|
me, trying to get some NIST references into some documentation. thanks US Government. at least the banner works great with amberpos anyone know of copy of all the NIST documentation?
|
# ¿ Dec 28, 2018 10:08 |
|
|
# ¿ May 8, 2024 19:25 |
|
is that why leap years exist? anyway fixed it with the help of the way back machine, thanks archive.org
|
# ¿ Dec 28, 2018 16:08 |
|
James Baud posted:Junior devs and interns, sometimes people even let them review each other's code without additional oversight. a company I used to work for allows developers to write in any language they please and now they have a bunch of ocaml code in production that nobody understands but the original author, it has been "code reviewed" which means it got an approved label in github every-startup-ever.txt
|
# ¿ Jan 2, 2019 12:52 |
|
yes. yes it is. and also https://twitter.com/HackerGiraffe/status/1080702645051056128 e: they deleted it. admitted to being bad at opsec and hoping nobody would care too much. poop touchers being dumb confirmed geonetix fucked around with this message at 15:45 on Jan 3, 2019 |
# ¿ Jan 3, 2019 12:04 |
|
“hacking” anno 2019 is literally nothing else than looking for an open mongodb or scada port on shodan and hoping for the best e: oh and give it a funky name and logo
|
# ¿ Jan 3, 2019 12:05 |
|
the truth is still that domestic routers are generally terrible even if chromecast wasn't upnping its way onto the world wide web
|
# ¿ Jan 4, 2019 14:39 |
|
because, did you expect anything else? https://twitter.com/doctorow/status/1083444065146789889?s=21
|
# ¿ Jan 11, 2019 08:55 |
|
re SEP im 75% sure it’s just taviso sending them a poc again re bigotry maybe create another generic thread, this is a massive issue in general and lgbt people or women or other minded people on conferences and everywhere else have been harassed greatly and it’s unnecessary and sad and while it’s a valuable discussion it’s not necessarily infosec specific?
|
# ¿ Jan 16, 2019 19:44 |
|
BangersInMyKnickers posted:tavis isn't sending my loving desktops payloads to make the IPS engine throw SEHOP faults and die, this thing is in the wild lmao ok, the 25% it is. do you have samples? I like to toss it into mcafee and other poo poo tier stuff
|
# ¿ Jan 16, 2019 20:15 |
|
Blinkz0rz posted:a product manager literally just asked me if i have any concerns about allowing paid users to upload selenium jars and exes which our product will process the only diplomatic way is to "demo the concept of the system" using kournikova.jps.vbs
|
# ¿ Jan 23, 2019 14:16 |
|
BIGFOOT EROTICA posted:are there any actually good security consulting firms? yes
|
# ¿ Jan 30, 2019 17:36 |
|
BIGFOOT EROTICA posted:would u like to elaborate, im trying to find one thats actually good to consult on a v large project i could, the problem is it’s extremely local. i know the folks personally at some level in the orgs i work with and they haven’t failed to deliver so unless you’re in literally my city or country (NL) I’m not much of a help
|
# ¿ Jan 31, 2019 22:36 |
|
it’s just a shift of approach and I think the big so-many SVs don’t care and just adapt. nothing matters until it affects the bottom line, which security and privacy simply don’t do
|
# ¿ Jan 31, 2019 22:57 |
|
it’s simply the cost of doing business in china and basically any company operating there does this, its much more interesting to ask how isolated the systems are and how much control the companies yielded if anything is morally bankrupt according to anyone’s standards its likely to be much more the chinese government than apple, or bmw, or anyone else operating there
|
# ¿ Feb 4, 2019 11:36 |
|
apseudonym posted:C/C++ should not be used for parsing things. youre right, that’s what regex is for
|
# ¿ Feb 9, 2019 08:30 |
|
Blinkz0rz posted:did you just tell me to go gently caress myself? i believe i did, Blinkz0rz
|
# ¿ Feb 10, 2019 08:58 |
|
not sure if posted before but holy wow https://www.cnet.com/news/chinese-facial-recognition-company-left-database-of-peoples-location-exposed/ https://twitter.com/0xDUDE/status/1095702540463820800 (thread) https://twitter.com/0xDUDE/status/1096099456922148864
|
# ¿ Feb 15, 2019 15:50 |
|
https://text.npr.org
|
# ¿ Feb 17, 2019 13:59 |
|
imagine all those bank accounts with personal details of people (recipients/senders) who did not agree to access
|
# ¿ Feb 18, 2019 18:56 |
|
you can it's probably on an insecure samba share exposed to the internet. just portscan them
|
# ¿ Feb 18, 2019 19:13 |
|
ErIog posted:I have a secfuck question where I'm looking in the mirror and wondering if the secfuck is me. libxml2 works fine with cves in it as long as it’s not used to process input or generate output. so eh yeah patch it
|
# ¿ Mar 8, 2019 16:04 |
|
youre right vim should be default on all systems
|
# ¿ Mar 17, 2019 16:03 |
|
I have a feeling that investigation should be done by a third party instead
|
# ¿ Mar 21, 2019 17:20 |
|
|
# ¿ May 8, 2024 19:25 |
|
well someone is having fun with matrix.org https://github.com/matrix-org/matrix.org/issues
|
# ¿ Apr 12, 2019 09:44 |