|
Lain Iwakura posted:
https://twitter.com/loneferret/status/883084028546568192
|
# ¿ Jul 7, 2017 04:08 |
|
|
# ¿ May 18, 2024 03:03 |
|
Phone posted:is this an "oh day"? It's more of an "oh poo poo"
|
# ¿ Jul 12, 2017 14:56 |
|
spankmeister posted:Oh fun fact: the wifi chip in macs is a bcm43xx so it's vulnerable to broadpwn Wasn't that addressed by the security patch just issued within the last week or so for iOS and macOS?
|
# ¿ Jul 28, 2017 17:06 |
|
spankmeister posted:it was, but i think it's interesting because people focus on mobile devices but it's a lot of aiport devices as well It is interesting that the same vulnerability could be leveraged across phones, laptops and desktops. That's an intersection you don't see a lot of.
|
# ¿ Jul 28, 2017 17:12 |
|
ate all the Oreos posted:*squints and examines carefully to try and find anyone who isn't a dude* I think I found the unicorn (that was like a horrifying game of Where's Waldo)
|
# ¿ Jul 30, 2017 02:04 |
|
ate all the Oreos posted:for some reason all the cultist christian ones i've found were for small amounts like $1 But those are the wrong kind of christian. Our kind will get raptured, not those other, wrong ones.
|
# ¿ Aug 1, 2017 04:09 |
|
spankmeister posted:Maybe they think he emptied the bitcoins While in custody?
|
# ¿ Aug 3, 2017 18:26 |
|
Phone posted:popehat's been posting all day? He was given a 12 hour posting ban, thanks to the slap fight he's having with that Texas lawyer/bigot. https://www.popehat.com/2017/08/03/how-i-got-barred-from-posting-on-twitter/
|
# ¿ Aug 4, 2017 07:47 |
|
Trabisnikof posted:https://arstechnica.com/tech-policy/2017/08/security-researcher-who-neutralized-wcry-to-be-released-on-30000-bond/ I'm getting a real vibe of this guy said something stupid and sarcastic online= and the FBI is taking it at face value.
|
# ¿ Aug 5, 2017 08:24 |
|
mdl posted:let it be known that Wiggly Wayne DDS, authority of good posting, has deemed a massive potential security risk for anyone using a mozilla product or a piece of software that depends on ca-certificates unworthy of discussion in the security thread
|
# ¿ Aug 20, 2017 01:18 |
|
Volmarias posted:Are you thinking of Pakistan attempting to null route YouTube BGP hijacks will never not be funny.
|
# ¿ Aug 29, 2017 13:54 |
|
|
# ¿ Aug 30, 2017 20:23 |
|
Trabisnikof posted:https://arstechnica.com/information-technology/2017/08/465k-patients-need-a-firmware-update-to-prevent-serious-pacemaker-hacks/ Isn't there some issue with insulin pumps that's being brushed off by the manufacturer as well?
|
# ¿ Aug 30, 2017 23:04 |
|
BangersInMyKnickers posted:This seems like a pretty comprehensive biometric factor the way apple is doing it through they're betting the farm on this not having some kind of trivial exploit that cannot be easily patched with touchid gone I think the biggest indicator is that it's used to authenticate ApplePay. I'm not saying there's zero chance of there being an unforeseen weakness, but I'm willing to bet all the low-hanging fruit exploits, like photographs or masks, have been addressed.
|
# ¿ Sep 13, 2017 14:29 |
|
flakeloaf posted:yeah whatever happened to that fangled microsoft webcam technology that was supposed to be able to do this Probably what happens to a lot of the nifty stuff MS R&D comes up with. When you leave a controlled lab environment, poo poo gets hard to do.
|
# ¿ Sep 13, 2017 14:40 |
|
Avenging_Mikon posted:What if your eye lids have been removed? Or they use those eye-spreader things to unlock your phone before they bombard you with the Faces of Death series.
|
# ¿ Sep 15, 2017 23:29 |
|
Notorious b.s.d. posted:yeah make sure you tattoo your password underneath your scrote to create a presumption of privacy That taint a good way to store your password.
|
# ¿ Sep 17, 2017 05:58 |
|
Jewel posted:what the fuuuuck, this owns Wow
|
# ¿ Sep 20, 2017 11:43 |
|
https://twitter.com/me_irl/status/911328527248699392
|
# ¿ Sep 22, 2017 21:59 |
|
Shinku ABOOKEN posted:yes. i pranked a guy stupid enough to have iframes allowed in his vbulletin board by changing my sig to a funny iframe and having some script in the frame request the user control panel to change the user sig to the same iframe. Shinku ABOOKEN posted:rip geocities. iframe not a thing until 1997. Geocities not a thing until 1994. vBulletin not a thing until 2000. But yeah, you totally did xss in 1990 EDIT: Had to look it up, but HTML WAS NOT A THING UNTIL 1993 (at least in terms of the first draft of how we know it) Proteus Jones fucked around with this message at 02:37 on Sep 23, 2017 |
# ¿ Sep 23, 2017 02:34 |
|
Shinku ABOOKEN posted:he said the 90s of which 1997 or whatever belongs. also i am pretty sure vbulletin existed before that. OK, misread I get it. I was just like "Wha? WTF is he on about?"
|
# ¿ Sep 23, 2017 02:38 |
|
There was a whole bunch of people who are responsible for this, you lying sack. Trying to pin this on ONE person is lovely.
|
# ¿ Oct 4, 2017 00:40 |
|
LOL
|
# ¿ Oct 5, 2017 16:30 |
|
EssOEss posted:2015 were different times. Yes, they are super secure now. https://twitter.com/EclipsingR/status/917135137971822592
|
# ¿ Oct 9, 2017 13:41 |
|
ate all the Oreos posted:they were emailed the password Come now, I'm sure they had the standard disclaimer in the footer that if the person wasn't the intended recipient to delete the message. No one disregards those.
|
# ¿ Oct 9, 2017 16:31 |
|
http://www.zdnet.com/article/secret-f-35-p-8-c-130-data-stolen-in-australian-defence-contractor-hack/quote:In November 2016, the Australian Signals Directorate (ASD) was alerted by a "partner organisation" that an attacker had gained access to the network of a 50-person aerospace engineering firm that subcontracts to the Department of Defence.
|
# ¿ Oct 11, 2017 16:25 |
|
Well, poo poo; I was going to post that.quote:In May credit reporting service Equifax's website was breached by attackers who eventually made off with Social Security numbers, names, and a dizzying amount of other details for some 145.5 million US consumers. For several hours on Wednesday the site was compromised again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors' computers with adware that was detected by only three of 65 antivirus providers.
|
# ¿ Oct 12, 2017 15:48 |
|
hackbunny posted:I have google authenticator on my iphone 1Password will also generate OTP for Google Auth as well. I would imagine Keypass can as well.
|
# ¿ Oct 14, 2017 23:51 |
|
anthonypants posted:idgi Marriott got hit with a $600,000 fine by the FCC for knocking customer's personal hotspots out of the air because they wanted to force conferences using their facilities to use their Guest connections (which they charged for) using wireless IPS. While you *can* use deauth/disassoc packets to maintain your wireless security, you have to be really, really sure what you're knocking off the air. The FCC takes a real dim view of interfering with unlicensed spectrum and can hit with up to $50K per occurrence. It was only a matter of time. I know for a fact Marriott was advised to NOT do what they ended up doing by people who knew the minefield of using de-auth as a defensive measure. e; poo poo. fb. Proteus Jones fucked around with this message at 05:49 on Oct 16, 2017 |
# ¿ Oct 16, 2017 05:47 |
|
cheese-cube posted:i use WPA2-Enterprise with PEAP at home because lol why not. is that affected by this krackhole dealio or does that only affect TKIP/AES-CCMP? Nope you're affected. Also, who's calling it krackhole? I haven't seen a reference to it outside of here.
|
# ¿ Oct 16, 2017 06:17 |
|
anthonypants posted:there was a github link with the html page it looks like they'll be using for the #branding of this latest exploit gently caress it. It's late, I'm cranky and started tilting windmills.
|
# ¿ Oct 16, 2017 06:21 |
|
cinci zoo sniper posted:thanks, but now to my question, what is aslr and what does it do Adress space randomization. Makes it harder to take advantage of buffer overflows.
|
# ¿ Oct 20, 2017 04:02 |
|
Wiggly Wayne DDS posted:in non-threadshitting news: https://duhkattack.com/paper.pdf Isn't that a pretty old version? I thought FortiOS 5 had been out for years now.
|
# ¿ Oct 24, 2017 00:27 |
|
akadajet posted:lol from the adobe leak AHAHAHAHAHAHAHA
|
# ¿ Oct 30, 2017 21:22 |
|
As secfuck year 2017 approaches a close, jumping up and down from the back of the room waving its arms, Oracle screams "Don't forget about me!" like a kick to dick. http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html quote:This Security Alert addresses CVE-2017-10151, a vulnerability affecting Oracle Identity Manager.This vulnerability has a CVSS v3 base score of 10.0, and can result in complete compromise of Oracle Identity Manager via an unauthenticated network attack.
|
# ¿ Nov 2, 2017 11:23 |
|
Lightbulb Out posted:is lastpass the bad one? Yes
|
# ¿ Nov 2, 2017 18:11 |
|
duTrieux. posted:no s/he didn't quote:“We have learned that this was done by a Twitter customer-support employee who did this on the employee’s last day. We are conducting a full internal review,” Twitter said in a tweet late on Thursday. Sounds deliberate to me.
|
# ¿ Nov 3, 2017 17:21 |
|
Lol. Shitter forTwitter. That's funny. Personally, I like Micro$soft. That's instead of Microsoft if you didn't know.
|
# ¿ Nov 3, 2017 17:32 |
|
|
# ¿ May 18, 2024 03:03 |
|
haveblue posted:what prevents watchdogs from using a non-api scraper to save deleted tweets Probably nothing, but they would scrape a poo poo ton more tweets and be a lot more efficient in general using the API
|
# ¿ Nov 6, 2017 01:47 |