|
an internet connected consumer electronics device to protect your internet connected consumer electronics
|
# ¿ Jan 7, 2017 13:41 |
|
|
# ¿ May 5, 2024 19:57 |
|
there's reinventing the wheel and then there's this
|
# ¿ Jan 10, 2017 00:14 |
|
has anyone got any pointers on what to look for when hiring a firm/consultant to do penetration testing? it seems there's a ton of charlatans in the industry. im currently looking at ones that publish their own research and show up at cons rather than simply blogging about things, but would be interested to hear about how this is usually approached.
|
# ¿ Jan 12, 2017 14:25 |
|
arent most luggage locks going to be garbage enough that you can just shim them open anyway
|
# ¿ Jan 14, 2017 17:51 |
|
Captain Foo posted:I am very interested in that hackbunny post, cool stuff!
|
# ¿ Jan 17, 2017 00:11 |
|
was there anything special about october?
|
# ¿ Jan 17, 2017 00:56 |
|
fibre cut talk from a few years back https://www.theguardian.com/world/2011/apr/06/georgian-woman-cuts-web-access quote:An elderly Georgian woman was scavenging for copper to sell as scrap when she accidentally sliced through an underground cable and cut off internet services to all of neighbouring Armenia, it emerged on Wednesday.
|
# ¿ Jan 17, 2017 01:32 |
|
if your phone usually only required a fingerprint to unlock past the first boot/period of non-use, but if it were possible to 'hey siri' it into a state of requiring a pin/password again, would that legally count as obstruction?
|
# ¿ Feb 22, 2017 00:52 |
|
Wiggly Wayne DDS posted:itym SHAvage
|
# ¿ Feb 24, 2017 01:00 |
|
ate poo poo on live tv posted:Supermicro is a shitshow, BUT they are a cheap shitshow. they oem for a gently caress ton of other people though - like about a billion people trying to get into storage market. i don't know how much firmware development happens by those users of supermicro gear, or if the only change they make is to put a different badge on the front.
|
# ¿ Feb 24, 2017 22:08 |
|
re: access fobs, a bunch of the systems work by just reading the serial number off the 125khz token which is shamefully bad. i think the hid systems are actually able to interrogate the card bt they cost more than some apartment developer is going to pay. also fob + pin pad readers should be more common than they are. the card standard in use matters less if you can just smash the reader off the wall and deliver the data straight to the controller, though: http://blog.opensecurityresearch.com/2012/12/hacking-wiegand-serial-protocol.html Thanks Ants fucked around with this message at 01:07 on Feb 28, 2017 |
# ¿ Feb 28, 2017 00:57 |
|
Celexi posted:NICE!
|
# ¿ Feb 28, 2017 22:06 |
|
i once had a discussion with a developer who claimed that he was going to 'bolt the security on at a later date', maybe he works for you guys now?
|
# ¿ Mar 1, 2017 18:30 |
|
cheese-cube posted:i hope that dev is now dead. loving ignorant bastard. it's exactly that attitude which is the cause of all our problems. pissssssss he's still alive and has since become the sort of person who wears odd socks on purpose to prove how laid back he is
|
# ¿ Mar 1, 2017 20:40 |
|
anthonypants posted:cjs: talking to a new lady in marketing who is super concerned that b2b emails from surveymonkey are getting flagged as spam when they're sent to herself. i think they're getting flagged because we don't do javascript in emails and i would very much like to keep that setting the way it is i'd be surprised if surveymonkey emails had javascript in, since their delivery rates would be pretty horrific. can you see them in a message trace? it might be something simple like they're being sent with your domain set as the from, and you have policies in place to drop them if they originate from outside your exchange environment.
|
# ¿ Mar 2, 2017 20:44 |
|
its a lot of effort running around making your environment more vulnerable by hand
|
# ¿ Mar 3, 2017 01:00 |
|
Powerful Two-Hander posted:clever marketing i guess because you'll never forget it
|
# ¿ Mar 3, 2017 22:59 |
|
he's got giuliani and his son or whoever it was so everything will be fine
|
# ¿ Mar 4, 2017 16:41 |
|
spankmeister posted:new thread title pls
|
# ¿ Mar 5, 2017 10:32 |
|
apple does the same thing, fyi http://captive.apple.com/hotspot-detect.html i dont know how often it checks, each time connectivity changes at a guess?
|
# ¿ Mar 8, 2017 15:43 |
|
except for that guys uncle
|
# ¿ Mar 13, 2017 21:45 |
|
i think impact mitigation tends to just be checking for credit applications in your name and acting accordingly, take a look at https://www.consumer.ftc.gov/articles/0235-identity-theft-protection-services
|
# ¿ Mar 21, 2017 23:52 |
|
are the 1password apps any good on windows yet?
|
# ¿ Mar 25, 2017 21:32 |
|
ultramiraculous posted:holy lol
|
# ¿ Mar 31, 2017 20:24 |
|
Storysmith posted:also I cannot stop reading that brand name as "slime eye" which is a really crass name for a cervix
|
# ¿ Apr 3, 2017 22:23 |
|
welp https://twitter.com/DEYCrypt/status/852974162138337280
|
# ¿ Apr 14, 2017 21:24 |
|
flosofl posted:A/V continues to be the skid mark in the underwear of Info Sec. less a skid mark, more a full-on brick
|
# ¿ Apr 17, 2017 17:41 |
|
welp https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
|
# ¿ May 12, 2017 15:33 |
|
im imagining the network guys doing a full boris in goldeneye and pulling modems out to stop the hack
|
# ¿ May 12, 2017 15:40 |
|
haveblue posted:breaking: chief of NHS IT authorizes deployment of spike, declares self "invincible" runs at wall, disappears
|
# ¿ May 12, 2017 17:00 |
|
BangersInMyKnickers posted:maximum penetration call me
|
# ¿ May 12, 2017 19:13 |
|
|
# ¿ May 12, 2017 19:51 |
|
https://www.youtube.com/watch?v=CTWwrO9XjaE
|
# ¿ May 12, 2017 19:54 |
|
theres also the possibility that its been on his system for a while and purposely activated today
|
# ¿ May 12, 2017 20:41 |
|
that's great, the act of firewalling the subnet it's on activates it.
|
# ¿ May 12, 2017 20:47 |
|
vOv posted:yeah there exists malware out there that will do nasty poo poo to your BIOS/EFI/ring -2 but i don't think standard ransomware will do it. just swap the drives and you're good i am anal about keeping secure boot on for this reason
|
# ¿ May 12, 2017 22:54 |
|
probably not because they'd know exactly what system you were running and could target it specifically, but for drive-by stuff trying to lodge itself into uefi i can see the uses
|
# ¿ May 12, 2017 23:08 |
|
are they the thinkpads with that auto-loading rootkit in the bios?
|
# ¿ May 12, 2017 23:52 |
|
i just clicked on the first page of this thread and i would like to give more exposure to the content of the first post. it also seems appropriate today.
|
# ¿ May 13, 2017 00:20 |
|
|
# ¿ May 5, 2024 19:57 |
|
comparing writeups of this wannacrypt outbreak to the reports in the press is pretty eye-opening as to how much of it is just pure guesswork or extrapolation way past a point that is rasonable
|
# ¿ May 13, 2017 21:53 |