|
ate poo poo on live tv posted:I texted my contact at a new york weed delivery service and said I wanted some weed. He texted back "ok, be at <my address> in 45minutes." Then he showed up in about 45 minutes and I bought drugs. Welp that's my story of buying drugs, which has been pretty standard since the early 2000's. that's so 2010, he should have his own app by now
|
# ¿ Apr 12, 2017 01:20 |
|
|
# ¿ May 17, 2024 19:29 |
|
artisanal handcrafted wooden memcpy
|
# ¿ Apr 20, 2017 18:28 |
|
ate all the Oreos posted:you know i always wondered if audiophile bullshit would still work if it weren't some physical thing that the person can hold in their hands and have an emotional $6000 attachment to and i guess i have my answer now audiophile bullshit already works on digital signaling, of course it works on software
|
# ¿ Apr 20, 2017 19:30 |
|
ok now I think this is just a longform joke/troll
|
# ¿ Apr 21, 2017 15:02 |
|
app review isn't source review, they only look at your binary to manually spot check their UI rules. there are automated tests to catch stuff like linking to forbidden symbols, but there are ways around that in objective-c/swift. like, if someone assembles a framework name at runtime and submits it to the dynamic loader you can't tell whether it's a kosher optimization or someone trying to sneak into the private namespace without context. the overall policy is supposed to act as a backstop to this but whenever they reject an overly clever app for "gently caress you and we're not gonna argue about this" there's a huge PR shitstorm so it's become very rare
haveblue fucked around with this message at 16:18 on Apr 24, 2017 |
# ¿ Apr 24, 2017 15:55 |
|
Shaggar posted:I think its probably a policy issue where the API is ok to access but what you do with the results has policy restrictions like "you can query this api to get the device id and here is a list of things you should or should not use it for" well yeah, it's impossible for a simple binary analyzer to determine the full context in which a particular call is made. I'm giving the reason apple doesn't typically have access to that context there are indeed things in the ios api where using them requires that you submit additional documents with your app explaining why you need that feature and what you're using it for, like allowing non-secure HTTP to arbitrary domains
|
# ¿ Apr 24, 2017 17:05 |
|
they do have cross-sandbox communication which they use for app extensions but maybe the overhead is too great to use it for everything
|
# ¿ Apr 24, 2017 18:17 |
|
they've been gradually closing off information sources that could be used for fingerprinting. like, you can no longer get a real UUID for an iphone, the value you can get will be changed if the user does a factory reset or non-unique if the user turned on an extra privacy setting
|
# ¿ Apr 24, 2017 19:13 |
|
CRIP EATIN BREAD posted:im almost positive the number is application specific and each app will get a different id. identifierForVendor is the same for all apps published by the same vendor but not the same for apps from a different vendor. it will also change if the user wipes all your apps off the device and then reinstalls them advertisingIdentifier is the same for all apps and vendors. it will change if the phone is wiped and the user can choose to withhold it (then you get a string of 0s). there are also additional usage rules associated with it that the review team will want to verify that you're following uniqueIdentifier was deprecated and removed a long time ago source: cmd-tabbed to xcode
|
# ¿ Apr 24, 2017 19:26 |
|
ate all the Oreos posted:I've always wondered why 3des can't just be cracked by running the relatively easy crack on normal DES 3 times, it's just DES layered on itself with a different key each time right? Is the problem that you can't tell if you've broken a single layer because the layer below it looks random? done properly, it's exponential, yeah. you have to completely crack the second layer for each potential key at the first layer, and you have to completely crack the third layer for each potential key in the second layer every time you attempt to crack the second layer for a first-layer key
|
# ¿ Apr 25, 2017 16:32 |
|
we considered ourselves to be a powershell culture
|
# ¿ Apr 25, 2017 23:50 |
|
grandfather's exe
|
# ¿ Apr 26, 2017 17:44 |
|
No one pays attention to anything they've seen minor variations on 100 times before
|
# ¿ May 3, 2017 20:44 |
|
cinci zoo sniper posted:how do ipads do children mode then (assuming it exists)? all restrictions are device-wide and there's no concept of multiple logins with differing privilege levels
|
# ¿ May 4, 2017 18:47 |
|
internet of poo poo, eh
|
# ¿ May 7, 2017 03:25 |
|
wait, so this attempts to evaluate as JavaScript all kinds of random content from the internet? the 2017 equivalent of the old +++ATH thing?
|
# ¿ May 9, 2017 03:45 |
|
ate all the Oreos posted:technically i'm supposed to have AV on my mac but I've been told by the head of IT that "you can just install it when the auditors are here and uninstall it afterwards i'm well aware that antivirus is worthless" corporate IT forced me to install an awful AV package that greatly increased build times, so I broke it by messing around in terminal and they got tired of trying to unbreak it (they tried to fix the build time issue themselves a couple of times but it never took)
|
# ¿ May 9, 2017 14:18 |
|
time for some penetration testing
|
# ¿ May 9, 2017 15:13 |
|
James Baud posted:So I didn't read the full report / write-up, but how did they justify calling malicious javascript wormable? it can be triggered by automated inbound data like email bodies, IMs, etc
|
# ¿ May 9, 2017 18:31 |
|
2FA two flush authentication
|
# ¿ May 12, 2017 15:33 |
|
breaking: chief of NHS IT authorizes deployment of spike, declares self "invincible"
|
# ¿ May 12, 2017 16:46 |
|
Chalks posted:Do we actually know that people are getting their poo poo unlocked if they pay up? it's in their best interest to be honest and reliable about unlocking, if there's no faith that paying works everyone will just give up and wipe their systems
|
# ¿ May 13, 2017 23:26 |
|
that is not dead which can eternal buffer
|
# ¿ May 16, 2017 17:49 |
|
sometimes my phone pops the apple pay screen for no obvious reason when I try to unlock it (when walking down the street, sitting in office, or some other situation nowhere near a reader). I always take my finger off the sensor quickly but I'd love to know why it does that. random noise on the right frequency makes it think it should be trying to make contact with something? vvvvv or that, thanks haveblue fucked around with this message at 15:52 on May 17, 2017 |
# ¿ May 17, 2017 15:43 |
|
Cocoa Crispies posted:I'm 100% sure Apple Pay NFC only activates on home button double-press if it's near an active reader offering a transaction it's either automatic or it activates when you rest your finger on the button, not sure which comes first when I use it
|
# ¿ May 17, 2017 18:30 |
|
Cocoa Crispies posted:it needs your fingerprint to unlock the card data well yeah but does it prompt you to do that or wait for you to start either way, no double press needed
|
# ¿ May 17, 2017 18:59 |
|
every time I get a new iphone I clone it off a backup of my previous one this means that the last 3 or 4 phones I've had all have the same name the old apple login UI let you choose which device the 2fa prompt would be sent to but it only showed device name in the list and not type at least once I picked the wrong phone enough times to get locked out for a while
|
# ¿ May 19, 2017 21:49 |
|
apple actually uses 2 different kinds of multifactor auth. they first did what they called two-step verification as a hasty response to a surge in security issues. it was replaced later with proper two-factor authentication once they had time to go back and build it into every supporting device and service. the latter is much nicer and the former I think is the one I had the unidentified phone issue with also the detailed list of phones to remove the old ones is behind a login every time for obvious reasons so once I realized I had hosed up I still had to wait to fix it haveblue fucked around with this message at 17:16 on May 20, 2017 |
# ¿ May 20, 2017 16:58 |
|
Jimmy Carter posted:sometimes when I'm helping people with their iCloud the GeoIP lookup gets it wrong and the person loses their poo poo for and says they're being hacked when they're sent a message going HEY A LOGIN REQUEST HAS BEEN MADE FROM <city 200 miles away> despite being told 'gonna send a confirmation message' seconds earlier. happens if the login device is on a VPN too
|
# ¿ May 20, 2017 20:13 |
|
cinci zoo sniper posted:yes, i like my passwords beautiful and strong, like pittsburgh that's a terrible password, at least capitalize it and add punctuation
|
# ¿ May 23, 2017 15:14 |
|
vOv posted:it's the former, because you can't send jesus over tcp
|
# ¿ May 31, 2017 15:09 |
|
cis autodrag posted:are you a bad enough dude to demand 2 btc from the NHS
|
# ¿ Jun 1, 2017 19:33 |
|
Bulgogi Hoagie posted:heathrow is having major computer problem, wouldn't be surprised if it's related to the wannacry stuff wannacry would have been funny but what actually happened was much, much dumber quote:The Times reports that the datacenter shutdown was triggered by a contractor accidentally switching off the power supply.
|
# ¿ Jun 4, 2017 00:45 |
|
a prominent whiteboard
|
# ¿ Jun 5, 2017 15:56 |
|
made a point to visit bletchley when I went to london, it was awesome I did see the colossus, they also have a bombe haveblue fucked around with this message at 01:27 on Jun 6, 2017 |
# ¿ Jun 6, 2017 01:21 |
|
still waiting for that check from bill gates
|
# ¿ Jun 9, 2017 18:24 |
|
communism bitch posted:how long till i can get linux on a claw hammer about -13 years
|
# ¿ Jun 21, 2017 19:41 |
|
|
# ¿ May 17, 2024 19:29 |
|
*how* do you leak 32TB of data wouldn't that would take weeks to send over a network or occupy a good deal of physical space if you tried to sneakernet it
|
# ¿ Jun 24, 2017 00:54 |