|
Flagrama posted:windows 10 clean install was never free. upgrade from win7/8/8.1 was free and then would activate on your hardware even if you installed again clean. and that upgrade still is free. the 'deadline' was only there to fight procrastination
|
# ¿ Jan 6, 2017 17:06 |
|
|
# ¿ May 5, 2024 12:01 |
|
BangersInMyKnickers posted:I am yet to see a way to shink a virtual disk and actually reclaim the space without spending a huge amount of ops doing it. Growing is no problem and can happen on the fly, you're much better setting smaller disks and dealing with people bumping in to the limits and cleaning up at that point before expanding allocations than letting idiocy or a malfunctioning application brim a drive with garbage which then cascades in to your storage replication and backup sets. in virtualbox at least it's easy to set it so guest OS TRIM commands cause the disk file to shrink.
|
# ¿ Jan 25, 2017 02:06 |
|
chrome thing requires a PIN that you set on the computer, so it's probably secure but I couldn't find any real description of its security when I looked
|
# ¿ Feb 3, 2017 17:42 |
|
Winkle-Daddy posted:MitM SSL strip isn't just about security, it's also about liability. In that regard it does what it needs to. go ahead and MitM if you need to, but doing it on the end device with a self-signed cert seems like a terrible way to get there
|
# ¿ Feb 8, 2017 05:28 |
|
spankmeister posted:Yeah but then you need to know the size of the colliding blocks beforehand because when you add blocks the filesize changes so the preamble changes so the hash changes so you need more/different colliding blocks so the filesize changes so the hash changes etc.. you just set the filesize to 10KB or whatever. once you have the collision you add identical data to both files until the size is right.
|
# ¿ Feb 25, 2017 13:47 |
|
Lutha Mahtin posted:anyone use the Firefox sync feature? supposedly it works the same as a good password manager, where mozilla can't look at your data, but i never investigated it fully I can tell you that it used to generate a random key that required an existing device to participate in authorizing a new device but then they changed it to just use the password https://blog.mozilla.org/services/2014/04/30/firefox-syncs-new-security-model/ it's probably fine if you use a good password? oh amazing, they have conflicting documentation up for both versions https://support.mozilla.org/t5/Sync-and-Save/How-do-I-add-a-device-to-Firefox-Sync/ta-p/21091 https://support.mozilla.org/t5/Sync-and-Save/How-do-I-set-up-Sync-on-my-computer/ta-p/21417
|
# ¿ Mar 12, 2017 01:32 |
|
anthonypants posted:https://twitter.com/cczona/status/846859875854487553 the second sentence on that article sure got mangled. "out of all of them" and then it doesn't say what percent have malware going by https://arstechnica.com/security/2017/01/majority-of-android-vpns-cant-be-trusted-to-make-users-more-secure/ it's a bit over a third but a full 84% screwed up with IPv6 and 66% screwed up with DNS at least a handful seem to be competent.
|
# ¿ Mar 29, 2017 07:37 |
|
Wheany posted:Today in the secfuck thread: "if you suddenly get weird new popups in your browser, be sure to click on them" clicking inside a web page can't really do anything that the web page couldn't already do
|
# ¿ Apr 3, 2017 13:58 |
|
spankmeister posted:Nice way to make yourself not look like an idiot because you had a bog-standard DLL hijacking vulnerability. I don't think there was actually a vulnerability, they were just replacing the DLL inside program files and the signing is more of a "gently caress you" than an increase in security
|
# ¿ Apr 16, 2017 20:57 |
|
infernal machines posted:yeah, there are both. there are two scenarios where one but not both of the required components for IME may be present. the original claim was that this was irrelevant and it was exploitable regardless. the issue is that going by what other people are saying the board support is very common which would imply that a hell of a lot of consumer systems with i5 and i7 processors are vulnerable, maybe even most of them, not the relative rarity you're making it out to be
|
# ¿ May 2, 2017 20:57 |
|
ErIog posted:1password not having Linux support is killing me right now and I think I'm going to just bite the bullet and switch back to Keepass like I was using 9 years ago. there's a very obtuse way of doing it. create a trigger on user interface state change, condition unsaved changes, action save it fits the KeePass ethos of unnecessary extra work to set it up followed by working fine
|
# ¿ May 14, 2017 15:03 |
|
|
# ¿ May 5, 2024 12:01 |
|
vOv posted:i mean i don't see how it'd be any worse, it's not like the source of the light affects how harmful it is the problem is that if the laser stops moving you have an entire screen's worth of brightness focused on a single pixel
|
# ¿ Jun 12, 2017 00:37 |