Phone posted:

you actually just quarantined the bad discussion, so like the malposts are technically still infecting your system. with this new form of shitposting, you can't take an anti virus approach to these sorts of things and flattening and reinstalling doesn't work.

BangersInMyKnickers posted:

Probably just a random guess. VMware/Hyper-V defaults the OS disk to 40-50gb and encourages you to split that in to other disks for data vols so they can be tiered differently, apply ssd caching, whatever. It's a pretty good giveaway for a VM and potentially an analysis sandbox, especially if you are checking for the disk size and not the volume size since I don't think you can get anything smaller than 60gb ssd's in a normal desktop these days.

As for overhead for thin provisioning, you get a little bit of a write penalty as the virtual disk inflates and writes to new blocks (typically allocated in chunks of a couple MB) but there's not a lot of scenarios where this will have quantifiable impact in most use cases

vOv posted:

http://www.wrdw.com/content/news/Washington-Road-billboard-gets-hacked-shows-curse-words-to-describe-jewelry-412169543.html

https://twitter.com/le_keksec/status/825533000318275585

a redditor posted:

Shhhhh... I'm an engineer for a digital billboard company. Billboards are 100% not hackable. It's all just still images / animations / video files loaded into a playlist. So don't spoil the magic for people who want to believe this is real. If any changes were needed to be made, it would be done off site and saved as a flat image file. It would take too much time for the usually cheap rear end PC in the sign to render a Photoshop or .Ai file every time the sign changes.

Jabor posted:

should have bounced through internic instead, then they could have gone back and deleted the logs afterwards

OSI bean dip posted:

https://np.reddit.com/r/homeautomation/comments/5xa0h1/ring_pro_doorbell_calling_china/deh3gsz/




This is not a non-routable address (106.13.0.0). This is 106.12.0.0/15 owned by Baidu.

code:

    % Information related to '106.12.0.0 - 106.13.255.255'

    inetnum:        106.12.0.0 - 106.13.255.255

    netname:        Baidu

    descr:          Beijing Baidu Netcom Science and Technology Co., Ltd.

    descr:          Baidu Plaza, No.10, Shangdi 10th street,

    descr:          Haidian District Beijing,100080

UDP is a protocol no one uses? Do you mean port 1 (tcpmux)? What exactly happened to your end point (the other host) and why aren't packets just continuing to be sent there, even if they are disregarded on that side?


and

are mutually exclusive statements.

How does a non-routable address make "somewhere across the world" so an "ISP [can] deal with blocking"?

Edit #2

It has now been confirmed by two users that Ring is using a fixed source port, destination, and destination port. This means that Ring is effectively poking a UDP NAT hole that would allow return traffic to traverse the NAT gateway and reach the Ring.

Protocol: UDP

Static source port: 51506

Static destination: 106.13.0.0

Static destination port: 1

In a very theoretical scenario, let's say this transmits periodically (which it does), then this would keep open a NAT translation on your edge router and many common NAT devices will use the same OUTSIDE source port if it isn't already in in use for translation.

Traffic sourced from 106.13.0.0:1 and destined for yourip:51506 would reach the Ring device. Let's now pretend the Ring has a backdoored firmware that is simply waiting for a UDP packet to show up and provide an IP for the next command and control channel. In theory, it would only require 2^32 packets to hit every host on the Internet. You can now simply spray every host with one packet and wait to see who shows up.

I'm going to assume this isn't a backdoored firmware, but it very easily could be and the attack vector looks plausible.

Matt, I think you need to provide a little more information. This isn't adding up.

Truga posted:

i mean, i'm all for people not clicking on random popups, but how do you propose a browser implement a new feature like this?

Mr.Radar posted:

"EFL," tizen's native ui toolkit (borrowed from the enlightenment wm of all places, and, yes, samsung employs the author of enlightenment to work on tizen).

Shaggar posted:

are there any mechanisms for padding out data that's encrypted to prevent this kind of thing?

spankmeister posted:

Guys, I'm looking for that article on eavesdropping on microwave links with satellites. I think I was posted in this thread recently but I went back like 20 pages and couldn't find it. I'd appreciate a repost tia.

cinci zoo sniper posted:

cast iron oven or something https://www.pentestpartners.com/blog/iot-Aga-cast-iron-security-flaw/ i dont even

quote:

AGAs have recently been criticised for their high energy consumption and inefficiency.[2] A small, traditional two-oven AGA running on gas will use approximately 425 kWh per week (22,100 kWh per year; perhaps half that if switched off during the summer months). The average standard gas oven and hob uses 580 kWh during a year, only 2.62% of the AGA's consumption.

hobbesmaster posted:

if you lie to the carrier about what device it is, maybe. you need a certified device to get on their network

akadajet posted:

I thought their job was to collect signals intelligence and to break encryption.

anthonypants posted:

https://twitter.com/tacticalmaid/status/853922324411686912

ohgodwhat posted:

And I don't believe they need that information anyway. They have what they need, the audio signal, from the device plugged into the headphones.

Subjunctive posted:

they don't have to send it back, just send a copy to the device for processing. song recognition is a solved problem, especially if you have a high-quality stream

flakeloaf posted:

wait seriously

A Pinball Wizard posted:

the tweet that started all this was claiming that yes they absolutely do do it

MononcQc posted:

Tinfoil hatters worry about RFID chips tire manufacturers embed in there to track their inventory since they could also be used there.

cinci zoo sniper posted:

doesn't help that i gravitate to cpu-bound games

fishmech posted:

well you could potentially run up a bunch of data overage charges on those accounts, but otherwise it's not going to tell you much. maybe the router's configuration will tell you a little about any vpn or internal network routing they used, but they could also just be used as normal routers

fishmech posted:

here's my suggestion: rig up a solar panel/battery solution to connect them to, deposit them in the middle of a desert next time you're out there, that you know has appropriate carrier coverage, and maybe attach some small device to make sure a heartbeat signal goes out for as long as the devices can get signal and power. see how long it takes for them to be too damaged by weathering to maintain a connection. buy your own cheap prepaid sims to do this instead with the beat up routers and toss the existing cards because those can totally be tracked. i think that'd be neat.

hobbesmaster posted:

do the routers have an at command terminal? no harm in checking if they're registered (at+creg)

Jimmy Carter posted:

https://www.nytimes.com/2017/03/17/arts/design/desert-x-show-things-go-awry-shy-bot-disappears.html

cinci zoo sniper posted:

this reminded me that there literally is a [honeypot] subreddit for fake id stufd

funny Star Wars parody posted:

this is going to justify a lot of AMD fanboy's terrible opinions

funny Star Wars parody posted:

AMD usually is

infernal machines posted:

the article linked last page specifically says it's a vulnerability in the AMT/ME firmware. if your platform doesn't ship with AMT/ME support there is nowhere for that firmware to exist. feature compatibility on ME enabled CPUs does not make the firmware appear on the platform

tl;dr: consumer boards are not affected. enterprise systems should have sccm or similar in place to deploy ME firmware patches as they're made available.

it's bad. it's not the intel apocalypse. "every intel box made in the last 8 years is vulnerable" is not just hyperbole, it's completely inaccurate

infernal machines posted:

fishmech posted:

ok moron: here's what you're not getting. "non consumer" boards are in a lot of "consumer" pcs, because a lot of "consumers" are buying higher end boards meant for environments where the management engine is supported

most likely it'll be a certain kind of gamer idiot who thinks buying workstation/server stuff is needed for games, and then a bunch of people using machines that used to work machines and were actively managed int heir former environment using the management engine functionality.