|
Wiggly Wayne DDS posted:man i wish cert revoc was that effective in practice it is
|
# ¿ Jan 3, 2019 03:50 |
|
|
# ¿ May 9, 2024 18:28 |
|
Captain Foo posted:the most recent versions are html5 and are so much better it still doesn't have all the features of the flash client. also the flash client doesn't work most of the time because of security patches to flash/ie.
|
# ¿ Jan 4, 2019 17:29 |
|
still using the vsphere desktop client while we slowly migrate to clod + hyperv
|
# ¿ Jan 4, 2019 17:33 |
|
ours is pretty old but the client still works with the basic management stuff. there are a bunch of missing features but its fine for getting stuff decommissioned
|
# ¿ Jan 4, 2019 17:42 |
|
we're on 6 and the thick client works fine. again there are certain features that weren't available in the 5.5 vpshere thick client so it cant do those, but everything else works fine.
|
# ¿ Jan 4, 2019 17:46 |
|
BangersInMyKnickers posted:throwing a loose bag of parts at you with limited constraints or guidance that's litterrally the unix philosophy
|
# ¿ Jan 10, 2019 16:09 |
|
CRIP EATIN BREAD posted:unfettered write access to a publicly available display seems like a infosec fuckup imho
|
# ¿ Jan 16, 2019 20:21 |
|
they're correct though. (altho idk if id use gpg)
|
# ¿ Jan 19, 2019 19:45 |
|
oh it sounds like they maybe aren't using a good key and/or aren't using it properly which is a problem.
|
# ¿ Jan 19, 2019 19:50 |
|
just use Authenticode you idiots.
|
# ¿ Jan 19, 2019 19:52 |
|
goddamnedtwisto posted:aiui the problem is if the key doesn't match it tries to check the vlc website for a new key, and then download it (over http of course) sub par open sores tools lead to sub par open sores solutions.
|
# ¿ Jan 19, 2019 19:56 |
|
tbf if ur gonna do common biting like that it doesn't matter how well you protect your key documentation since the folks who would use it can just decode the key from a lock. its really just there to prevent tampering by kids and other casual assholes
|
# ¿ Jan 21, 2019 15:55 |
|
Media Bloodbath posted:https://www.youtube.com/watch?v=7R4CRQpz0Dc they make keys with active elements to make them even harder to copy, but I would be surprised if the manufacturer actually claimed the key was uncopyable.
|
# ¿ Jan 21, 2019 15:57 |
|
how is that even possible?
|
# ¿ Jan 29, 2019 03:41 |
|
oh. I know what it is. gently caress face idiot jonny ives decided he wanted you to see the live video of who was calling you so to make that work it creates the session setup required for the call even if you don't accept. e: whatever code handles the event for adding a new party to the call is probably below the phone ui so theres no checking to see if the user accepted the call. it assumes that because theres an active call the user picked it up even though the UI automatically picked up in order to display the incoming video. Shaggar fucked around with this message at 03:46 on Jan 29, 2019 |
# ¿ Jan 29, 2019 03:42 |
|
Volmarias posted:You mean Google Duo? idk what that is
|
# ¿ Jan 29, 2019 04:12 |
|
pseudorandom name posted:name a federated communication protocol that isn’t spammed up garbage s4b and teams aren't spammed up.
|
# ¿ Jan 29, 2019 15:55 |
|
if the call is being answered at the protocol level to get the inbound video stream and then handed to the UI for display thats even worse.
|
# ¿ Jan 29, 2019 17:49 |
|
the inbound to the recipient of the call I mean. that inbound stream is always connected and its by design because they want to show the caller on the recipient's phone. this means its building a session in the recipient device and whether that session is being accepted without user input by design. The question is if its the phone app/ui accepting the call or if its something at the system level accepting the call and then handing it off to the phone app/ui. Both scenarios here are the device accepting calls without user interaction, but the former makes this somewhat understandable as a bug since its a disconnect between bad UI design (accepting a call without user input) and the system. The later would mean system components are designed to accept inbound calls without user input which is far worse.
|
# ¿ Jan 29, 2019 18:44 |
|
theres the zero lag thing which im sure is a part of it, but theres also the caller-preview thing which is probably the major driver here. Personally I hate it. its not a good user experience cause it instantly makes me think that since I can see them, they can see me (which they can thanks to this bug) plus I don't think theres any notification to the caller that their video is being sent before the recipient picks up.
|
# ¿ Jan 29, 2019 19:26 |
|
lol remember when the web was going to be the future of applications?
|
# ¿ Jan 31, 2019 15:31 |
|
My Linux Rig posted:yep that seemed to come true and tbh it’s achieved a much higher cross platform adoption rate then literally any other gui library except is hasn't since every application of worth is native and simply disabling those apps caused such a massive headache to facebook despite their massive investment in web "apps"
|
# ¿ Feb 1, 2019 16:18 |
|
apple wants them to use official apple analytics so nobody else can get that sweet, sweet data
|
# ¿ Feb 8, 2019 02:19 |
|
i have a ups for my computron and then another ups for my networking gear and its super nice for when some idiot slams his pickup into a pole during a snowstorm
|
# ¿ Feb 14, 2019 17:52 |
|
PDF wasn't open soresed until 2008 and even then it isn't really open because its still largely adobes format. its still to this day a huge pain in the rear end to implement readers and editors for it. Microsoft created a PDF addon to office 2007 because adobe wouldn't let them include it in office by default. Adobe was still making money on acrobat and a pdf capable Word would eliminate acrobats entire market.
|
# ¿ Feb 14, 2019 20:07 |
|
also openxml is great and super easy to use.
|
# ¿ Feb 14, 2019 20:07 |
|
Ive used the official .net lib for it to create word docs and it works fine
|
# ¿ Feb 14, 2019 20:16 |
|
Soricidus posted:there have been decent libs for xlsx for ages now. then again there were already decent libs for xls. don’t ask me how I know I’ve nearly stopped having flashbacks doing doc/xls thru com automation sucks balls but docx/xlsx is gr8 cause its just xml.
|
# ¿ Feb 14, 2019 20:36 |
|
mystes posted:If you're just trying to get around sites that block European IPs because of GPRD or trying to protect your data over public wifi hotspots, you're probably better off just using algo to setup your own VPN on a VM on digitalocean or something. these vpn services are cheaper and easier than setting up your own vpn on some hosting provider. wrt filez, the reporting to isps is 100% automated now so its scrape tracker, send ip to isp, isp blocks you. theres no real human intervention beyond maybe finding the torrent in the first place. content owners aren't gonna bother with trying to sue you anymore, but they'll use your isp against you. of course a vpn isn't gonna protect you from the government, but nothing will.
|
# ¿ Feb 16, 2019 17:56 |
|
cinci zoo sniper posted:other cool strat, especially favoured by multinational banks, is “yeah we’ll pass this to our integration team for API access, but meanwhile we can offer you this data via our secure ftp server” rigmarole that pits you against a gigantic pile of autogenerated RTFs or some other ancient garbage format that has you abandon the affair out of sheer cost/benefit analysis man I wish we could get quality data like that from the healthcare providers we deal with
|
# ¿ Feb 18, 2019 19:12 |
|
geonetix posted:you can it's probably on an insecure samba share exposed to the internet. just portscan them its easy to get, but its in random formats cause they manually add it to excel every week.
|
# ¿ Feb 18, 2019 19:15 |
|
Carbon dioxide posted:Several password managers leave traces of their master password or individually accessed passwords in the Windows 10 memory, sometimes even after they've been locked. Someone with access to the computer could potentially extract those passwords from memory. now lets see excel
|
# ¿ Feb 20, 2019 05:20 |
|
ozymandOS posted:otoh, if the box can unlock its own encryption on boot, so can an attacker while the computer is running other mechanisms are in place to protect the data.
|
# ¿ Feb 26, 2019 22:30 |
|
univbee posted:well that sucks, although so far at least my test run seems to be behaving. i'm not spending all day changing and creating passwords, really all i want is the equivalent of an excel spreadsheet of passwords which needs its own password and 2fa to get into I betchu could do totp in vba. altho access might be more appropriate than excel
|
# ¿ Mar 8, 2019 15:27 |
|
Pryor on Fire posted:how much of a market is there in dns lookups? seems like super valuable data especially if you can combine it with other things all those dns providers are primarily web hosting/ad companies so they 100% have all your other info. a free vpn is just a way to track you across the entire internet instead of the networks in which they are members.
|
# ¿ Apr 2, 2019 14:33 |
|
Shame Boy posted:while on the topic of easy to remember upstream DNS servers, is there any reason not to use the goog's 8.8.8.8 / 8.8.4.4 I think its entirely about how much you want to give that data to goog and give them control over your dns.
|
# ¿ Apr 2, 2019 16:02 |
|
CommieGIR posted:PLCs and most SCADA/Industrial Automation has little to nothing in the way of actual security, and tends to utilize outdated OSs and Software to handle the backend. the problem is one of the big benefits of those systems is realtime monitoring so you need access to that data from outside the control network. this means you cant totally airgap the system and you need to setup some kind of gateway between your control and operations networks. the goal is to limit what can get in and out. remote vendor access for maintenance is a whole other thing and in that case you tell them to pound sand and send someone out. Shaggar fucked around with this message at 15:26 on Apr 3, 2019 |
# ¿ Apr 3, 2019 15:23 |
|
Shame Boy posted:my ISP's local resolver also hijacks not-found domains to display "helpful" TWC used to do this, but it looks like after spectrum bought them they don't anymore? atleast according to that test. I ended up setting 1.1.1.1 and some other server on my unifi gateway and now its like 15 ms faster than my isp for uncached responses!!
|
# ¿ Apr 3, 2019 15:25 |
|
haveblue posted:your gender must be at least eight characters long and contain a number
|
# ¿ Apr 3, 2019 18:18 |
|
|
# ¿ May 9, 2024 18:28 |
|
Celexi posted:gmail, yahoo, microsoft and a few others do Technically for office 365 Microsoft treats reject and quarantine as high scoring spam rather than dropping rejects.
|
# ¿ Apr 7, 2019 03:38 |