|
ate all the Oreos posted:wife just linked me this: that extremely rules
|
# ¿ Jun 26, 2017 23:37 |
|
|
# ¿ May 2, 2024 14:01 |
|
Wiggly Wayne DDS posted:eh i never do defcon (nor ever have), rarely anything of value. based on their speaker page for this year there's only a handful of interesting talks, and even then it's just further details of public research (sha-1 collision) yeah they didn't accept my talk but i haven't been to a talk there in over five years (go for contests and the friends you only see once a year)
|
# ¿ Jun 27, 2017 20:52 |
|
https://twitter.com/pinboard/status/879858163478011904
|
# ¿ Jun 28, 2017 04:51 |
|
spankmeister posted:And like Wiggly Wayne DDS said, Petya was a perfectly functional ransomware, there was no reason to make the changes that they did. so wait was there a new legit ransomware attack this week or is petya older and just the non-ransomware targeted at ukraine is new?
|
# ¿ Jun 29, 2017 15:56 |
|
French Canadian posted:Is it called cyber because trump called it cyber in a debate? So now they have to adjust their marketing? sadly no, the MIC has been calling it that for a decade or so because "cyber" sounds cooler to people with stars or stripes on their shoulders than "information" compare "information security" or "information warfare" with "cyber security" or "cyber warfare" also hi5 if you have cyber to wizard installed
|
# ¿ Jul 3, 2017 23:09 |
|
Subjunctive posted:I have a friend in public sector strategic consulting who says the difference between "infosec" and "wizard" in his materials is 5 speaking engagements and $250K/year. yeah fwiw my last two projects have had "wizard" in the name and they've been good and i can afford more index funds and a bigger tithe to splc because of it
|
# ¿ Jul 4, 2017 03:58 |
|
cinci zoo sniper posted:but enough about your yiffing adventures. hasn't been part of mainstream discourse for last decade at least just because a fat orange shithead with holes in his brain got caught using it once last year doesn't make it mainstream
|
# ¿ Jul 4, 2017 12:45 |
|
cinci zoo sniper posted:"once" oh you sweet summer child i got better things to do *plays factorio for six hours*
|
# ¿ Jul 4, 2017 15:06 |
|
seems like a good way to know who even knows what a 0day is is people who call it an "oh-day" vs. "zero day"
|
# ¿ Jul 7, 2017 13:56 |
|
Progressive JPEG posted:I have facebook 2fa enabled with totp/gauth. They still send me sms codes and the sms codes still work. Afaict there's no way to just have totp 2fa. Facebook also supports u2f which is kingshit
|
# ¿ Jul 8, 2017 20:15 |
|
pr0zac posted:Ed: also anyone gonna be in vegas this year? I'm skipping defcon prob but will be down for bsides and then at least til Friday for a work thing I'll be there all week, could probably do lunch or something mid-week before Defcon gets busy
|
# ¿ Jul 10, 2017 12:13 |
|
and if you are stopped and asked to solve riddles about CVVs by a sphinx don't answer them
|
# ¿ Jul 10, 2017 15:19 |
|
ultramiraculous posted:is it the nsa or some other three-letter agency whose procedure for escorted guests involved some sort of an alert to your presence? i know my mom has mentioned having to be followed around with a flashing light or something so the spooks would know to shut up when she left the conference room to pee. I'm pretty sure that's procedure at lots of sites, someone warning about uncleared personnel so people have a chance to clean their desks and lock their screens.
|
# ¿ Jul 14, 2017 11:14 |
|
ate all the Oreos posted:e: i remember for a few years right after 9/11 they had little makeshift sandbag pill boxes set up along the road manned round the clock by military guys with very scary machine guns pointed at the oncoming highway traffic, like not even in the secure areas just along the public highway, that sure was fun yeah i remember hearing that they closed down a1a past patrick afb so if you wanted to get from satellite to cocoa you had to cut through merritt island, and also made it so hard to get on and off pafb that a bunch of good restaurants and also a chinese buffet closed
|
# ¿ Jul 14, 2017 20:49 |
|
ate all the Oreos posted:lol yep i remember that happening, traffic was loving disastrous for a little while, and even after that there was a bunch of uncertainty because whenever the TERRORISMS ALERT LEVEL would go red they'd shut it down again. eventually they reenforced the base enough that that stopped i guess? they probably realized nobody gives a poo poo about patrick except retirees that use their golf course and marina and high schoolers that use their bowling alley
|
# ¿ Jul 14, 2017 21:03 |
|
Sharktopus posted:the schneier crypto textbooks are very good otoh applied crypto and crypto engineering are ancient and you should probably just use NaCL
|
# ¿ Jul 17, 2017 23:34 |
|
Mr SuperAwesome posted:if the doughnuts are expensible, why not just do it daily and get free donuts all the time??? bet they didnt think of that one because then they wouldn't have a ritual to use for punishment in a professional setting
|
# ¿ Jul 19, 2017 15:19 |
|
vOv posted:i don't really know much about ethereum but i think this is what happened: if bitcoin is the intersection of people that don't understand math, don't understand economics, and don't understand encryption, ethereum is all of those plus people that don't understand programming
|
# ¿ Jul 20, 2017 02:44 |
|
lol
|
# ¿ Jul 20, 2017 21:47 |
|
flakeloaf posted:no it's a hungary joke but it's a reach even for me, i just couldn't bring myself to say "ural in trouble now" ah yeah i don' key to the shrek reference usually
|
# ¿ Jul 21, 2017 18:50 |
|
mod saas posted:"people just aren't excited for the future anymore" says man who profits from idiots sticking magnets in their fingers that wipe your hotel key card as you hold it magnets that apparently wear out in a matter of years lol
|
# ¿ Jul 24, 2017 05:33 |
|
Shinku ABOOKEN posted:what does clone proof mean? probably has a challenge/response of some flavor with central verification so you can't just read it once and make a new one
|
# ¿ Jul 24, 2017 13:47 |
|
maskenfreiheit posted:does getting an infection from a piece of metal rubbing around count? yeah that's a good point I'm sure that nobody who works on chipping pets or wage slaves has ever thought about
|
# ¿ Jul 24, 2017 14:34 |
|
spankmeister posted:Hi my name is %s %s %s %s %s %s %s hello segmentation fault ./program my name is AAAA\x4e\xa0\x04\08AAAA\x4e\xa0\x04\08%p%p%p%p%p%1269x%p%hn%420c%hn
|
# ¿ Jul 24, 2017 23:53 |
|
spankmeister posted:Is anyone going to SHA2017? i am, be a nice cool-down from Def con
|
# ¿ Jul 25, 2017 13:45 |
|
Trabisnikof posted:pretty great timeline considering game devs the factorio devs seem uncommonly professional, like they have a proper CI setup and everything
|
# ¿ Jul 26, 2017 22:36 |
|
def con was good but Vegas is bad
|
# ¿ Jul 31, 2017 06:18 |
|
JewKiller 3000 posted:only people from big cities know how to properly ignore this behavior. people from big cities usually hate Vegas because it has bullshit their big cities don't I've lived in Miami for a decade and love Chicago and love New York and vegas is some bullshit because it's full of amateur dipshits from flyoverstan and designed antagonistically
|
# ¿ Aug 1, 2017 06:36 |
|
JewKiller 3000 posted:chicago is freezing, new york is filthy, vegas is fake but that's the point. try california imho California is full of Californians
|
# ¿ Aug 1, 2017 07:02 |
|
anthonypants posted:which didn't have anything to do with salesforce specifically, it was just to show off a cool thing they made and were using internally and want to give to the world. it should go over well idk why this suddenly became news again yesterday but I wouldn't have signed off on something called "meatpistol" either even if it is an anagram of "metasploit"
|
# ¿ Aug 10, 2017 05:59 |
|
Daman posted:I'm glad security doesn't have a gender problem like the rest of tech and their ten page manifestos the language of wizardsec itself is pretty foul: "penetration testing," "exploits," and "owning" are just the first ones i can think of
|
# ¿ Aug 10, 2017 09:56 |
|
anthonypants posted:upguard found a bunch of data from some energy infrastructure company a month ago https://www.upguard.com/breaches/data-leak-pqe spankmeister posted:What's upguard?
|
# ¿ Aug 10, 2017 09:57 |
|
ate all the Oreos posted:is there any VPN provider that's not secretly horrible they're all differently horrible and personal VPNs are just a race to the bottom when they're not self hosted nerd poo poo
|
# ¿ Aug 11, 2017 17:35 |
|
ate all the Oreos posted:ok sure, but that just kicks the can down the road to "which VPS do I trust" yeah and you have to either do some threat modeling or just be a small mostly un-sketchy fish on AWS light sail or digital ocean or something
|
# ¿ Aug 11, 2017 18:03 |
|
Deep Dish Fuckfest posted:who the gently caress connects to an untrusted postgres db? maybe i'm just sheltered or something but gently caress psql -h sql.supermeatboy.com -u uglyburpandfartgame -p foridiots high_scores
|
# ¿ Aug 14, 2017 03:40 |
|
Deep Dish Fuckfest posted:heh, i remember that. although i think it was mysql, which is even more shameful well yeah but regardless a database client should probably not have arbitrary code execution vulnerabilities regardless of if you trust the server (and if you're not using TLS with a cert infrastructure to encrypt your kink, regardless of if you trust the network)
|
# ¿ Aug 14, 2017 12:25 |
|
Migishu posted:I'm going to make a legacy for myself where the FBI and all them will want to get access to all my private files, only to see nothing but hello.jpg as every file on the disk https://www.youtube.com/watch?v=lzAuXuxD0Oo
|
# ¿ Aug 16, 2017 03:36 |
|
Acer Pilot posted:anyone here ever use a yubikey before? kind of wanted one but i saw that 1password doesn't support it. all the time, U2F is the best flavor of 2FA on the web, and you can use it as an ssh key too
|
# ¿ Aug 16, 2017 03:58 |
|
Acer Pilot posted:it seems pretty neat but it looks like you need some adapter to make it work on an ipad. i guess i could use it for actual non-reading-facebook-while-you-poop stuff though. yeah you can't use it with an ipad, but all the stuff i u2f with has totp too i don't have the nfc features because it seems useless anthonypants posted:yubikey 4 also comes in usb-c for some reason some computers only come in usb-c i use some cheap usb-a to usb-c adapters that, just like the yubikey, have survived the wash several times
|
# ¿ Aug 16, 2017 05:23 |
|
|
# ¿ May 2, 2024 14:01 |
|
maskenfreiheit posted:what about .odt? run strings on it and see what pops out
|
# ¿ Aug 18, 2017 20:00 |