|
Captain Foo posted:Why would u use checkpoint the base licence and hardware is inexpensive personally i'd advocate just buying palo alto if you want poo poo that works and isn't going to be hobbled in the future
|
# ? Jul 9, 2014 22:26 |
|
|
# ? May 14, 2024 05:09 |
|
Linguica posted:was this logo designed by the CEO's kid who then died of cancer or something are you implying the logo gave the kid cancer?
|
# ? Jul 9, 2014 22:26 |
|
sure, yes
|
# ? Jul 9, 2014 22:35 |
|
another day, another bad intermediate CAquote:The intermediate CA certificates held by NIC were revoked on July 3, as noted above. But a root CA is responsible for all certificates issued under its authority. In light of this, in a future Chrome release, we will limit the India CCA root certificate to the following domains and subdomains thereof in order to protect users:
|
# ? Jul 9, 2014 23:08 |
|
Alereon posted:outside of thought experiment land if you are frequently or unwittingly executing untrusted code you are already owned and just dont know it yet. the people reading this thread dont open strange pdfs in adobe reader or browse without any mechanism to prevent strange plugins from running, so malware isnt going to magically appear on your machine without you going "hmm, this is probably a virus, should i run it? gently caress it yolo" run it through virustotal if you actually care and are unsure. anything connected to the internet is going to be executing arbitrary code at some point, through some plugin or means you didn't think of, and while stupid user behavior may account for a lot of it your browser and email are constantly exposed to sources of content that are downright filthy, typically through ad channels, all while doing completely valid things on the web. and yes, I have personally seen numerous occasions where either the heuristic definitions or HIPS rules have caught and stopped 0-day exploits or viruses that have not had specific signatures written for them, mostly on the corporate network but once or twice on my personal machine as well. until windows fully mandates folder and registry integrity levels (a function of UAC) to keep individual applications isolated from one another, the entire user space of a windows system is open game for viruses and malware and anti-virus software will continue to be a necessary evil. This poo poo isn't OSX and MS's legacy choices have hosed us all over. BangersInMyKnickers fucked around with this message at 23:32 on Jul 9, 2014 |
# ? Jul 9, 2014 23:28 |
|
isn't it going to be great when it's your fridge and window blinds executing arbitrary code!
|
# ? Jul 9, 2014 23:30 |
|
but it's okay they can post about it on facebook
|
# ? Jul 9, 2014 23:30 |
|
BangersInMyKnickers posted:anything connected to the internet is going to be executing arbitrary code at some point, through some plugin or means you didn't think of, and while stupid user behavior may account for a lot of it your browser and email are constantly exposed to sources of content that are downright filthy, typically through ad channels, all while doing completely valid things on the web. and yes, I have personally seen numerous occasions where either the heuristic definitions or HIPS rules have caught and stopped 0-day exploits or viruses that have not had specific signatures written for them, mostly on the corporate network but once or twice on my personal machine as well. until windows fully mandates folder and registry integrity levels (a function of UAC) to keep individual applications isolated from one another, the entire user space of a windows system is open game for viruses and malware and anti-virus software will continue to be a necessary evil. This poo poo isn't OSX and MS's legacy choices have hosed us all over. Run ad-block and no-script, hth.
|
# ? Jul 10, 2014 00:01 |
|
so many sites full on break when you run no-script and disable cookies and poo poo, it's kinda funny, people cant even web janitor properly
|
# ? Jul 10, 2014 00:07 |
|
Share Bear posted:so many sites full on break when you run no-script and disable cookies and poo poo, it's kinda funny, people cant even web janitor properly after you learn what to whitelist and what not to it works pretty good mtv network and gawker and the like may have conniptions but who loving cares why are you even looking at that
|
# ? Jul 10, 2014 00:12 |
|
i remember sniggering at a talk at infosec or something in about 2004 where they were saying the future was separate virtual machines for web browsing, games, w/e now i'm actually beginning to think it's a good idea, just literally sandbox the entire browser gently caress it why stop at a virtual machine, put it on a raspberry pi buried in the hardware and just have input in and video out
|
# ? Jul 10, 2014 00:12 |
|
goddamnedtwisto posted:i remember sniggering at a talk at infosec or something in about 2004 where they were saying the future was separate virtual machines for web browsing, games, w/e HTML SoCs, HTML5 Accelerators, JS Co-Processors
|
# ? Jul 10, 2014 00:14 |
|
What if Dropbox was designed by waffle images? https://www.symform.com It doesn't actually sound too risky but it does sound very silly.
|
# ? Jul 10, 2014 00:26 |
|
goddamnedtwisto posted:now i'm actually beginning to think it's a good idea, just literally sandbox the entire browser
|
# ? Jul 10, 2014 00:29 |
|
goddamnedtwisto posted:now i'm actually beginning to think it's a good idea, just literally sandbox every tab and plugin instance
|
# ? Jul 10, 2014 00:31 |
|
Linguica posted:sandboxing an individual application, what a novel idea that no OS does at this point you may as well consider BSD non-existent. there are 3 operating systems, osx windows and linux
|
# ? Jul 10, 2014 00:42 |
|
doesn't linux support sandboxing?
|
# ? Jul 10, 2014 00:45 |
|
OS X is BSD in case you windows fags didn't know
|
# ? Jul 10, 2014 01:02 |
|
the more relevant examples are android and ios neither are really at the point of "randomly download and execute stuff from the internet". you'd need to tighten down the permission system a lot
|
# ? Jul 10, 2014 01:05 |
|
suffix posted:the more relevant examples are android and ios close enough https://discussions.apple.com/message/21852771
|
# ? Jul 10, 2014 01:06 |
|
np
|
# ? Jul 10, 2014 01:17 |
|
suffix posted:the more relevant examples are android and ios the most relevant example is the browser because 'randomly downloading and executing stuff from the internet' is just 'clicking on random links' and that's a security model they explicitly support
|
# ? Jul 10, 2014 01:18 |
|
Squinty Applebottom posted:OS X is BSD in case you windows fags didn't know lol
|
# ? Jul 10, 2014 01:22 |
|
http://aboutthebsds.wordpress.com/2013/01/13/freebsd-jails-are-a-huge-security-danger/ i found this while searching to see if linux could do jails
|
# ? Jul 10, 2014 01:40 |
|
The ability to launch the store from a bad ad is kind of scary, really. remember it would pop open with a specific app shown. because the ad didn't just launch the App Store, it told the App Store what to do. While I'm not super familiar with ios security, I assume the App Store App can do more than a typical app. and here almost anyone on the Internet can go throw some data into it.
|
# ? Jul 10, 2014 01:41 |
|
Forums Terrorist posted:http://aboutthebsds.wordpress.com/2013/01/13/freebsd-jails-are-a-huge-security-danger/ this blog is the most shsc poo poo
|
# ? Jul 10, 2014 01:46 |
|
EMILY BLUNTS posted:The ability to launch the store from a bad ad is kind of scary, really. remember it would pop open with a specific app shown. because the ad didn't just launch the App Store, it told the App Store what to do.
|
# ? Jul 10, 2014 02:04 |
|
android asks if you want the play store app (or the youtube app or the awful app or whatever) the first time you select an appropriate url, and you have the option of saying "always open the app from now on", which most people do it can't auto install anything, all it can do is take you to the app listing
|
# ? Jul 10, 2014 02:07 |
|
a second snowden has hit the towerquote:http://www.wired.com/2014/07/greenwald-q-a/
|
# ? Jul 10, 2014 02:12 |
|
Alereon posted:isnt that just a registered URI handler or the equivalent? you can do the same thing with steam:// links. on most platforms the user would get prompted if they want to open the app, does android if you use the google browser or does it just open the apps page in the play store? Remember when a security thread got nuked because we used a img tag thing?
|
# ? Jul 10, 2014 02:12 |
|
Alereon posted:isnt that just a registered URI handler or the equivalent? you can do the same thing with steam:// links. on most platforms the user would get prompted if they want to open the app, does android if you use the google browser or does it just open the apps page in the play store? yes, the same handler gets invoked on desktop to take you to mac/iTunes App Store pages if you have those installed I think the same thing works for chrome App Store and Play store on desktop (although I guess for play store it's just a regular old URL)
|
# ? Jul 10, 2014 02:13 |
|
ultramiraculous posted:a second snowden has hit the tower hasn't this been a known thing for a while though, that someone else had leaked to der spiegel about the new toys and the targeting of TOR users? ed - greenwald is probably just grumpy that they didn't come to him so he could keep up his self-aggrandizement campaign.
|
# ? Jul 10, 2014 02:17 |
|
uncurable mlady posted:hasn't this been a known thing for a while though, that someone else had leaked to der spiegel about the new toys and the targeting of TOR users?
|
# ? Jul 10, 2014 02:24 |
|
uncurable mlady posted:hasn't this been a known thing for a while though, that someone else had leaked to der spiegel about the new toys and the targeting of TOR users? considering the last few days it wouldn't surprise me if it was the BND
|
# ? Jul 10, 2014 02:56 |
|
uncurable mlady posted:hasn't this been a known thing for a while though, that someone else had leaked to der spiegel about the new toys and the targeting of TOR users? well yeah but the only things I've seen leaked are some scraps of fairly generic code which people have decided means that the nsa are going to kill them all for searching for tor
|
# ? Jul 10, 2014 10:29 |
|
goddamnedtwisto posted:well yeah but the only things I've seen leaked are some scraps of fairly generic code which people have decided means that the nsa are going to kill them all for searching for tor That or rape their children.
|
# ? Jul 10, 2014 10:30 |
|
Zombywuf posted:That or rape their children.
|
# ? Jul 10, 2014 10:45 |
|
goddamnedtwisto posted:well yeah but the only things I've seen leaked are some scraps of fairly generic code which people have decided means that the nsa are going to kill them all for searching for tor yeah and realistically anyone could have made that code, so we don't even know of it's from the nsa
|
# ? Jul 11, 2014 07:38 |
|
spankmeister posted:yeah and realistically anyone could have made that code, so we don't even know of it's from the nsa I wondered about this, is there a reason this 'leak' gets so much credibility?
|
# ? Jul 11, 2014 08:07 |
|
|
# ? May 14, 2024 05:09 |
|
EMILY BLUNTS posted:What if Dropbox was designed by waffle images? so wait i can get loads of free cloud storage and all i need to do is leave a computer running somewhere with all of these lovely old IDE maxtors in it? Sign me the gently caress up
|
# ? Jul 11, 2014 09:07 |