|
Migishu posted:i'm the 222 btc fee what, you don't have files valuable enough to pay $200k for a small chance to get them back? (I assume it's supposed to be milliBTC but lol)
|
#
¿
Jan 5, 2017 20:35
|
|
|
|
| # ¿ May 5, 2024 16:40 |
|
|
I totally trust that the general populace that have stoves that flash 12:00 is able to configure their washer with the right address just so it can report when the power goes out
|
|
#
¿
Jan 17, 2017 16:31
|
|
|
but what if you get a 5% discount on your power costs
|
|
#
¿
Jan 17, 2017 17:46
|
|
|
Cocoa Crispies posted:the reason to have a plug on the washer instead of just a box that cuts the power to it is to allow the washer to say "i'm full of wet clothes, cut someone else" so basically the only time it is reasonable to cut power is when the washer is idle gotta chase those 1-5 watt savings
|
|
#
¿
Jan 17, 2017 19:29
|
|
|
only iot devices are conscripted to cyberwar, regular humans are still conscripted to regular war
|
|
#
¿
Jan 19, 2017 16:42
|
|
|
did they add one cve for every time a vulnerable function was called in their code or something, wtf
|
|
#
¿
Jan 30, 2017 08:02
|
|
|
ate all the Oreos posted:Internet Famous SA goons slowbeef & diabeetus have found a fun new security kickstarter: wow, I thought it would be something like the USB condom except it enables the data pins when a passcode is entered, which would be a somewhat useful thing, but this is so much dumber
|
|
#
¿
Jan 30, 2017 19:08
|
|
|
why are slot machines using PRNGs at all - just have a microphone, a temperature sensor or some optical sensor - the lower bits should provide entropy enough for the system, it's not like it needs more than a few byts of RNG for every spin anyway if you're really paranoid, just throw the RNG module into a centralized server or something, the slot machines are probably networked anyway I'm shocked any gambling commission would ever authorize a slot machine that uses any form of PRNG
|
|
#
¿
Feb 6, 2017 23:16
|
|
|
the best way to convince someone you don't have social media accounts is to go into a rant about the virtues of not owning a tv
|
|
#
¿
Feb 12, 2017 13:57
|
|
|
fishmech posted:there's pressed disc copies like for every disc based console, any proof of this? I've never heard about pressed pirate disc copies that work on unmodded consoles, ever
|
|
#
¿
Mar 14, 2017 04:59
|
|
|
EndlessRagdoll posted:dreamcast lets you run wild but that's the only one without some bootsy hacks dreamcast and I think maybe sega saturn and some other consoles from that era can run games on normal burned CDs, so there was no need to press pirate copies there were also some warez compilations on pc that I think were professionally pressed, like https://twilight-cd.com/ but of course for that you don't need to worry about reproducing state of the art copy protection which every playstation, xbox and nintendo console has used
|
|
#
¿
Mar 14, 2017 16:30
|
|
|
fishmech posted:the evidence was that we bought cheap discs for our playstations from a shady shop and some of them had clearly misprinted/misspeeled labels that couldn't have been legit. and they worked fine in unmodified playstations. so do you still own one of those discs? wanna sell?
|
|
#
¿
Mar 14, 2017 19:37
|
|
|
ohgodwhat posted:JFC they cost tens of thousands of dollars, and seemingly having them run all day is a feature? It's like loving audiophile poo poo for cooking i'm totally shocked that a range created by a gas company is using lots of gas
|
|
#
¿
Apr 14, 2017 15:37
|
|
|
but an attacker still have to have some way to execute poo poo on your machine, and if they can do that you're pretty much screwed anyway since they can probably just whip up some visual basic scripting malware in the absence of nvidia drivers geforce experience is still poo poo tho
|
|
#
¿
Apr 21, 2017 16:55
|
|
|
so there's this uber poo poo in the news today https://techcrunch.com/2017/04/23/uber-responds-to-report-that-it-tracked-users-who-deleted-its-app/ apparently I've totally misunderstood how iphone stuff works because I really thought apple had fine grained permissions more like android so if your app wasnt authorized to use poo poo it would fail, but apparently anyone can/could leech identifiable information via IOKit, and would only by prevented by the apple reviewers dilligence? like, quote:“They were dynamically loading IOKit.framework (a private framework), then dynamically loading some symbols from it to iterate through the device registry (also very much forbidden). if your developer TOS says something is forbidden, why the gently caress wouldn't that also be forbidden in the IOS API?
|
|
#
¿
Apr 24, 2017 02:44
|
|
|
Volmarias posted:I'm pretty sure that Apple does automated analysis of your binary and auto rejects you for using forbidden symbols, though I'm not 100% on that. yeah but I mean, I assumed it was something that also happened on the device like "your allowed permissions metadata, which is signed and verified by apple, does not include iokit access, you tried to access iokit, your app will now die and the phone will send a report to apple HQ about how nasty you are" not just "gee willikers I hope this static analysis we run catches all applications that try to do system("rm -rf /")"
|
|
#
¿
Apr 24, 2017 03:00
|
|
|
apseudonym posted:Fingerprinting is complicated and hard to defeat technically while remaining useful. It's one of those things where policy (and policy enforcement) goes far. but apparently iokit is something you could use to get the phone specific identifier, so app devs didn't need to think about doing complicated fingerprinting analytics, only about dodging app review it's totally understandable that it's hard to prevent "classic" fingerprinting where developers gather stuff like ip addresses, cookies, whatever to fingerprint users, but this was apparently a system call on a platform ecosystem that's entirely under apple's control, and their only security up until a few years ago was "please don't do that while we're watching" ymgve fucked around with this message at 03:57 on Apr 24, 2017 |
|
#
¿
Apr 24, 2017 03:54
|
|
|
Munkeymon posted:IDK if Steam even has backup keys - it's been a while since I set it up Yeah, I assume a lot of Steam accounts are getting stolen via keylogging, and if they can run a keylogger on your main PC, they can probably also script some poo poo to disable 2FA after you've logged in.
|
|
#
¿
May 8, 2017 16:26
|
|
|
so does wannacry exclusively spread via smb or were the initial infection points phishing mails? still gonna tell people to be skeptical of all emails, there's a million other malware variants that arrives that way
|
|
#
¿
May 15, 2017 19:06
|
|
|
I don't see why the tabloids even do it in this case - I can't imagine "the life and habits of this malware researcher nerd" is something that even the most avid Daily Mail reader would find interesting
|
|
#
¿
May 21, 2017 02:57
|
|
|
Powerful Two-Hander posted:the guy next to me got 1 mouse click away from putting his credentials into the obvious plaintext webmail phishing scam before going 'hey actually maybe this is one of those tests i heard about....i guess i should report it or something' hmm, maybe people would be more attentive if IT departments held "phishing contests" - if you tell IT about a phishing mail, you'll get a bottle of wine or some poo poo or if there is too much spam, make it a ticket in a lottery or something like that
|
|
#
¿
May 25, 2017 11:10
|
|
|
It is a bit of a hard problem, though. You want the pacemaker to be easy to program, without network downtime or a central point of failure making it impossible to reprogram the device of a patient, a patient that theoretically might come from the other side of the globe and with no previous contact with your hospital. Maybe they could make some two-tier system, where skin contact programming requires no auth, but wireless programming requires some kind of authentication. edit: Reading the article, it seems like programmers already do something like this - requires skin contact programming to read a device key which is then used for wireless programming. The whole article smells a bit of FUD - that 8000 vulnerabilities number makes me suspect they just enumerated third party components used, then summed up all CERT issues for those components, regardless of whether the device in question used a vulnerable version of the component or not. Also, as long as the device isn't connected to a network, I don't see the issue with unencrypted patient data on a device. After all, it's not like physical paper with patient data has any form of encryption either. ymgve fucked around with this message at 21:12 on May 27, 2017 |
|
#
¿
May 27, 2017 21:03
|
|
|
Just read their paper and it's even more stupid there. Oh no, the devices didn't obfuscate the firmware! They didn't strip symbols out of the firmware! They used standard microcontroller CPUs! They point out some real flaws (like hardcoded passwords when the home monitoring devices call home) but it's all buried under a ton of unneccessary fearmongering.
|
|
#
¿
May 27, 2017 21:27
|
|
|
Cocoa Crispies posted:now imagine the programming device being compromised by some internet of poo poo connection too Not sure what my current home reporting device does under the hood but it's not connected to my home internet, and the previous one just used a direct phone connection (complete with loud 28K modem sounds when it connected). I also haven't seen any doctor programming devices being connected via wired networking but there are probably some stupid vendors that make them wifi compatible with all the issues that will cause. To get around the "just crank the power of the transmitter to 1000x" issue, you could probably do some extreme low-latency stuff in the initial handshake - like you'd need to overcome the speed of light if you want to do anything from more than a few inches away.
|
|
#
¿
May 28, 2017 23:58
|
|
|
PCjr sidecar posted:guy with heart problem dies of heart problem doesn't usually get csi cyber called actually one with a pacemaker would probably get a rudimentary private forensic analysis because pacemaker companies are probably really interested in figuring out why their device didn't save the owner
|
|
#
¿
May 29, 2017 01:35
|
|
|
|
| # ¿ May 5, 2024 16:40 |
|
|
a contact lens that's a combined retina scanner and display screen
|
|
#
¿
Jun 11, 2017 12:17
|
|