the pii firehose "spoutible"
|
|
#
?
Feb 6, 2024 21:22
|
|
|
little bobby spoutable
|
|
#
?
Feb 6, 2024 22:59
|
|
|
spoutible more like spout tables
|
|
#
?
Feb 6, 2024 23:26
|
|
|
rjmccall posted:really the last two thirds of that is totally unsurprising, because once you see the encrypted password you know that the api is just dumping the entire core user record and of course that includes everything else i was kinda impressed that they managed to include the password reset tokens since that's not something you need to have pre-computed and stored in every user record
|
|
#
?
Feb 7, 2024 00:30
|
|
|
this left so much exposed it seems like one of those fake services you make for a white hat hacking class, BUT IT WASN'T
|
|
#
?
Feb 7, 2024 00:38
|
|
|
shackleford posted:i was kinda impressed that they managed to include the password reset tokens since that's not something you need to have pre-computed and stored in every user record They had one fixed password reset token per user?
|
|
#
?
Feb 7, 2024 01:09
|
|
|
Guy Axlerod posted:They had one fixed password reset token per user? That was the weirdest part for me. I can understand how the rest happened, but what the hell was the thinking behind that one?
|
|
#
?
Feb 7, 2024 02:43
|
|
|
yeah that's true a lot of their data design is pretty bizarre even on its own. i wonder if they at least cycle it...?
|
|
#
?
Feb 7, 2024 02:57
|
|
|
Guy Axlerod posted:They had one fixed password reset token per user? here are your ten emergency recovery tokens in case you lose access to your mfa token, don't lose them cause we have the only other copy in the clear on the company's G drive
|
|
#
?
Feb 7, 2024 03:13
|
|
|
clown computing strikes again!
|
|
#
?
Feb 7, 2024 03:17
|
|
|
flakeloaf posted:here are your ten emergency recovery tokens in case you lose access to your mfa token, don't lose them cause we have the only other copy in the clear on the company's G drive "Its safe, after all, its on the internal network!" - Client when I posted all their plaintext keys and passwords from their subversion repo
|
|
#
?
Feb 7, 2024 03:30
|
|
|
CommieGIR posted:"Its safe, after all, its on the internal network!" - Client when I posted all their plaintext keys and passwords from their subverted repo
|
|
#
?
Feb 7, 2024 03:43
|
|
|
https://www.zdnet.com/home-and-office/smart-home/3-million-smart-toothbrushes-were-just-used-in-a-ddos-attack-really/
|
|
#
?
Feb 7, 2024 04:26
|
|
|
you can tell there's a recession because your toothbrush can get root
|
|
#
?
Feb 7, 2024 04:38
|
|
|
rjmccall posted:i wonder if they at least cycle it...? you definitely know the answer to this
|
|
#
?
Feb 7, 2024 04:38
|
|
|
flakeloaf posted:here are your ten emergency recovery tokens in case you lose access to your mfa token, don't lose them cause we have the only other copy in the clear on the company's G drive citrix lol
|
|
#
?
Feb 7, 2024 04:48
|
|
|
HELLOMYNAMEIS___ posted:https://www.zdnet.com/home-and-office/smart-home/3-million-smart-toothbrushes-were-just-used-in-a-ddos-attack-really/ https://cyberplace.social/@GossiTheDog/111886861630650390
|
|
#
?
Feb 7, 2024 04:49
|
|
|
flakeloaf posted:you can tell there's a recession because your toothbrush can get root lmao nice
|
|
#
?
Feb 7, 2024 04:54
|
|
|
rjmccall posted:yeah that's true a lot of their data design is pretty bizarre even on its own. i wonder if they at least cycle it...? apparently upon use, and presumably only upon use lol
in fairness, it would be a waste of resources to both precompute and regularly rotate the tokens
|
|
#
?
Feb 7, 2024 06:17
|
|
|
flakeloaf posted:you can tell there's a recession because your toothbrush can get root
|
|
#
?
Feb 7, 2024 06:17
|
|
|
$job is taking back our physical keys for the main entrance because they've installed a garbage iot lock that works off batteries and bluetooth, and works as a motor that rotates the key inside the existing lock. I assume those eventually crap out in hilarious and predictable ways. that thing rules because once in the locked position it's holding the key inside the lock, so you can get a key in from the outside.
|
|
#
?
Feb 7, 2024 11:36
|
|
|
|
| # ? Jun 7, 2024 23:46 |
|
|
oh man, i fell for it. 
|
|
#
?
Feb 7, 2024 12:22
|
|