|
hi thread, I’m posting this from an unpatched windows xp box with all default ports open because I figure nobody’s going to bother trying to hack those any more, it’s security by reverse psychology
|
#
¿
Dec 26, 2018 23:37
|
|
|
|
| # ¿ May 9, 2024 02:36 |
|
|
I’m hoping a state actor gets there first and patches all the vulns including any 0 days they’re still holding onto. may as well get some value from my taxes even if it means they use me to hack other people or w/e
|
|
#
¿
Dec 26, 2018 23:47
|
|
|
LastInLine posted:you know theres someone else out there for whom it said toyota chevy ford and aston martin and that guy had the same reaction as you well duh, who in their right mind would buy a ford, chevy, or aston martin
|
|
#
¿
Dec 28, 2018 00:44
|
|
|
Jimmy Carter posted:I'm not aware of any Mac AV that's anything other than snake oil which causes kernel panics. Maybe get yourself a Little Snitch license if you want to increase your paranoia. Install software updates, don't disable SIP and that's about it. people would be less inclined to disable sip if apple let you remove their useless shovelware like chess and stocks in any other way (idc how small it is, it prevents me having a nicely organised applications folder and that’s unforgivable)
|
|
#
¿
Dec 31, 2018 14:50
|
|
|
Celexi posted:No threat model, no security bug. This is your last warning. 
|
|
#
¿
Jan 19, 2019 10:55
|
|
|
Shaggar posted:s4b and teams aren't spammed up. skype for business is terrible though secfuck content: they switched us to sfb for our corporate im and everyone hated it so much that now there’s effectively no standard and people just use whatever app they like. but special credit goes to the team that decided using a public app for work stuff would be too insecure, so they set up their own lovely internal webapp chat server thing ... over http
|
|
#
¿
Jan 29, 2019 23:57
|
|
|
that’s the last time aaa tries to give granos a tow
|
|
#
¿
Jan 30, 2019 00:39
|
|
|
Notorious b.s.d. posted:that seems to have actually happened on desktops all the actually useful prgrams i rely on to do worthwhile things are proper desktop apps (although a bunch of them are like java or w/e instead of strictly native) 95% of the horrible corporate poo poo everyone hates and constantly complains about is webapps (the other 5% is poo poo like loving skype for business)
|
|
#
¿
Feb 3, 2019 23:50
|
|
|
salted hash browns posted:dissidents in PRC who use iMessage believing they are private if your plan for plotting against a totalitarian police state starts with "use a chat program that openly and deliberately prioritises convenience over security", then you have bigger problems than icloud backups like, iMessages by default falls back on unencrypted sms if the person you’re chatting with has a poor signal or a non-apple phone. that’s a harmless and well-intentioned feature that by itself makes the app completely unsuitable for dissidents.
|
|
#
¿
Feb 5, 2019 10:10
|
|
|
Mr.Radar posted:lmao, the federal government has awarded a contract to develop a replacement for the DoD's "CAC card" (their ID card with a smart card chip used for authentication on secure computer networks) to... an AI startup. i'm sure this is not be another huge waste of money that will cause endless headaches for the people who have to use it if it ever goes live could have been worse, could have been blockchain
|
|
#
¿
Feb 9, 2019 00:25
|
|
|
VikingofRock posted:luckily we now have std::regex don’t worry, it’s treatable, but you should see your doctor asap
|
|
#
¿
Feb 9, 2019 09:55
|
|
|
I always preferred the nod print path
|
|
#
¿
Feb 14, 2019 11:33
|
|
|
mystes posted:You might be the only person who has ever said this. Also there might be libraries for using it that don't require windows and don't completely suck now, but that wasn't the case when the format was first created. there have been decent libs for xlsx for ages now. then again there were already decent libs for xls. don’t ask me how I know I’ve nearly stopped having flashbacks
|
|
#
¿
Feb 14, 2019 20:22
|
|
|
~Coxy posted:wouldn't say they're decent if you want to do something complicated then you should be doing it in the real programming language you’re clearly already using. excel libraries are for input and output where customers really want to use excel, or where you really just want csv but you know it will only ever be loaded into excel and you want to avoid all the pitfalls of csv imports for these purposes, the existing libraries are surprisingly good
|
|
#
¿
Feb 15, 2019 13:37
|
|
|
Wiggly Wayne DDS posted:no more than any other intel agency, really it'd be cheaper than tapping points and filtering traffic down to interesting targets if they'll pay you to do it themselves the difficulty there is persuading the interesting targets to use the vpn you own. I doubt the nsa actually has much interest in people who just want to block ads or bypass geographic blocks or w/e, and the russian government and isis probably run their own vpns people in like iran or china wanting to use a vpn to bypass govt censorship may be at risk from this kind of attack tho
|
|
#
¿
Feb 16, 2019 19:26
|
|
|
spankmeister posted:Important news: Ghidra has undo. ida pro is dead
|
|
#
¿
Mar 6, 2019 19:43
|
|
|
it looks pretty solid so far, haven't tried anything complicated yet but the decompiler seems to work and it has loving undo and the structure editor isn't a monospaced text monstrosity like something out of the 1970s, and all these things are very promising. it even looks fine allowing for the fact that it's a swing gui with a bazillion toolbars, although maybe i've just been trained by ida to expect all reverse engineering tools to look like rear end. on the downside the control-flow graph stuff doesn't seem to be as well integrated as ida's graph views, and i'm not sure i like the layout algorithm (there's a dropdown for changing this but it only has one option in it, maybe all the good layout algorithms were redacted?) anyway it seems pretty cool and i can't argue with the price, thank you americans for paying for this with your tax dollars and thank you nsa for making something other than mind control satellites
|
|
#
¿
Mar 7, 2019 00:46
|
|
|
LordSaturn posted:keep rear end is good poo poo but not something I want to train my parents to use. have you considered upgrading your parents instead
|
|
#
¿
Mar 8, 2019 20:09
|
|
|
Salt Fish posted:A piece of graph paper, a set of dice, and a personal cypher algorithm for the hand written passwords. step one: buy an enigma
|
|
#
¿
Mar 8, 2019 23:28
|
|
|
the russians used a post-it
|
|
#
¿
Mar 11, 2019 09:53
|
|
|
I just put my passwords in s text file and check it into github. there’s loads of projects on there, what are the odds anyone malicious will ever find mine
|
|
#
¿
Mar 11, 2019 19:50
|
|
|
Volmarias posted:100% sorry fortunately i use defence in depth: all my passwords are camouflaged as perl scripts
|
|
#
¿
Mar 11, 2019 20:04
|
|
|
Lain Iwakura posted:these forums have helped me during my darkest times a few years ago; i am alive because of them. there is a lot of trash on here but it's my trash your posting isn’t that bad buddy
|
|
#
¿
Mar 14, 2019 11:00
|
|
|
Wiggly Wayne DDS posted:the forums would still be serving http-only without him i feel sorry for the guy at the nsa who had to buy an account to carry on reading my posts
|
|
#
¿
Mar 14, 2019 21:19
|
|
|
hal 2020
|
|
#
¿
Mar 15, 2019 19:23
|
|
|
you haven't known true text editor horror until you've heard a colleague utter the words "enterprise textpad license"
|
|
#
¿
Mar 17, 2019 21:56
|
|
|
Krankenstyle posted:lmao if you still have the java runtime on your computer I need it to run a large number of useful java programs, most of which I wrote it doesn’t have unrestricted permission to talk to the network tho
|
|
#
¿
Mar 26, 2019 19:37
|
|
|
pseudorandom name posted:speaking of jre, ghidra got an update today "turned on font antialiasing by default for linux" yup this is authentic government code
|
|
#
¿
Mar 27, 2019 00:17
|
|
|
ftfy
|
|
#
¿
Mar 27, 2019 22:30
|
|
|
offer them inbound x11 instead
|
|
#
¿
Mar 29, 2019 12:25
|
|
|
ate poo poo on live tv posted:Why have persistent storage on a car at all? If the car loses power, wipe everything. but ... then anyone can reset the mileage by unplugging the battery! there's definitely no solution to this problem, please don't waste your time trying to think of one, elon musk is smarter than you
|
|
#
¿
Mar 30, 2019 01:09
|
|
|
but really who will ever need more than 256gb of key? i mean that's really a lot of key! probably it's ok to start reusing key at that point because any attacker will have given up and gone home after the first 128gb or so.
|
|
#
¿
Apr 1, 2019 23:30
|
|
|
i'm gonna fix this entire class of bug with my new crypto-as-a-service startup. no more worrying over whether or not your crypto libraries have unpatched vulnerabilities in them. no more scrabbling around trying to find a trustworthy crypto library in your hipster language of the month. now you just make a simple http request to our web api and our guaranteed-correct implementation returns as many bytes of key stream as you need, computed on the fly in our secure maryland datacenter
|
|
#
¿
Apr 1, 2019 23:53
|
|
|
rjmccall posted:yeah, you can get information in to the system passively that way, but i don’t why a url would be involved i believe there are oracle services such that you specify a url and pay them to put the content of the url somewhere the smart contract can access it this obviously solves none of the actual problems with basing smart contract oracles on urls
|
|
#
¿
Apr 3, 2019 12:40
|
|
|
Cocoa Crispies posted:invite your friends and family to a gender reveal party and it's just a presentation about how gender is a social construct and distinct from biological sex "sex reveal party" sounds like something rather different
|
|
#
¿
Apr 3, 2019 18:16
|
|
|
forums hacked, 1.5m unencrypted genders for sale on dark web
|
|
#
¿
Apr 3, 2019 19:26
|
|
|
flakeloaf posted:something you have and something you are could be two different factors 
|
|
#
¿
Apr 3, 2019 19:50
|
|
|
nonbinary computer
|
|
#
¿
Apr 3, 2019 20:33
|
|
|
pseudorandom posted:Oh boy, I guess you haven't heard of Plaid yet. lol if your online banking uses a web password, rather than a hardware token like banks in first world countries
|
|
#
¿
Apr 4, 2019 19:08
|
|
|
|
| # ¿ May 9, 2024 02:36 |
|
|
you’re probably too dumb to even post your forums password in this thread
|
|
#
¿
Apr 5, 2019 23:11
|
|