|
people around my workplace have been getting a ton of those, and i have no idea where from. have i been pwned says the common link is a linkedin leak from god knows how long back, but surely linkedin didn't have cleartext/unsalted passwords?
|
#
?
Jan 17, 2019 11:29
|
|
|
|
| # ? May 26, 2024 18:42 |
|
|
Truga posted:but surely linkedin didn't have cleartext/unsalted passwords? Hmm. e: Lol, I thought I remembered reading this No salting at all. Hexyflexy fucked around with this message at 12:01 on Jan 17, 2019 |
|
#
?
Jan 17, 2019 11:37
|
|
|
Truga posted:people around my workplace have been getting a ton of those, and i have no idea where from. have i been pwned says the common link is a linkedin leak from god knows how long back, but surely linkedin didn't have cleartext/unsalted passwords? well, are they getting it for a lovely password then? i should have been in the linkedin leak but had a password that is reasonably hard to force, and have gotten no threatening emails wouldn't be too surprised if plenty of passwords were weak enough to be worth forcing despite salt though
|
|
#
?
Jan 17, 2019 11:42
|
|
|
everyone tells me "no, i only use this lovely password for lovely things like <obscure forum/webapp account>" but lol.
|
|
#
?
Jan 17, 2019 11:58
|
|
|
so how about that big dump https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/ haveibeenpwned says my email is in there but i don't know which password where do i sign up for the blackmail spam
|
|
#
?
Jan 17, 2019 14:22
|
|
|
suffix posted:so how about that big dump "Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. (And yes, fellow techies, that's a sizeable amount more than a 32-bit integer can hold.)" Uh, Troy, about that...
|
|
#
?
Jan 17, 2019 15:37
|
|
|
James Baud posted:"Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. (And yes, fellow techies, that's a sizeable amount more than a 32-bit integer can hold.)" we don't talk about unsigned integers around here also it's referring to a tweet he made earlier where he tried to do count(*) and sql threw an exception
|
|
#
?
Jan 17, 2019 15:39
|
|
|
evil_bunnY posted:how’s the payload delivered? suspicion is some kind of drive-by but since its being processed in-memory from the wire and then nuked actually recovering conclusive evidence is proving difficult
|
|
#
?
Jan 17, 2019 16:59
|
|
|
Wiggly Wayne DDS posted:unfortunately too many people go into the same cycle due to the toxicity, and it's hard for a pushback against toxic culture to happen without majority opinion or you'll be seen as causing drama yourself Flakes on the non-toxic side of the issue don't help matters. I don't follow this stuff on social media enough to remember names, so I don't know who all the insane people are. I stopped going to one conference because each year the keynote speaker would be an old white lady that just talked about how forward, non-toxic, and unbiased she was. Sometimes they'll also have a Native American ancestor, and then tell us a story from their tribe. The one that made me give up on the conference was a lady that took this online test https://implicit.harvard.edu/implicit/ She said she would tell minorities about how high her scores were, after doing the test multiple times until she'd get the score she wanted, some people would get mad and she didn't understand why. The only thing that made things worse was when you get to the Q&A and the both the speaker and the person asking the question are the types that always have to be the last person to speak in a conversation and nobody is willing to step in and stop things when there's that tiny gap before one of them starts talking again. 45 minutes for two people in the audience. I also work in a female dominated industry and it took me awhile to notice how sexist a lot of the men are. I started picking up on it with incidents like a co-worker (female) explaining to a consultant (male) that the idea they have, isn't going to work. The consultant just kept pushing it via email for around a month, until I jumped in and said the same thing as her. Then all of the sudden he magically understood.
|
|
#
?
Jan 17, 2019 17:22
|
|
|
chemosh6969 posted:Flakes on the non-toxic side of the issue don't help matters. I don't follow this stuff on social media enough to remember names, so I don't know who all the insane people are. at least it's not steve bannon he was giving a speech about economic opportunities for minorities in tech, presumably that he thought there were too many and should be harder to get
|
|
#
?
Jan 17, 2019 17:31
|
|
|
|
|
#
?
Jan 17, 2019 17:36
|
|
|
chemosh6969 posted:I also work in a female dominated industry and it took me awhile to notice how sexist a lot of the men are. I started picking up on it with incidents like a co-worker (female) explaining to a consultant (male) that the idea they have, isn't going to work. The consultant just kept pushing it via email for around a month, until I jumped in and said the same thing as her. Then all of the sudden he magically understood. I'm going to assume you copied this from reddit.
|
|
#
?
Jan 17, 2019 17:45
|
|
|
quote:I also work in a female dominated industry and it took me awhile to notice how sexist a lot of the men are. I started picking up on it with incidents like a co-worker (female) explaining to a consultant (male) that the idea they have, isn't going to work. The consultant just kept pushing it via email for around a month, until I jumped in and said the same thing as her. Then all of the sudden he magically understood. I bet gbs would love to hear your stories about this
|
|
#
?
Jan 17, 2019 17:52
|
|
|
am i rite
|
|
#
?
Jan 17, 2019 18:05
|
|
|
Hexyflexy posted:I'm going to assume you copied this from reddit. speaking of reddit, there's been quite a few people lately complaining about sextortion emails. The twist is that these threats include proof that someone really has gotten a hold of the victims' homegroan, probably from actually using the compromised credentials
|
|
#
?
Jan 17, 2019 18:08
|
|
|
Employee Falls for Fake Job Interview Over Skype, Gives North Korean Hackers Access to Chile's ATM Network: Report https://gizmodo.com/employee-falls-for-fake-job-interview-over-skype-gives-1831801832 quote:A Redbanc employee found a job opening on LinkedIn for a developer position. After setting up a Skype interview, the employee was then asked to install a program called ApplicationPDF.exe on their computer, trendTIC reports. The program was reportedly explained to be part of the recruitment process and generated a standard application form. But it was not an application form, it was malware.
|
|
#
?
Jan 17, 2019 18:37
|
|
|
chemosh6969 posted:Flakes on the non-toxic side of the issue don't help matters. I don't follow this stuff on social media enough to remember names, so I don't know who all the insane people are. characterizing a philosophy by its most extreme proponents is a ridiculous place to start from. not to mention the people you're dismissing as flakey or toxic have likely taken *a ton* of abuse over the years and have reached appoint where they just can't do anything but be angry when poo poo happens. gently caress, i've been accused a lot of times of being an SJW and being hyper-sensitive and flying off the handle for no reason, and to an extent it's true in the sense that I tend to go from 0-100 really fast when something bothers me and I don't really let up on it, but that's a pretty natural result of 30 years of trauma coupled with an insane uptick in the amount of abuse I started to receive after coming out as trans. so when people start whining about "crazy loud sjws", they're really saying "I tortured you until you couldn't do anything but scream and I think that's your fault".
|
|
#
?
Jan 17, 2019 18:38
|
|
|
BangersInMyKnickers posted:suspicion is some kind of drive-by but since its being processed in-memory from the wire and then nuked actually recovering conclusive evidence is proving difficult
|
|
#
?
Jan 17, 2019 18:56
|
|
|
jit bull transpile posted:so when people start whining about "crazy loud sjws", they're really saying "I tortured you until you couldn't do anything but scream and I think that's your fault". well either that or "this problem doesn't exist/isn't really that bad because i'm not personally affected by it, therefore you're making it up for attention, wouldn't it be better if we all just got along and left the politics out of it???"
|
|
#
?
Jan 17, 2019 19:14
|
|
|
ymgve posted:did organizers wipe it from the whiteboard when they got the report tho, and if so did they do it before or after complaining on twitter It wasn't even a white board, so they couldn't wipe anything away (sec fuckup #2). Instead someone put BrakeingSec podcast stickers on it https://twitter.com/deborahlindseyl/status/1048401909353209856
|
|
#
?
Jan 17, 2019 19:26
|
|
|
Optimus_Rhyme posted:It wasn't even a white board, so they couldn't wipe anything away (sec fuckup #2). Instead someone put BrakeingSec podcast stickers on it my new favorite is the one that just says "hedgehog" 
|
|
#
?
Jan 17, 2019 19:30
|
|
|
jit bull transpile posted:characterizing a philosophy by its most extreme proponents is a ridiculous place to start from. not to mention the people you're dismissing as flakey or toxic have likely taken *a ton* of abuse over the years and have reached appoint where they just can't do anything but be angry when poo poo happens. I'm not saying I'm basing all my things off the extremists. I'm also old and just don't care for social media because it's filled with a lot of extremists that drown out whatever info I'm looking for. Someone taking a test that measures your biases repeatedly to get the score they want, is completely missing the point of the test. I think people trying to be something they aren't are just flakey. I'm also an ally and have a safe space in my office, so I'm not attacking you or anyone else except lovely people. Please don't be mad at me. edit: I'm not saying someone with issues being trans, or whatever they id as, is a flake but anyone that does things like putting their hands on their head to sync up their heartbeat with their head, is a flake for that reason. It doesn't have anything to do with what they id as. chemosh6969 fucked around with this message at 20:26 on Jan 17, 2019 |
|
#
?
Jan 17, 2019 20:15
|
|
|
chemosh6969 posted:anyone that does things like putting their hands on their head to sync up their heartbeat with their head, is a flake for that reason. wait what? is this a thing people do? what does it have to do with anything else?
|
|
#
?
Jan 17, 2019 20:34
|
|
|
flakeloaf posted:homegroan Holy poo poo
|
|
#
?
Jan 17, 2019 20:51
|
|
|
jit bull transpile posted:so when people start whining about "crazy loud sjws", they're really saying "I tortured you until you couldn't do anything but scream and I think that's your fault". lol @ hearing the words "social justice warrior" and attaching a negative valence what does that make you, big boy? the warrior ... against? justice?
|
|
#
?
Jan 17, 2019 21:39
|
|
|
Notorious b.s.d. posted:lol @ hearing the words "social justice warrior" and attaching a negative valence i mean, the phrase sjw was literally created as an insult. it's stupid but that's where it came from. I like to expand the acronym to "social justice wizard" personally
|
|
#
?
Jan 17, 2019 21:52
|
|
|
jit bull transpile posted:i mean, the phrase sjw was literally created as an insult. it's stupid but that's where it came from. can be both wizard and warrior, you need the warrior so your party doesn't get overrun by kobolds
|
|
#
?
Jan 17, 2019 22:02
|
|
|
whoopsie doodle https://twitter.com/fs0c131y/status/1085828997013954560
|
|
#
?
Jan 17, 2019 23:00
|
|
|
Shame Boy posted:wait what? is this a thing people do? what does it have to do with anything else? Based on what interaction I had with her, I'd say it's one of those new age type of things. I grew up in an area full of hippies, new age type stuff, vampires (ugh Anne Rice), white witches (not race white but white magick) and I'm 100% biased against their beliefs. Someone in the LGBT group doesn't phase me at all because that's just how they are. Insane new age stuff is something learned about and decided to go with because it seemed like a good idea. I'm know I have to be in the minority on growing up with stuff like this but I think it's better than being a dude in a MAGA hat.
|
|
#
?
Jan 17, 2019 23:12
|
|
|
chemosh6969 posted:Based on what interaction I had with her, I'd say it's one of those new age type of things. I grew up in an area full of hippies, new age type stuff, vampires (ugh Anne Rice), white witches (not race white but white magick) and I'm 100% biased against their beliefs. Someone in the LGBT group doesn't phase me at all because that's just how they are. Insane new age stuff is something learned about and decided to go with because it seemed like a good idea. I think the disconnect is why are you bringing any of this up in the context of men not being qualified to dismiss women's reports of harassing behavior?
|
|
#
?
Jan 17, 2019 23:16
|
|
|
I really wanna know how many lovely Wordpress pluggins there are that have exactly this same problem
|
|
#
?
Jan 17, 2019 23:18
|
|
|
jit bull transpile posted:I think the disconnect is why are you bringing any of this up in the context of men not being qualified to dismiss women's reports of harassing behavior? I woke up at 4am and just started digging myself a hole? I don't know what I was thinking. I didn't want people to think that just because someone was LGBT, that I instantly assumed they were a flake. I probably get overly defensive when people think I'm toxic like that. chemosh6969 fucked around with this message at 23:44 on Jan 17, 2019 |
|
#
?
Jan 17, 2019 23:41
|
|
|
Shame Boy posted:my new favorite is the one that just says "hedgehog"
|
|
#
?
Jan 17, 2019 23:48
|
|
|
chemosh6969 posted:I woke up at 4am and just started digging myself a hole? I don't know what I was thinking.
|
|
#
?
Jan 17, 2019 23:50
|
|
|
Notorious b.s.d. posted:lol @ hearing the words "social justice warrior" and attaching a negative valence it makes me a big and important burly manly man with a tough outer skin!!! *posts hundreds of tweets about how I’m never buying Gillette again due to a commercial that says “be nice to women”*
|
|
#
?
Jan 18, 2019 01:08
|
|
|
Not a sec-gently caress but on topic as of late, this person SLEEPYCATT had another Minecraft music festival with donations going to the Trevor Project, kind of neat https://minecraft.xxx/. Second festival of theirs I've heard of but there might have been more. Luckily no second life style goons have infiltrated their events yet as far as I know with flying dicks and the like. Unrelated but apparently custom Minecraft servers made tons of money at least as of a couple years ago, from donations and people paying to buy extra items and such. A lot of DDOS attacks at a previous hosting company I worked for were aimed at Minecraft servers, apparently hired by other server operators trying to knock their competition offline. Krebs has been reporting on an increasing number of "booter" providers getting arrested lately, Mirai copycats and the like, darn.
|
|
#
?
Jan 18, 2019 01:49
|
|
|
sadus posted:Luckily no second life style goons have infiltrated their events yet as far as I know with flying dicks and the like. Why in the name of god would you say that to us lot.
|
|
#
?
Jan 18, 2019 02:02
|
|
|
chemosh6969 posted:I woke up at 4am and just started digging myself a hole? I don't know what I was thinking. Maybe stop digging though?
|
|
#
?
Jan 18, 2019 02:04
|
|
|
can we move on? i am tired of bad opinions in here about non-secfuck stuff
Lain Iwakura fucked around with this message at 02:42 on Jan 18, 2019 |
|
#
?
Jan 18, 2019 02:18
|
|
|
|
| # ? May 26, 2024 18:42 |
|
|
the thread title says “security fuckups” not “insecurity fuckups”
|
|
#
?
Jan 18, 2019 02:38
|
|
