|
don't know, I mostly just posted it thanks to cyber -> wizard
|
# ? Apr 9, 2015 12:59 |
|
|
# ? Apr 29, 2024 13:14 |
|
spankmeister posted:So the French network TV5Monde got hacked by IS, 11 channels down. e: nah Pinterest Mom fucked around with this message at 15:04 on Apr 9, 2015 |
# ? Apr 9, 2015 15:02 |
|
|
# ? Apr 9, 2015 15:03 |
|
a link to that was tweeted by a Le Monde journalist, but turns out it's a hoax. nvm~
|
# ? Apr 9, 2015 15:05 |
|
lfuckin mao
|
# ? Apr 9, 2015 15:05 |
|
cannot wait to see peerio get breached now...quote:How WhatsApp Needs to Improve Its Encryption yes. please piss on moxie there, nadim. it's not going to lead you down a road of hurt at all
|
# ? Apr 9, 2015 15:10 |
|
also replace whatsapp with ssh and you have the same blog post with the same complaints
|
# ? Apr 9, 2015 15:15 |
|
OSI bean dip posted:also replace whatsapp with ssh and you have the same blog post with the same complaints does ssh not support encryption on some platforms or allow the server to request not having encryption i mean, signal and the corresponding apps for off-brand phones are great, but whatsapp doesn't have the end-to-end "yes everything is encrypted all the time" setup and that's the problem
|
# ? Apr 9, 2015 15:34 |
|
OSI bean dip posted:cannot wait to see peerio get breached now... moxie is a terrible beverage, and consumption of it seems to lead to brain damage
|
# ? Apr 9, 2015 15:36 |
|
OSI bean dip posted:cannot wait to see peerio get breached now...
|
# ? Apr 9, 2015 15:38 |
|
Cocoa Crispies posted:does ssh not support encryption on some platforms or allow the server to request not having encryption openssh allows you to compile with a "none" option and unfortunately there are people who think that it is an okay idea. tbh yeah whatsapp doesn't have end-to-end encryption all the time but nadim's argument is about key exchange and not about encryption, which is why i made the ssh comparison
|
# ? Apr 9, 2015 15:39 |
|
prefect posted:moxie is a terrible beverage, and consumption of it seems to lead to brain damage Moxie seems like an interesting person to spend time with. I liked the most recent story on his blog a bit ago about nearly drowning in San Francisco bay while moving a boat, and his various other exploits jumping trains and such. He has some interesting adventures.
|
# ? Apr 9, 2015 15:42 |
|
Broken Machine posted:Moxie seems like an interesting person to spend time with. I liked the most recent story on his blog a bit ago about nearly drowning in San Francisco bay while moving a boat, and his various other exploits jumping trains and such. He has some interesting adventures. moxie's yachting documentary was cool as poo poo
|
# ? Apr 9, 2015 15:43 |
|
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/ Crapple iBad
|
# ? Apr 9, 2015 15:50 |
|
OSI bean dip posted:moxie's yachting documentary was cool as poo poo It really really does. Not security related, but I'm going to post it here anyways, because its worth a watch. https://vimeo.com/15351476
|
# ? Apr 9, 2015 15:50 |
|
also isn't WhatsApp actually end-to-end, and well designed, just not yet on Android for technical reasons relating to the platform?
|
# ? Apr 9, 2015 15:51 |
|
OSI bean dip posted:cannot wait to see peerio get breached now... hahahaha he has a .computer domain hopefully someday http://nadim.dipshit will work
|
# ? Apr 9, 2015 16:22 |
|
Munkeymon posted:hahahaha he has a .computer domain they're only $185,000 to apply
|
# ? Apr 9, 2015 16:37 |
|
Broken Machine posted:also isn't WhatsApp actually end-to-end, and well designed, just not yet on Android for technical reasons relating to the platform? no its that it will never support the end-to-end on the old symbian and blackberry etc phones because they're literally junk phones
|
# ? Apr 9, 2015 16:44 |
|
Munkeymon posted:hahahaha he has a .computer domain nadim.dipsh.it
|
# ? Apr 9, 2015 16:45 |
|
OSI bean dip posted:cannot wait to see peerio get breached now... quote:The problem here is that WhatsApp won’t even provide an indicator of whether a conversation is encrypted or not: is this actually true because
|
# ? Apr 9, 2015 16:52 |
|
huntér9
|
# ? Apr 9, 2015 17:26 |
|
when i think of tv5 getting hit, i think of this and then it was blamed on isis because reasons
|
# ? Apr 9, 2015 17:30 |
|
du -hast posted:it's me, im the guy who goes to a security conference to pick up women Check this scrub who never goes to security conferences. If you did you'd know there's no women there.
|
# ? Apr 9, 2015 17:30 |
|
Optimus_Rhyme posted:Check this scrub who never goes to security conferences. If you did you'd know there's no women there. he said that's why he goes there, not that he succeeds
|
# ? Apr 9, 2015 17:42 |
|
someone please update the yospos dns to point to the new thread or point to a page which meta refreshes to the new thread thanks
|
# ? Apr 9, 2015 17:50 |
|
spankmeister posted:So the French network TV5Monde got hacked by IS, 11 channels down. They're actually fairly sophisticated from what I understand, and when they're not genocidin' people they're actively trying to keep the infrastructure of the lands they claimed up and running because their entire persona revolves around them being the one true "legitimate" state where all the Muslims have to go by law and life will be fun and happy and great (if you're not one of the people they kill). The reason why we haven't really seen them attacking the west much at all is more to do with their goals - they're not Al Qaeda, they're not trying to attack the "far" enemies. Their main goal right now is to claim land to make themselves more legitimate, and wait for America to come try to kick their asses, at which point they believe it's prophesied that they will win and that particular battle will start down the countdown clock to the apocalypse. The Atlantic did a pretty great write-up on the whole thing here.
|
# ? Apr 9, 2015 17:51 |
|
Munkeymon posted:hahahaha he has a .computer domain hmmm... is funy.computer worth $40...
|
# ? Apr 9, 2015 17:55 |
|
Luigi Thirty posted:they're only $185,000 to apply someone get born on a buy you to check his couch cushions
|
# ? Apr 9, 2015 18:00 |
|
Parallel Paraplegic posted:hmmm... is funy.computer worth $40... I think I paid $30 for it.
|
# ? Apr 9, 2015 18:20 |
|
so i stumbled on this while googling a phone number http://ernie.kcd.com/ the gently caress is this meant to accomplish
|
# ? Apr 9, 2015 18:28 |
|
Aleksei Vasiliev posted:https://manjaro.github.io/expired_SSL_certificate/ lmbo resolve our auth problem by setting your system clock back three days
|
# ? Apr 9, 2015 18:41 |
|
As a Millennial I posted:so i stumbled on this while googling a phone number http://ernie.kcd.com/ some guy had the same idea with IP addresses instead. it's organized in a way that makes you load an entirely new page for every digit/octet or w/e, so part of the broken design is driven by ad impressions
|
# ? Apr 9, 2015 18:44 |
|
"We've gotta go back Marty!!!" "Back where Doc!?!?" "Back, to the FUTURE!!!! to set all the clocks back because our certificate expired" "Ok Doc lets do it!" https://www.youtube.com/watch?v=jrVCUnCxnIk
|
# ? Apr 9, 2015 18:49 |
|
Rufus Ping posted:https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/ I'm the 1.5 year old os apple has decided not to patch.
|
# ? Apr 9, 2015 18:59 |
|
Rahu posted:I'm the 1.5 year old os apple has decided not to patch.
|
# ? Apr 9, 2015 19:05 |
|
OSI bean dip posted:when i think of tv5 getting hit, i think of this https://www.youtube.com/watch?v=K_tq9voHSFM
|
# ? Apr 9, 2015 19:14 |
|
As a Millennial I posted:so i stumbled on this while googling a phone number http://ernie.kcd.com/ there are a ton of crawlers that create "yellow pages"-like listings from addresses & poo poo that they come by. this is noise to make those crawlers pick up bullshit and make internet detectivery harder at least i thnk thats the intention e: yeah reading the page actually says exactly that so i guess i dunno what your question means
|
# ? Apr 9, 2015 19:35 |
|
Rufus Ping posted:https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/ I'm confused, is the exploit just escalating privileges from administrator to root? Or is the bad thing that can happen is someone can write code that can be inadvertently executed to create a backdoor for an attacker to login as the root user? I haven't had a chance to really figure out what's going on here.
|
# ? Apr 9, 2015 21:38 |
|
|
# ? Apr 29, 2024 13:14 |
|
Winkle-Daddy posted:I'm confused, is the exploit just escalating privileges from administrator to root? Or is the bad thing that can happen is someone can write code that can be inadvertently executed to create a backdoor for an attacker to login as the root user? I haven't had a chance to really figure out what's going on here. It can be used to escalate ANY user to root by passing nill to the authenticateUsingAuthorizationSync. It could also be used to create a backdoor, turn on ssh, etc etc etc. Either physical access or running malicious code, but no prompt for password would appear.
|
# ? Apr 9, 2015 21:54 |