|
El Estrago Bonito posted:You hear stories from Pen Test teams all the time of doing both physical and digital audits on companies only to find out there's other guys there doing the same stuff for real. I'd love if you could point me in the right direction on some of these reports/articles. It' something that really fascinates me. I do remember a short run TV show from years ago that got 3 episodes and one of the tests was to get into a high end car dealer. another was access the safe of a jewelry company owner and more
|
#
?
Nov 17, 2015 04:28
|
|
|
|
| # ? Apr 27, 2024 03:17 |
|
|
Humphreys posted:I'd love if you could point me in the right direction on some of these reports/articles. It' something that really fascinates me. I do remember a short run TV show from years ago that got 3 episodes and one of the tests was to get into a high end car dealer. another was access the safe of a jewelry company owner and more Are you thinking of the Discovery channel series It Takes A Thief?
|
|
#
?
Nov 17, 2015 04:38
|
|
|
Gobbeldygook posted:Are you thinking of the Discovery channel series It Takes A Thief? Na that's not it, but thanks. I want to say the show I'm thinking of was called 'Operation Scorpion' or similar (and not it's not that show 'Scorpions').
|
|
#
?
Nov 17, 2015 06:31
|
|
|
The show was called Tiger Team, and unfortunately, while an interesting concept, was produced in the same annoying reality-tv format you see everywhere else.
|
|
#
?
Nov 17, 2015 06:59
|
|
|
MRC48B posted:The show was called Tiger Team, and unfortunately, while an interesting concept, was produced in the same annoying reality-tv format you see everywhere else. I was WAY off! Definitely Tiger Team.
|
|
#
?
Nov 17, 2015 07:14
|
|
|
Humphreys posted:I'd love if you could point me in the right direction on some of these reports/articles. It' something that really fascinates me. I do remember a short run TV show from years ago that got 3 episodes and one of the tests was to get into a high end car dealer. another was access the safe of a jewelry company owner and more Jayson E. Street has done a number of great talks at Defcon and other security cons about pen testing and physical security, there are a bunch of them on YouTube.
|
|
#
?
Nov 17, 2015 07:16
|
|
|
Humphreys posted:I'd love if you could point me in the right direction on some of these reports/articles. It' something that really fascinates me. I do remember a short run TV show from years ago that got 3 episodes and one of the tests was to get into a high end car dealer. another was access the safe of a jewelry company owner and more Some assholes stole 44k worth of poo poo from a nearby jewelry store. An accomplice of theirs was outside, cut out the internet/phone lines as they rang the credit card company to verify the purchase, then dialed them claiming to be from the company, and that the purchase was verified. Shop owner realized he'd been ripped off, called the other local jewelry shops to warn them, and also the police. Police did jack poo poo even when another jewelry place reported the people were there trying to pull the same scam, and despite having full photos of the people, their car, and the license plates... anyway that was the last straw and he's closed his brick and mortar jewelry store.  so yeah stealing from jewelry stores apparently isn't that hard because the cops won't do poo poo.
|
|
#
?
Nov 17, 2015 08:13
|
|
|
Humphreys posted:I'd love if you could point me in the right direction on some of these reports/articles. It' something that really fascinates me. I do remember a short run TV show from years ago that got 3 episodes and one of the tests was to get into a high end car dealer. another was access the safe of a jewelry company owner and more If you just want cool stories about security stuff, these ones are pretty good: https://www.youtube.com/watch?v=oHf1vD5_b5I https://www.youtube.com/watch?v=sgz5dutPF8M https://www.youtube.com/watch?v=s2g9lgYrYJM This one is just a former fed talking about fun hacker stories: https://www.youtube.com/watch?v=h9wXq6oRBnI This covers Corporate Espionage, which is by far the coolest modern security profession and usually staffed by cool, good looking people (because the human brain is wired to trust those people more). It's got some interesting stuff in it about common ways people set up attacks against corporate environments. Also a lot of fun stories: https://www.youtube.com/watch?v=D2N6FclMMTg Joe McCray is a great public speaker who does pen testing: https://www.youtube.com/watch?v=_SsUeWYoO1Y
|
|
#
?
Nov 17, 2015 11:52
|
|
|
The elevator hacking video is amazing. I like this one in particular (the channel has lots of those videos on it). https://www.youtube.com/watch?v=JsVtHqICeKE This guy has gotten away with some amazing poo poo while pen testing. KozmoNaut has a new favorite as of 13:07 on Nov 17, 2015 |
|
#
?
Nov 17, 2015 13:05
|
|
|
Thanks everyone - guess I'm pissing off the other half watching these instead of some silly tv show all night haha.
|
|
#
?
Nov 17, 2015 13:28
|
|
|
Corporate espionage has got to be one of the coolest and most interesting jobs on the planet. A buddy of mine works for a Fortune 50 company, at a relatively small manufacturing facility in a rural area. They don't do any fun crazy experimental R&D stuff there; they pretty much assemble things and ship them out. Despite how innocuous and seemingly irrelevant the facility is, rival companies are constantly trying to get in by myriad methods. Every time he and I get together, he tells me about all the attempts that they've recently thwarted--ranging from garden-variety brute-force attacks on their servers to people dressed in counterfeit uniforms with forged ID badges trying to blend in with the actual employees for nefarious purposes, and even wilder poo poo. I've been sworn to secrecy about the good stuff, but I'm allowed to tell you about a conversation I had with him a while back: "Hey, Fai, guess how many unique attacks there were on our data systems. I bet you can't guess." "I don't know. Seven hundred?" "Two-hundred thousand." "gently caress, that many this month?" "No, that was before lunch." He insists that his company would never stoop so low as to perform their own espionage, but I bet their rivals tell their employees the same thing 
|
|
#
?
Nov 17, 2015 15:14
|
|
|
Did you already tell that in A/T reversing malware? I swear I've read that before. (Not complaining, it's interesting.  )
|
|
#
?
Nov 17, 2015 15:20
|
|
|
AlphaKretin posted:Did you already tell that in A/T reversing malware? I swear I've read that before. (Not complaining, it's interesting. I remember recounting it somewhere else in PYF a while ago. It's the only specific story I'm allowed to tell, and even though it's the tamest thing, it blows my mind. Their facility really only puts stuff together and ships it out to customers. That's it. No spooky mad science or dark arts or forbidden research--they just assemble things. Despite how uninteresting the place seems, they've got policies and systems in place to detect intrusions that most companies wouldn't even consider to be within the realm of possibility, because they are under constant attack. It's nuts. Working there must feel like being a counterintelligence agent during the Cold War.
|
|
#
?
Nov 17, 2015 15:52
|
|
|
KozmoNaut posted:The elevator hacking video is amazing. Watching those videos just further cements my opinion that Sneakers is the best hacker movie ever. Even better than The Conversation.
|
|
#
?
Nov 17, 2015 16:03
|
|
|
Tunicate posted:so yeah stealing from jewelry stores apparently isn't that hard because the cops won't do poo poo.
|
|
#
?
Nov 17, 2015 16:38
|
|
|
porktree posted:I'm gonna need some links here, because this sounds like bullshit. Heard it from the man himself. The scam itself is really easy to pull off, because the 'authorization code' given by a bank over the phone doesn't actually get checked at the cash register - any number with the correct length will work. Which is a good example of failed technology.
|
|
#
?
Nov 17, 2015 17:00
|
|
|
Tunicate posted:Heard it from the man himself. Well I don't doubt it's a scam that has happened (2012 article), I do doubt the police won't do anything. A friend of mine lived next to a neighbor who's brothers' wife's sister saw this same thing.....
|
|
#
?
Nov 17, 2015 17:07
|
|
|
porktree posted:Well I don't doubt it's a scam that has happened (2012 article), I do doubt the police won't do anything. A friend of mine lived next to a neighbor who's brothers' wife's sister saw this same thing..... I've been selling through this guy for a while, man. This is firsthand, not some thirdhand urban legend.  But hey I guess you have a lot of faith in the united states local police forces, and I don't want to take that away from you.
|
|
#
?
Nov 17, 2015 17:26
|
|
|
Tunicate posted:I've been selling through this guy for a while, man. This is firsthand, not some thirdhand urban legend. I'm sorry man, I'm sure it totally happened. And the police totally don't care about crimes because that's not their job. And he totally closed his business because he didn't want to support criminals. The whole story makes total sense, man.
|
|
#
?
Nov 17, 2015 17:40
|
|
|
"Cops won't do poo poo" can encompass a wide range of responses. Security cam footage can't always identify a suspect and the license plates could be stolen. Just because the police don't have their detectives working in shifts solving the crime, doesn't mean they aren't doing anything. Unless they wouldn't take a police report - which I really doubt since that would be necessary for insurance purposes. My house got burgled by a couple of crackheads. The police didn't do poo poo. Then two years later I get a letter saying one of them got arrested on a related charge and he was also getting charged for my robbery too. And I lived in a city with a really lovely police department. Things can move slowly if there isn't a gun or drugs involved. I get the frustration though. Especially if the other jewelry store had the suspects in the store and the police wouldn't come right then. Otherwise, it sounds like your jeweler friend has watched too many cop dramas.
|
|
#
?
Nov 17, 2015 17:41
|
|
|
Jedit posted:Counterpoint: it's literally the only way to get Vanilla Diet Coke in the UK, and even when not as good as bottled that stuff is nectar of the gods. protip: buy diet coke and add vanilla to it
|
|
#
?
Nov 17, 2015 21:44
|
|
|
Ein cooler Typ posted:protip: buy diet coke and add vanilla to it DONT DO THIS it will give u the bends, only buy licensed quality Coke(c) products
|
|
#
?
Nov 17, 2015 21:53
|
|
|
Krispy Kareem posted:"Cops won't do poo poo" can encompass a wide range of responses. Security cam footage can't always identify a suspect and the license plates could be stolen. Just because the police don't have their detectives working in shifts solving the crime, doesn't mean they aren't doing anything. Unless they wouldn't take a police report - which I really doubt since that would be necessary for insurance purposes. His jeweler friend quit selling jewelry because he couldn't hire anyone who knew how credit cards work and purchases are verified. I wouldn't be surprised if insurance wouldn't pay out because the employee handed over the items without a threat of violence. This isn't a violent crime, it threatens money but not public safety, why would the cops treat it like an emergency? PS. Any cashier who dealt with checks a decade ago would've been able to avoid this, so maybe some technology became obsolete before its time. Like "employee training."
|
|
#
?
Nov 17, 2015 23:05
|
|
|
GOTTA STAY FAI posted:Corporate espionage has got to be one of the coolest and most interesting jobs on the planet. http://www.nytimes.com/2000/12/03/magazine/corporate-spies-the-pizza-plot.html?pagewanted=all
|
|
#
?
Nov 18, 2015 00:54
|
|
|
GWBBQ posted:On the much more low-tech side of things, here's an article from 2000 about Schwan, who were about to launch their Freschetta line, trying to figure out how many Digiorno pizzas a day Kraft were going to be shipping. That's oddly fascinating - every conversation is one I could imagine having (though possibly as the victim), but I'd never sit down and tie them together like that.
|
|
#
?
Nov 18, 2015 04:03
|
|
|
Here's something cool. Old film industry trade journals! Tons of advertising and reviews of old film technology + reviews/summaries of coming attractions. The issues of Moving Picture World are really cool. You can track the rapid changes of the burgenoning industry through from 1907 to 1919. http://mediahistoryproject.org/collections/ Been going through the February issues of 1911 for information about what I think is a french film. Mobile cameras are getting better     
|
|
#
?
Nov 18, 2015 12:25
|
|
|
I was doing some debugging of some software and associated hardware today and remembered that the term 'bug' and 'debug' was rooted to the actual finding of bugs (the animal) inside circuits causing shorts. If you have ever worked on air conditioning units in the tropics you will understand it, except instead of bugs it's always a drat Gecko. https://en.wikipedia.org/wiki/Debugging A personal story on this: I was presented with a VHS/DVD combo unit that when plugged in would trip the safety breakers in the owners house. Upon opening suspecting a lovely power supply board (Sony were horrible for this at the time) I didn't find a lovely capacitor as was the for a lot of work I was doing. But a god damned SNAKE had wiggled through the rear fan port and arced itself on the mains terminals. A few photos of this and a call to Sony and the whole out of warranty job was done free of cost to the customer mainly because the guys at the spares department had such a laugh out of it. On lovely caps: https://en.wikipedia.org/wiki/Capacitor_plague http://www.theguardian.com/technology/blog/2010/jun/29/dell-problems-capacitors
|
|
#
?
Nov 22, 2015 10:20
|
|
|
Humphreys posted:I was doing some debugging of some software and associated hardware today and remembered that the term 'bug' and 'debug' was rooted to the actual finding of bugs (the animal) inside circuits causing shorts. Thomas Edison in 1878 posted:It has been just so in all of my inventions. The first step is an intuition, and comes with a burst, then difficulties arise — this thing gives out and [it is] then that "Bugs" — as such little faults and difficulties are called — show themselves and months of intense watching, study and labor are requisite before commercial success or failure is certainly reached.
|
|
#
?
Nov 22, 2015 12:32
|
|
|
Humphreys posted:I was presented with a VHS/DVD combo unit that when plugged in would trip the safety breakers in the owners house. Upon opening suspecting a lovely power supply board (Sony were horrible for this at the time) I didn't find a lovely capacitor as was the for a lot of work I was doing. But a god damned SNAKE had wiggled through the rear fan port and arced itself on the mains terminals. A few photos of this and a call to Sony and the whole out of warranty job was done free of cost to the customer mainly because the guys at the spares department had such a laugh out of it. Do you still have said photos? If you do 
|
|
#
?
Nov 22, 2015 12:33
|
|
|
Just think, if you had this happen a few generations earlier, CJs be would "snaking out" logic boards. v Humphreys posted:To be honest I probably DO still have these photos. Just gotta find a card reader for the lovely Sony 'MemorySticks' (another obsolete tech) that I have the photos on. Although you may need a special card reader to get the contents of SONY memory stick to PC, keep in mind that you can use them natively in the hindquarters of an AIBO. Humphreys posted:Sony Ericsson P910i supremacy! In other words, your pictures are conveniently stored on a format which is native to a dog's rear end. moller has a new favorite as of 12:55 on Nov 22, 2015 |
|
#
?
Nov 22, 2015 12:42
|
|
|
thespaceinvader posted:Do you still have said photos? To be honest I probably DO still have these photos. Just gotta find a card reader for the lovely Sony 'MemorySticks' (another obsolete tech) that I have the photos on. Sony Ericsson P910i supremacy! Humphreys has a new favorite as of 12:51 on Nov 22, 2015 |
|
#
?
Nov 22, 2015 12:48
|
|
|
moller posted:Just think, if you had this happen a few generations earlier, CJs be would "snaking out" logic boards. I have found the card reader, now to find the card. I know roughly which box it is in under the house (I just moved a month or so ago and I'm a lazy lazy man). (it's not in the AIBO box) Humphreys has a new favorite as of 09:25 on Nov 23, 2015 |
|
#
?
Nov 23, 2015 09:16
|
|
|
picked this up fpr $6 at the thrift store today I don't have any tapes yet but I guess I can start collecting german dungeon porn now 
|
|
#
?
Nov 23, 2015 23:25
|
|
|
Ein cooler Typ posted:picked this up fpr $6 at the thrift store today
|
|
#
?
Nov 23, 2015 23:31
|
|
|
some of my other old stuff Denon AVR-800 receiver DRW-580 cassette deck DCM-340 cd player got all this stuff free when my friend moved and gave it to me Pioneer CLD-D501 laserdisc player. this one is cool because it plays both sides of the disc. got this for $15 at the thrift store I also have a Pioneer CLD-V2400 laserdisc player. got this for $15 at the university surplus sale
|
|
#
?
Nov 24, 2015 04:24
|
|
|
Ein cooler Typ posted:some of my other old stuff okay now I am really freaked out since I had that exact CD player and that exact LD player years ago -- that LD player was a beast but boy was it a nice piece of equipment
|
|
#
?
Nov 25, 2015 02:26
|
|
|
https://www.youtube.com/watch?v=AowJGns66_4
|
|
#
?
Nov 28, 2015 02:41
|
|
|
How well does a CD hold an edge? 
|
|
#
?
Nov 28, 2015 04:34
|
|
|
Went back home this Thanksgiving and found a small batch of cassettes I recorded with back in high school (because I was broke and CD burning tech wasn't an option for me just yet). I had a hell of a time trying to find a tape player and the only one I could find wouldn't work. Luckily, I still own a car that has a built-in cassette player (although that one is still finicky as hell)  The last car Cassettes: The Very Best in Obsolete Technology 90s Solo Cup has a new favorite as of 12:01 on Nov 29, 2015 |
|
#
?
Nov 28, 2015 06:12
|
|
|
|
| # ? Apr 27, 2024 03:17 |
|
|
Tubesock Holocaust posted:Went back home this Thanksgiving and found a small batch of cassettes I recorded with back in high school (because I was broke and CD burning tech wasn't an option for me just yet). I had a hell of a time trying to find a tape player and the only one I could find wouldn't work. Luckily, I still own a car that has a built-in cassette player (although that one is still finicky as hell) I wish my car had a cassette player. It's a 2004 Chevy Malibu, and it has a (broken) CD player, and no aux-in. I'm stuck with an FM adapter that sounds shittier than a cassette adapter because at least with the cassette adapter, I didn't have to worry about interference or finding an empty radio channel. And since the radio also has the information display, replacing it with a modern head unit would run me about $300.
|
|
#
?
Nov 28, 2015 06:25
|
|
