|
vOv posted:is this actually true because afaik yes my impression is that atm whatsapp are mostly testing the technology in cooperation with moxie/whisper systems, and are just opportunistically using the (very good) encryption scheme transparently to the user maybe they'll add an indicator to the ui later if they commit to the feature and think users want it i think it's good that they are doing strong encryption by default, and that the axolotl ratchet gets large-scale testing, but i wouldn't rely on it for secure messaging for the above reasons in other moxie news, textsecure has removed encrypted sms support. all encrypted messages must now go via their servers now this is all well and good, and their blog post makes some good points, except they forgot to communicate that to their users. cue the one-star reviews: quote:2.8 update takes away sms support Latest update removes ability to send encrypted sms, you are forced to use their push message service. The reason I got this app was to send encrypted text messages. If you're going to change your service that drastically, at least let your users know. quote:No more SMS encryption Why did you drop sms encryption, and why is it not it the change log? Pretty sneaky, time to move on from this app. drat it, moxie! so predictably, there's now a fork of textsecure that only does sms encryption. not the worst outcome, tbh, so yay, open source?
|
# ? Apr 9, 2015 22:19 |
|
|
# ? Mar 28, 2024 17:59 |
|
fins posted:It can be used to escalate ANY user to root by passing nill to the authenticateUsingAuthorizationSync. Oh, I read up to this point: quote:There’s still a limitation with the exploit code, it only works for users with admin permissions. As I mentioned earlier, almost all OS X users are admin (since OS X users often are single user systems). And missed: quote:But I actually found a way to make it work for all users later crapple indeed.
|
# ? Apr 9, 2015 22:21 |
|
suffix posted:so predictably, there's now a fork of textsecure that only does sms encryption. not the worst outcome, tbh, so yay, open source? maybe they'll gently caress the encryption up like apparently everyone else does
|
# ? Apr 9, 2015 23:34 |
|
Snapchat A Titty posted:there are a ton of crawlers that create "yellow pages"-like listings from addresses & poo poo that they come by. this is noise to make those crawlers pick up bullshit and make internet detectivery harder i think this explanation JawnV6 posted:part of the broken design is driven by ad impressions
|
# ? Apr 9, 2015 23:45 |
|
suffix posted:in other moxie news, textsecure has removed encrypted sms support. all encrypted messages must now go via their servers this kinda blows for people without data plans nghhhh
|
# ? Apr 9, 2015 23:58 |
|
yeah. but encrypting sms is like scrambling your phone calls. sure the contents are not going to be known but they'll know who you texted. it's really just about meta data if encrypted sms is important to someone they'll use that fork
|
# ? Apr 10, 2015 00:05 |
|
https://twitter.com/pent0thal/status/586280487058022400quote:Well, the TV5Monde YouTube channel password was "lemotdepassedeyoutube" In English "thepasswordofyoutube" h bonne idee, tv5monde je suis tres amuse
|
# ? Apr 10, 2015 00:36 |
|
those are passwords behind him btw
|
# ? Apr 10, 2015 00:38 |
|
sacre bleu!
|
# ? Apr 10, 2015 00:45 |
|
OSI bean dip posted:those are passwords behind him btw lol i wonder what kind of production setup they have that's knocked them off the air for so long. apparently they can only air prerecorded stuff atm which makes even less sense
|
# ? Apr 10, 2015 01:00 |
|
OSI bean dip posted:https://twitter.com/pent0thal/status/586280487058022400 wow if this is true then wow wow
|
# ? Apr 10, 2015 01:36 |
|
spankmeister posted:wow if this is true then wow lots of tv companies have been caught out with passwords on display in their offices on live tv. usually it's for entirely internal facing systems though.
|
# ? Apr 10, 2015 01:59 |
|
Nintendo Kid posted:lots of tv companies have been caught out with passwords on display in their offices on live tv. No i believe that but the lemotdepassedeyoutube
|
# ? Apr 10, 2015 02:00 |
|
remember the super bowl password fuckup
|
# ? Apr 10, 2015 02:32 |
|
why would you ever assume that any sort of messaging using a cell phone is "secure" for a very very strident definition of the word
|
# ? Apr 10, 2015 03:40 |
|
burner, imho i hardly know her
|
# ? Apr 10, 2015 03:41 |
|
uncurable mlady posted:why would you ever assume that any sort of messaging using a cell phone is "secure" for a very very strident definition of the word numbers station method over gsm
|
# ? Apr 10, 2015 03:45 |
|
uncurable mlady posted:why would you ever assume that any sort of messaging using a cell phone is "secure" for a very very strident definition of the word because signal ticks 5/6 of the boxes: content & metadata x confidentiality, integrity, availability: content confidential: use a good protocol and a secure software environment like non-jailbroken iOS content integrity: see above content availability: store messages locally, use a reliable and easy to back-up system like non-jailbroken iOS and iTunes encrypted backups metadata confidentiality: you can't do this without sacrificing the real-time nature of particularly compelling channels that people like to use metadata integrity: verify the key phrase signal gives you over a different channel if you care metadata availability: see content availability
|
# ? Apr 10, 2015 06:28 |
|
From CSI: Cyber S1E5 “Crowd Sourced”. Supposedly, this is the source code of a web site that interfaces with a bomb– and more specifically, a “dead man’s switch” that immediately detonates the bomb if any of the code is modified.
|
# ? Apr 10, 2015 06:28 |
|
those quotes are triggering me
|
# ? Apr 10, 2015 06:29 |
|
#DEFINE detonation exit();
|
# ? Apr 10, 2015 06:30 |
|
does 'taken from the headlines' include weekly world news?
|
# ? Apr 10, 2015 06:33 |
|
Nintendo Kid posted:
seems legit
|
# ? Apr 10, 2015 06:43 |
|
Nintendo Kid posted:
|
# ? Apr 10, 2015 06:54 |
|
scrub tier language just use python Python code:
|
# ? Apr 10, 2015 07:08 |
|
OSI bean dip posted:scrub tier language you have to get really close to the metal JavaScript code:
|
# ? Apr 10, 2015 07:37 |
|
Nintendo Kid posted:
im the incomplete <a at the beginning that presumably makes everything after unparseable.
|
# ? Apr 10, 2015 07:42 |
|
Cocoa Crispies posted:you have to get really close to the metal i think me mean require("../../../../bomb"), scrub.
|
# ? Apr 10, 2015 07:53 |
|
i really want to be the guy making those after effects screens. you can tell the dude was just told to make a bomb explode script and decided to gently caress with everybody
|
# ? Apr 10, 2015 08:23 |
|
EMILY BLUNTS posted:#DEFINE detonation exit(); explode() or die;
|
# ? Apr 10, 2015 08:42 |
|
|
# ? Apr 10, 2015 08:49 |
|
i'll have to go with pizza
|
# ? Apr 10, 2015 08:51 |
|
did u hit the lol button
|
# ? Apr 10, 2015 09:09 |
|
hrm https://citizenlab.org/2015/04/chinas-great-cannon/
|
# ? Apr 10, 2015 12:40 |
|
Nintendo Kid posted:
i'm the "checkif" operator
|
# ? Apr 10, 2015 13:49 |
|
also i'm the random syntax highlighting that makes no goddamn sense
|
# ? Apr 10, 2015 13:49 |
|
So, Facebook felt it was necessary to "correct" some Belgian security report which showed that Facebook sucks. https://newsroom.fb.com/news/h/setting-the-record-straight-on-a-belgian-academic-report/ It's quite funny, really, lots of weaseling. quote:Facebook does receive standard “web impressions,” or website visit information, when people visit sites with our plugins or other integrations. The authors misleadingly call this “tracking.” quote:Claim: Facebook wants to use Social Plugins to add cookies to the browsers of people who don’t use Facebook. Additionally, they say nothing about tracking non-Facebook users using other methods, without cookies. Such as IP-based tracking, which certainly happens. quote:Fact: You can opt out of having your social actions paired with ads. This Richard Allan figure would make a very good politician.
|
# ? Apr 10, 2015 13:50 |
|
if [ "code altered"] then trigger detonation
|
# ? Apr 10, 2015 13:50 |
|
Carbon dioxide posted:So, Facebook felt it was necessary to "correct" some Belgian security report which showed that Facebook sucks. if you define "tracking" to be "following an animal through the woods using instinct and careful observation of the environment around you" then no Facebook doesn't do any tracking
|
# ? Apr 10, 2015 13:53 |
|
|
# ? Mar 28, 2024 17:59 |
|
pro-click, not a LAFFful article tho
|
# ? Apr 10, 2015 13:55 |