|
ate all the Oreos posted:wife just linked me this:
|
# ¿ Jun 26, 2017 23:33 |
|
|
# ¿ May 2, 2024 09:00 |
|
Shaggar posted:tl;dr: the primary benefit of lets encrypt was avoidance of key-reuse and wildcards and now they're gonna end that so w/e. its stupid but i guess just don't use them yourself. the biggest benefit of LE was always easy free ssl certs that auto-renew avoidance of key reuse and wildcards was also good
|
# ¿ Jul 6, 2017 18:25 |
|
why doesnt this guy ever find earthshattering oh-poo poo vulns on like, monday morning or something always like thursday or friday afternoon
|
# ¿ Jul 6, 2017 22:42 |
|
got my poc||gtfo bible today, it looks loving fantastic. time to read a bunch of papers about doing cool poo poo with computers that I'm too dumb to understand
|
# ¿ Jul 22, 2017 01:31 |
|
not actually amazon, just a scammer pretending to be: https://twitter.com/Chris_Vivier/status/890304520105762816
|
# ¿ Jul 26, 2017 21:17 |
|
fishmech posted:corporations have literally existed for hundreds of years. people may, corporations do not, because corporations are not people in some places they are legally people, because those places have braindead laws
|
# ¿ Jul 28, 2017 21:33 |
|
Rufus Ping posted:Well i'm bored in vegas what the gently caress is this post about and why does anyone care
|
# ¿ Jul 30, 2017 04:33 |
|
ShadowHawk posted:Hey everyone, turns out I'm the main culprit of my very own CVE! quote:Instead of parsing an MSI file to get its version number, this code creates a script containing the filename for which a thumbnail should be shown and executes that using Wine. The script is constructed using a template, which makes it possible to embed VBScript in a filename and trigger its execution. why
|
# ¿ Jul 30, 2017 04:36 |
|
BattleMaster posted:I feel like that's an entirely avoidable situation even if you're green or gullible yep however, don't underestimate the number of people who think "what happens in vegas stays in vegas" is a real thing and a good excuse to be terminally stupid
|
# ¿ Aug 1, 2017 06:12 |
|
apparently sales force fired a couple of their security folks at defcon for giving a talk at defcon, because some exec sent them a text half an hour before the talk telling them to abort which they didn't see in time http://www.zdnet.com/article/salesforce-fires-red-team-staffers-who-gave-defcon-talk/
|
# ¿ Aug 10, 2017 03:39 |
|
anthonypants posted:which didn't have anything to do with salesforce specifically, it was just to show off a cool thing they made and were using internally and want to give to the world. it should go over well also they had exec approval since february
|
# ¿ Aug 10, 2017 03:46 |
|
spankmeister posted:My loving god shut the gently caress up about donuts
|
# ¿ Aug 10, 2017 07:16 |
|
ate all the Oreos posted:my man have you heard of the dd command pre:dd if=/dev/👻 of=/dev/sdX bs=4096
|
# ¿ Aug 15, 2017 20:31 |
|
google says amd is vulnerable as well, and also arm: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html?m=1quote:These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running them. rip all modern cpus, i guess e: project zero blog confirms: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html e2: looks like amd is less vulnerable at least? Arcsech fucked around with this message at 00:11 on Jan 4, 2018 |
# ¿ Jan 4, 2018 00:08 |
|
Shifty Pony posted:crossing from the tech bubble thread I mean if your business is literally “operate an obviously illegal unlicensed taxi service” and therefore your threat model explicitly includes law enforcement, this doesn’t seem like that bad a security idea at least until local law enforcement gets wise and just takes bolt cutters to the ISP lines into your building before raiding you and/or decides to prosecute for obstruction
|
# ¿ Jan 11, 2018 23:15 |
|
yeah don’t rely on nordvpn to keep you safe if you’re trying to dodge a government or whatever but if you just want to torrent Linux ISO’s or dodge an overly restrictive firewall or use public WiFi more safely it’s fine also the pre shared key isn’t an issue if you use their app or OpenVPN instead of the trash fire built into old android/windows
|
# ¿ Jan 12, 2018 03:08 |
|
pay-with-bitcoin fuckup results in coinbase and overstock.com giving out bitcoins basically for free: https://krebsonsecurity.com/2018/01/website-glitch-let-me-overstock-my-coinbase/ e: whoops, this is a couple days old, so it might have been posted already. still hilarious
|
# ¿ Jan 12, 2018 19:10 |
|
pseudorandom name posted:Apparently they're actually blindly assuming you can just overwrite the window.u2f property because they're bad at coding and didn't read their own spec. chome is the new internet explorer
|
# ¿ Jan 12, 2018 22:41 |
|
|
# ¿ May 2, 2024 09:00 |
|
Truga posted:you'd need govt sponsored pentesters that continuously hack your poo poo, because that's what they had to do to get food/fire safety laws to work (inspectors showing up at random and closing down your buildings if they don't conform) jail time for ceos/executives in cases where data breaches are deemed sufficiently negligent by an appropriate regulatory body could maybe work except lol that will never ever happen because rich people never face consequences for anything
|
# ¿ Jan 24, 2018 21:46 |