|
high quality op, op
|
#
¿
Apr 8, 2016 19:51
|
|
|
|
| # ¿ May 22, 2024 17:01 |
|
|
DrPossum posted:effort lurk posting but thanks for reiterating using a password manager. I neglected that forever and finally transitioned over When I switched over I just did a few phases of transition: run your password manager and capture all the existing passwords for a few weeks change weak passwords as you log in to services for a few weeks check the uncommonly used poo poo that still has a weak pass and bite the bullet and spend an hour or two changing all of them helps keep it from being a 8 hour password changing marathon some clients also supposedly can just log in for you and change the passwords so that might be worth trying?
|
|
#
¿
Apr 8, 2016 21:50
|
|
|
Jimmy Carter posted:Speaking of PCI compliance, how's the retail industry handling it these days? I still see tons of places that have new readers, but the EMV slot is taped over? same as always, with copious Business Processes and "oh gently caress the audit is next month lets hide all the poopy"
|
|
#
¿
Apr 8, 2016 21:51
|
|
|
brutal :/ this isn't helping my anti-bureaucracy bias btw
|
|
#
¿
Apr 8, 2016 22:18
|
|
|
ummmmm sure why not
|
|
#
¿
Apr 8, 2016 22:29
|
|
|
whats unique to govt about that?
|
|
#
¿
Apr 8, 2016 22:50
|
|
|
vOv posted:i'm convinced that humans are just extremely bad at large systems with more than a couple hundred people whether it's governmental or corporate have you read systemantics yet? Ur Getting Fatter posted:win 10 home :/ was hoping to not have to shell out for the pro upgrade but if people say it's the only good choice then I guess it's fine. 10 home doesnt even support native fde???? lmfaoooooo
|
|
#
¿
Apr 8, 2016 22:58
|
|
|
I think at this point we know enough generic systems first principles to know what kind of things tend towards robustness on average and what kind of things tend towards instability people just generally want to ignore all that literature as soon as they have some problem thats "too important" like healthcare or social safety
|
|
#
¿
Apr 8, 2016 23:22
|
|
|
you sound confused friend
|
|
#
¿
Apr 8, 2016 23:33
|
|
|
watching the eurozone deal with real american style heterogeneity problems is gonna be great
|
|
#
¿
Apr 9, 2016 00:22
|
|
|
https://max00355.github.io/technopy/deploying-production-flask-applications-with-uwsgi-and-nginx.htmlquote:In this post I will be discussing the how we can deploy a production web application with uWSGI and Nginx. quote:screen uwsgi --socket 127.0.0.1:7070 --processes 5 --module app --callable app quote:production web application quote:uWSGI is written in C and is built for performance. Gunicorn is written in Python thus is slower. I have used both of these technologies in my jobs and I have found that every time uWSGI out performs Gunicorn, and even NodeJS at times.
|
|
#
¿
Apr 9, 2016 04:23
|
|
|
http://www.securityforrealpeople.com/2016/04/arris-motorola-surfboard-modem.html huehuehuehuehuehuehuehuehueuh
|
|
#
¿
Apr 9, 2016 09:59
|
|
|
old as dirt but still startkeylogger level funny
|
|
#
¿
Apr 9, 2016 10:12
|
|
|
I like baud bitches thats my fuckin problem
|
|
#
¿
Apr 9, 2016 20:02
|
|
|
pr0zac posted:oh hey someone else actually got the same tag as me we're both alone together
|
|
#
¿
Apr 9, 2016 20:37
|
|
|
atomicthumbs posted:i hope those farmers sue maxmind into the loving ground same but you and choking
|
|
#
¿
Apr 10, 2016 20:03
|
|
|
little of column A, little of column B
|
|
#
¿
Apr 10, 2016 20:43
|
|
|
why burn good exploits when known old ones will suffice??? seems smart to me but maybe I misunderstood
|
|
#
¿
Apr 10, 2016 20:49
|
|
|
anyone know of any good opsec education resources? classes, texts, stories, anything that's accurate and educational really
|
|
#
¿
Apr 11, 2016 20:49
|
|
|
Rooney McNibnug posted:The gray forums, bicth Loving Africa Chaps posted:Die hard 4.0 Captain Foo posted:@thegrugq thanks? this is about what I figured though, someone needs to research and produce a functional/practical opsec class imo
|
|
#
¿
Apr 11, 2016 22:26
|
|
|
surely, somewhere, some military force has produced a not totally awful basic opsec principles book
|
|
#
¿
Apr 11, 2016 22:27
|
|
|
spankmeister posted:pretty sure there are CIA manuals for that kind of thing yeah I've found some stuff around this, was more just wondering if other people had resources they'd recommend. It seems like most people just kind of do the same thing: throw their hands up in the air and remove well resourced persistent attackers from the threat model
|
|
#
¿
Apr 11, 2016 22:36
|
|
|
Storysmith posted:@thegrugq wasn't a jokepost though yeah I keep up with grugq already 
|
|
#
¿
Apr 12, 2016 01:48
|
|
|
surebet posted:looking for talk recommendations, i listen to a lot of stuff at work and i blew through the usual defcon/shmoocon/black hat stuff in the last couple years I watch a lot of these what kind of stuff are you looking for?
|
|
#
¿
Apr 14, 2016 19:01
|
|
|
wish I could find whatever the gently caress you're talking about
|
|
#
¿
Apr 15, 2016 19:55
|
|
|
https://mackeeper.com/blog/post/217-breaking-massive-data-breach-of-mexican-voter-data wide open mongodb instance on a public aws IP apparently had every mexican votor's info in it
|
|
#
¿
Apr 22, 2016 23:12
|
|
|
how did i misspell voter yowza
|
|
#
¿
Apr 22, 2016 23:24
|
|
|
quote:The goal of the new campaign is to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters. A benefit of the administration's exceedingly rare public discussion of the campaign, officials said, is to rattle the Islamic State's commanders, who have begun to realize that sophisticated hacking efforts are manipulating their data. Potential recruits may also be deterred if they come to worry about the security of their communications with the militant group. "We are dropping cyberbombs," Robert O. Work, deputy secretary of defense said. "We have never done that before."
|
|
#
¿
Apr 25, 2016 22:47
|
|
|
not necessarily a sec fuckup but it makes me giggle: https://code.google.com/p/android/i...%BC%A9%EF%BC%A4
|
|
#
¿
Apr 27, 2016 00:09
|
|
|
ahahahahhaha thats a real manual
|
|
#
¿
Apr 28, 2016 23:30
|
|
|
https://info.publicintelligence.net/MTTP-TacticalChat.pdf
|
|
#
¿
Apr 28, 2016 23:33
|
|
|
im just gonna start quoting parts of this at people in ircquote:(3) Users must realize that based on communications priorities and the tactical
|
|
#
¿
Apr 28, 2016 23:43
|
|
|
|
|
#
¿
Apr 28, 2016 23:51
|
|
|
lots of hand waving and wishful thinking dont get your hopes up thinking you can ever document requirements accurately
|
|
#
¿
Apr 29, 2016 07:47
|
|
|
im the trusted network
|
|
#
¿
May 1, 2016 01:10
|
|
|
Dex posted:*shoves grey into cryptolocker* lol
|
|
#
¿
May 9, 2016 08:02
|
|
|
i tried with united's new lovely multiple choice security question system but all i got back was 500s
|
|
#
¿
May 10, 2016 05:30
|
|
|
 You will need to answer the security questions to your best choice. We conducted a great deal of research into the security issues our customers face and found that the majority of issues can be traced to computer viruses that record typing. We purposely chose to use predefined answers to protect against this keystroke logging. Let us know if you have any trouble processing the request.  Ah, I'm glad you guys did such a great amount of research on this and are trying to protect me. I just realized that I also use keystrokes to enter a password to log in, I didn't realize just how unsafe this was! When do you plan on making multiple choice passwords available? I really don't feel secure now typing in a password.my attempts to talk with united always end in them telling me to call in so they can tell me to gently caress off via phone instead of via twitter
|
|
#
¿
May 10, 2016 08:16
|
|
|
flakeloaf posted:we live on a planet where it's harder to break into a warcraft account than a bank account it's very clear exactly why this is imo
|
|
#
¿
May 10, 2016 19:13
|
|
|
|
| # ¿ May 22, 2024 17:01 |
|
|
http://www.dailydot.com/politics/encryption-crypto-wars-police-indiana-charles-cohen-interview/ there are too many gems in this article to individually quote but rest assured its not a zero-sum article
|
|
#
¿
May 10, 2016 19:35
|
|