|
Shifty Pony posted:did they figure out what it was actually supposed to be? poorly-conceived anti-analysis tech was the prevailing assumption afaik. malware sandboxes typically send stock "yes it exists" replies to dns queries for a bunch of reasons. so you make a request to a bogus domain name that's never gonna be registered, and if dns claims it exists then you're probably in a malware sandbox so you should bail out to avoid leaking your secrets. sounds like a good idea until you notice the kill-switch potential.
|
#
¿
Jun 27, 2017 17:47
|
|
|
|
| # ¿ Apr 29, 2024 01:16 |
|
|
passwords rotated by 360 degrees
|
|
#
¿
Jun 30, 2017 04:14
|
|
|
just lol if you can't do zero-downtime updates
|
|
#
¿
Jul 3, 2017 05:01
|
|
|
Wiggly Wayne DDS posted:there are orgs that get pentested to this degree, mainly ones with nation states after them already While there's a lot of value to "if you've got an exploit against this target, how much lateral movement do you get to non-vulnerable targets, and how quickly is the intrusion identified?", I don't see what you get by using actual 0-days rather than just, say, giving the pentesters local root on a particular box to jump off from.
|
|
#
¿
Jul 7, 2017 11:06
|
|
|
can't wait for the FW: Fw: Fw: FW: Fw: email chains about this
|
|
#
¿
Jul 24, 2017 04:25
|
|
|
It's almost like having the opsec thread as containment for the security-relevant-yet-somewhat-d&dish discussions was actually a good thing
|
|
#
¿
Jul 29, 2017 15:24
|
|
|
maskenfreiheit posted:AMA about using my phone at def con actual 4g coverage, or is someone there running a stingray?
|
|
#
¿
Jul 30, 2017 02:45
|
|
|
Also: the judge said it was void because they overstepped in questioning, and did it for too long (kept it up until midnight instead of stopping at 8pm like the order said). The implication being that if they hadn't done that, it would have been totally legal and the guy would have had no recourse whatsoever.
|
|
#
¿
Aug 3, 2017 04:39
|
|
|
communism bitch posted:I know this is a vague follow-up but if somebody hreaks into the wifi what's the reasonable worst they could do? Cause if it's just boosting free wifi i don't think anybody would care. Can your company computer, when connected to the wifi, access any internal company services? If so, what authentication do those services use?
|
|
#
¿
Sep 22, 2017 09:10
|
|
|
b0red posted:Is MacKeeper now an actual company? I could've swore 5 years ago they were bloatware crap that always side installed itself with things from sourceforge. afaik they're a bloatware company that employs a bunch of security professionals to give their crap a veneer of respectability. their security professionals are actually pretty good.
|
|
#
¿
Sep 22, 2017 15:04
|
|
|
co-opting the language of fascism for petty bullshit was a whole lot funnier before there were literal nazis marching in the street
|
|
#
¿
Oct 15, 2017 01:05
|
|
|
mrmcd posted:The PC gaming master race joke was making fun of stupid pc gamer elitism, it had nothing to do with Trump, but w/e. right, they were about nazis, and co-opting their language for petty bullshit was pretty funny. it's a lot less funny these days, if you're a human being that actually interacts with the world at all.
|
|
#
¿
Oct 15, 2017 01:19
|
|
|
the joke still means literally the same thing it used to mean. it was always a reference to the "aryan master race" idea common in nazi propaganda. the recent resurgence in nazi ideology is what makes it a lot less funny than it used to be.
|
|
#
¿
Oct 15, 2017 01:43
|
|
|
Cocoa Crispies posted:reddit pc gamers were never coöpting the language of fascism this is possibly true.
|
|
#
¿
Oct 15, 2017 01:43
|
|
|
you're thinking of rm -rf / * blows away everything in the current directory
|
|
#
¿
Oct 21, 2017 00:06
|
|
|
the whole situation would be trivially solved with legislation. the phone companies already know who they're going to bill for a call, independent of the actual caller id all you need to do is shuffle liability around to give them an actual incentive to solve it
|
|
#
¿
Oct 30, 2017 23:04
|
|
|
if you could compute the hashes on your own, then the person who's stolen your nudes could do exactly the same thing and figure out how much they need to tweak the image until it no longer matches.
|
|
#
¿
Nov 8, 2017 08:54
|
|
|
BangersInMyKnickers posted:State actors are going to have a field day with that one Well, the ones that didn't have an exploit already will. e: I guess the ones that already have one will be more willing to go ham with it, since it's now less valuable to keep secret.
|
|
#
¿
Nov 8, 2017 23:44
|
|
|
Shinku ABOOKEN posted:the days of unexpected emails are long past. nowadays phishing is super specific. So the anti-phishing exercise is mimicking exactly what a spearphisher targeting your organisation is going to try? This is a bad thing why?
|
|
#
¿
Nov 13, 2017 09:39
|
|
|
in general yes, i'd assume that someone who has an actual employment relationship with a business that digitizes receipts is at least very slightly more trustworthy than an anonymous person visiting the mechanical turk website. like, you can accept these tasks and look at people's receipts and stuff without even logging in.
|
|
#
¿
Nov 26, 2017 06:21
|
|
|
"and what's the big deal with all these companies leaving user data in publicly-accessible s3 buckets? it's not any worse than if the data was only accessible to the outsourcing agency hired to process that data" - fishmech
|
|
#
¿
Nov 26, 2017 06:30
|
|
|
I guess that's one way you can claim to respond quickly to every security email you get.
|
|
#
¿
Nov 29, 2017 03:09
|
|
|
emoji posted:Hasn't utorrent itself explicitly been malware for many years? Maybe he found a vulnerability in 2.4.4 or whatever everyone recommends as "the last version before they crapped it up"
|
|
#
¿
Nov 29, 2017 03:53
|
|
|
If you want people to think you're making a joke you should try being funny.
|
|
#
¿
Nov 30, 2017 01:49
|
|
|
yeah, if you look back at the previous days, it's shaping up to be "print out a colourful christmas tree" or at least, that's what it's going to look like it's done...
|
|
#
¿
Dec 14, 2017 12:15
|
|
|
you need an iot id to sign into an id:iot account
|
|
#
¿
Dec 15, 2017 03:32
|
|
|
The_Franz posted:they didn't directly include anything, but it had so many security holes that for many people it ended up looking like this after 5 minutes: your picture doesn't have bonzi buddy so i don't believe you
|
|
#
¿
Dec 17, 2017 12:15
|
|
|
ate all the Oreos posted:i mean it's just a redirect to other (presumably SSL'd?) information right, what would SSL really get you there An attacker could mitm the shortlink to point to a phishing site.
|
|
#
¿
Dec 20, 2017 05:42
|
|
|
FWIW, all you actually need for that is DNS.
|
|
#
¿
Dec 20, 2017 07:52
|
|
|
Daman posted:to be fair, his first submissions are garbage begbounty style poo poo and probably set the tone for how the engineer would read his future reports "We already knew about this, and we also don't plan to fix it any time soon" is an incredibly bullshit reason to not pay out a bounty.
|
|
#
¿
Dec 24, 2017 20:44
|
|
|
pseudorandom name posted:possibly relevant: https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/ fwiw, this article is "this seemed promising, but didn't end up with any concrete results" it does seem likely that someone found a way to actually leak useful information with this mechanism, but it's not the way described in this article
|
|
#
¿
Jan 2, 2018 02:22
|
|
|
The difference is probably whether or not you're high-level enough that the company would back you up instead of throwing you under the bus.
|
|
#
¿
Jan 2, 2018 20:37
|
|
|
i would venture that most democracies are bad at investigating and punishing crimes of people with money, because if they were good at it the people with money would lobby to make them bad
|
|
#
¿
Jan 3, 2018 06:55
|
|
|
cinci zoo sniper posted:itll be very microsoft for virtualisation security issue to affect windows 10 home. also what articles are you seeing with embargo still up? stuff that lets you leak memory from other vms on the same host also lets you leak memory from just other stuff on your machine, not sure why you'd think that's unusual. there aren't any articles really, people are just reading between the lines.
|
|
#
¿
Jan 3, 2018 10:14
|
|
|
cinci zoo sniper posted:so whom are you leaking your memory to on a local machine? or is it non-vm apps that are leaking? are you one of those templeos proponents who doesn't believe in process isolation or something?
|
|
#
¿
Jan 3, 2018 10:26
|
|
|
then maybe you can figure out on your own why leaking kernel memory to a user-space process is a bad thing
|
|
#
¿
Jan 3, 2018 10:34
|
|
|
were you looking for a tweet of someone saying "thing bad" in 140 characters or less?
|
|
#
¿
Jan 3, 2018 10:39
|
|
|
context switching already trashes your userspace tlb caches, i doubt the new effects from pti are going to be significantly measurable compared to that
|
|
#
¿
Jan 3, 2018 18:41
|
|
|
I guess if you nuked the branch predictor state across security boundaries that would mitigate it? Perhaps make it exportable and importable and let the os kernel switch it out along with the rest of the thread state. So there's probably a reasonable way to design an architecture that still gets the benefits of speculative execution without having it leak information.
|
|
#
¿
Jan 4, 2018 00:29
|
|
|
|
| # ¿ Apr 29, 2024 01:16 |
|
|
James Baud posted:If you're executing arbitrary code to exploit the side channel, you're already 99% of the way to everything that matters in most of the world. most of the world disables javascript?
|
|
#
¿
Jan 4, 2018 04:29
|
|