|
Lol
|
#
¿
Jan 5, 2017 21:54
|
|
|
|
| # ¿ May 2, 2024 11:21 |
|
|
flakeloaf posted:if you give your computer, to geeksquad, you are a moron
|
|
#
¿
Jan 6, 2017 00:15
|
|
|
jre posted:https://www.theguardian.com/world/2017/jan/06/russian-hacker-putin-election-alisa-shevchenko quote:Shevchenko specialises in finding so-called “zero-days”, previously undisclosed software bugs that could leave companies vulnerable. “We have not only searched for bugs but exploited them, but only with the customer’s sanction,” she said. She said she never hired anyone she knew to have a criminal background for her companies. Lol yes you only exploited 0-days when your clients said it was ok, but youre pretty sure none were bad guys
|
|
#
¿
Jan 7, 2017 19:02
|
|
|
Browsers have all the information required to determine if fields are visible, even if implementing a solution ends in heuristic whack-a-mole
|
|
#
¿
Jan 9, 2017 05:03
|
|
|
Also it seems like FAU could be technically correct if he means literal CC #s but also have it be possible for name+zip to be accessible by someone other than lowtax
|
|
#
¿
Jan 10, 2017 21:35
|
|
|
Even lowtax's comment that he's never seen "full" CC info doesn't contradict TB's concern (afaik) that someone leaked her name+zip.
|
|
#
¿
Jan 10, 2017 21:38
|
|
|
ate all the Oreos posted:yeah that's my favorite part too, mostly because I know a few turbonerds who do the same poo poo I can see if I was stuck working at a hosting provider I would start poking around to see what I could get away with because I would hate my boss my clients and myself that much
|
|
#
¿
Jan 10, 2017 22:08
|
|
|
Maybe if you get the block chain involved somehow that'll help
|
|
#
¿
Jan 10, 2017 23:56
|
|
|
flosofl posted:The biggest threat to "cyber" is NOT the Russians (or the NSA). Good to see that the one weirdo cutting fiber lines in the SF Bay Area has a pretty dece score with 15
|
|
#
¿
Jan 17, 2017 00:42
|
|
|
ate all the Oreos posted:someone else's washer wouldn't be using power if it wasn't full of clothes though, if the point is to save power you'd want to kill the things using the most power, like during the spin cycle, or someone using the dryer, etc. The other idea is I set the washer to wash my clothes and it can wait 20 minutes to start til after peak or whatever
|
|
#
¿
Jan 17, 2017 19:40
|
|
|
Ur Getting Fatter posted:can't wait for the state-sponsored malware that infects the smartgrid and marks the hottest day of the year as "off-peak". nationwide panic as millions of washers and dryers start their spin cycles simultaneously and bring down the whole grid poo poo you can do that with the regular grid and scada
|
|
#
¿
Jan 17, 2017 20:37
|
|
|
ate all the Oreos posted:im the implication that you'd plan being in a rush 8 hours ahead of time to give your car enough time to charge and not just wake up one morning and notice that you can't get to work today because the power company told your car to wait to charge until tomorrow And the car would wait as long as it could but start charging in time to make the wake up call. I have the strange feeling that device manufacturers will always pick users using their device over the common good. Always. It's just people are already getting paid to shift load so why not get in on the action too Chalks posted:You could make a fridge or freezer defrost over night with a clock. Because 90% of the year it doesn't matter when your fridge cycles the compressor. But for a few hours a year coordinating it can save boatloads in electricity cost The grid is priced by a highest bid is what everyone gets paid system. So when it costs thousands of dollars to turn on some peaker for 10 minutes you're paying that rate to every single powerplant too Trabisnikof fucked around with this message at 21:47 on Jan 17, 2017 |
|
#
¿
Jan 17, 2017 21:44
|
|
|
But yeah smartgrid stuff is also going to be filled with secfucks
|
|
#
¿
Jan 17, 2017 21:53
|
|
|
Do CANBUS next!
|
|
#
¿
Jan 17, 2017 23:35
|
|
|
invision posted:Security Fuckup Megathread: IoT webcams suck, IoT dryers are totally cool though Actually it is IoT vacuums that suck
|
|
#
¿
Jan 18, 2017 00:59
|
|
|
Salt Fish posted:ddos attacks are flatly the most cost effective attack you can conduct, no matter who you are, and they have the bonus of being literally unstoppable if the attack is sufficiently large. Physically cutting the cable is pretty cheap for 100% effectiveness
|
|
#
¿
Jan 20, 2017 03:44
|
|
|
Salt Fish posted:This isn't actually true because while the public internet requires open access, physical controls do not. True you have to rent a backhoe or be like the Bay Area snipper and just know when fiber is above ground
|
|
#
¿
Jan 20, 2017 05:06
|
|
|
Volmarias posted:Never stop please, these are always interesting
|
|
#
¿
Jan 24, 2017 04:52
|
|
|
Powaqoatse posted:it may not be worth it to count on a specific av program unless youre going for a specific target You exploit the AV because you can? No one goes "oh I have an rce but not use it because it's not popular enough." Besides AV vulns often give you system access because AV vendors are so bad
|
|
#
¿
Jan 27, 2017 21:08
|
|
|
My favorite one is where the researcher tried to send the poc to the AV company, but their own corporate AV email system just happily executed the poc and never delivered the email. Edit it was Tavis of course: quote:Project Member Comment 1 by taviso@google.com, May 15 2016 https://bugs.chromium.org/p/project-zero/issues/detail?id=820 Trabisnikof fucked around with this message at 21:13 on Jan 27, 2017 |
|
#
¿
Jan 27, 2017 21:10
|
|
|
DC police had their CCTV system knocked offline for 4 days due to ransomware:quote:Networked digital video recorders have been harnessed for all sorts of ill intent over the past few months, including use in a botnet that disrupted large swaths of the Internet. But a different sort of malware hit the DVRs used by the District of Columbia’s closed-circuit television (CCTV) surveillance system just one week before Inauguration Day. The Washington Post reports that 70 percent of the DVR systems used by the surveillance network were infected with ransomware, rendering them inoperable for four days and crippling the city’s ability to monitor public spaces. https://arstechnica.com/security/2017/01/dc-police-surveillance-cameras-were-infected-with-ransomware-before-inauguration/
|
|
#
¿
Jan 30, 2017 20:53
|
|
|
CommunistPancake posted:...why would it have to be a Photoshop or AI file? why does the file type mean that nobody can connect to the computer and put up their own image / animation / video file? Idk that guy is a digital billboard engineer, better trust him
|
|
#
¿
Jan 31, 2017 08:53
|
|
|
OSI bean dip posted:ayyyyy I AM LIABLE
|
|
#
¿
Jan 31, 2017 22:54
|
|
|
ate all the Oreos posted:what the hell OS are you using where this is the case because i've never seen rm behave like this ever if you have write perms to the directory but don't own all the files is the time that comes up for me
|
|
#
¿
Feb 1, 2017 08:43
|
|
|
cinci zoo sniper posted:isnt social media poo poo only for foreigners, the exXxtreme vetting They demand access to laptops and phones from citizens if you're dark enough
|
|
#
¿
Feb 10, 2017 22:09
|
|
|
flakeloaf posted:wait seriously http://www2.oaklandnet.com/oakca1/groups/police/documents/webcontent/oak063118.pdf
|
|
#
¿
Apr 21, 2017 02:10
|
|
|
Midjack posted:same thing happened to transmission, a popular bittorrent client for macs, a few years ago Also happened to Xcode https://en.wikipedia.org/wiki/XcodeGhost
|
|
#
¿
May 7, 2017 21:47
|
|
|
|
| # ¿ May 2, 2024 11:21 |
|
|
What part of attacking a pacemaker requires nation state level actors?
|
|
#
¿
May 30, 2017 01:13
|
|