|
motoh posted:#2 factor auth
|
#
?
Apr 27, 2019 18:21
|
|
|
|
| # ? Apr 23, 2024 21:33 |
|
|
Midjack posted:toilet paper with a new password on each square. gonna quote an old thread title here: "i need tp for my security hole"
|
|
#
?
Apr 27, 2019 18:23
|
|
|
motoh posted:#2 factor auth something you have and something you are
|
|
#
?
Apr 27, 2019 18:24
|
|
|
Midjack posted:toilet paper with a new password on each square. I am legally required to tell you that smart pipe is a registered sex offender https://www.youtube.com/watch?v=DJklHwoYgBQ
|
|
#
?
Apr 27, 2019 18:41
|
|
|
that's a yikes from me dog
|
|
#
?
Apr 28, 2019 02:04
|
|
|
i bought a real fancy scanner on ebay cuz i make bad decisions with money and it was super cheap cuz it was used. it's got a lot of very advanced ~enterprisey~ security features, and was clearly used by some big company that was probably getting rid of surplus or something. anyway it finally showed up today and i try to use it only to realize it needs an admin login to even do a factory reset. oh no, did i just waste my mon- oh the username is "admin" and the password is "password", ok 
|
|
#
?
Apr 28, 2019 05:26
|
|
|
ok but how many gb of sensitive documents are there on its internal storage
|
|
#
?
Apr 28, 2019 12:58
|
|
|
yeah, anything cool?
|
|
#
?
Apr 28, 2019 16:27
|
|
|
saved credentials and path to their file sharing server and saved credentials for their sharepoint instance but it doesn't really have any internal file storage beyond an initial ram cache (though it does have a secure erase feature which they didn't use of course) however they did have one saved network admin account, I assume for maintenance, and that admin account was named like "pyxis-service". the only major thing I can find with the name 'pyxis' is a brand of pharmacy management / drug dispensing things, so i'm guessing this scanner was originally from a pharmacy and sold as part of a complete system along with a service contract, maybe for scanning prescriptions you know, exactly the kind of place that should run the loving secure erase feature before selling it e: at least i think it has sharepoint credentials, it says sharepoint is configured according to the on-device configuration thing but i think to actually access the config for that you need to use the admin tool which requires some ancient version of internet explorer and i can't be assed to set that up right now. i could definitely see the fileshare credentials and the user accounts though so 
Shame Boy fucked around with this message at 20:18 on Apr 28, 2019 |
|
#
?
Apr 28, 2019 20:14
|
|
|
pyxis is more commonly seen in hospitals to track and dispense sensitive but high volume drugs, so rather than the pharmacy sending a dude up to the icu with a bottle of morphine they stock the cabinet in the icu with 20 of them at the start of the day and when the order comes in and is approved, the hospital pharmacy just punches a button and the bottle drops right out into the icu nurse’s hand. it would be weird to have that at a retail pharmacy, though.
|
|
#
?
Apr 28, 2019 20:28
|
|
|
Midjack posted:pyxis is more commonly seen in hospitals to track and dispense sensitive but high volume drugs, so rather than the pharmacy sending a dude up to the icu with a bottle of morphine they stock the cabinet in the icu with 20 of them at the start of the day and when the order comes in and is approved, the hospital pharmacy just punches a button and the bottle drops right out into the icu nurse’s hand. it would be weird to have that at a retail pharmacy, though. i know at least one retail pharmacy with a robotic filling... cabinet... thing, my friend was the pharmacist there, is that something else? i mostly know about it because they had just installed it and it had tons of problems and was loving up all the time and he had to manually re-check everything it did because a few times he caught it giving out way too many pills (and once, the wrong pills altogether) so that was fun.
|
|
#
?
Apr 28, 2019 20:34
|
|
|
what does the scanner do that makes it so desirable?
|
|
#
?
Apr 28, 2019 20:42
|
|
|
Sagebrush posted:what does the scanner do that makes it so desirable? it's a real good scanner, like i can put a stack of 100 papers in the feeder and it will quickly but accurately take them one at a time, scan them, exclude blank ones, flip them to be right-side-up if I hosed it up, and even run ocr on them to make the resulting pdf's text-searchable. then it can just drop the resulting file on a windows file server or ftp server, or email it, or send it directly to a printer so it acts like a copier, without any sort of interaction from a computer or drivers needing to be installed. plus it can be managed using active directory and a central config server, there's a bunch of fine-grained access controls and encryption, even a goddamn sdk if you want to write your own software to run on the scanner (it's got a touch screen interface) i totally would not pay retail for it even if i was going to use all the features because it's massively overpriced but i got it real cheap on ebay and the only thing i had to do was replace a ~$20 worn-out roller and it's good for another 50,000 pages it's total overkill for what i'm actually using it for but drat if it isn't fun from a dork-rear end computer janitor perspective e: i think the reason the hospital or w/e would want it is because it's explicitly hipaa compliant in some way according to the specs, so i'm guessing they're the primary customers Shame Boy fucked around with this message at 21:02 on Apr 28, 2019 |
|
#
?
Apr 28, 2019 20:59
|
|
|
Shame Boy posted:i know at least one retail pharmacy with a robotic filling... cabinet... thing, my friend was the pharmacist there, is that something else? those things are in a lot of Walgreens for narcotics
|
|
#
?
Apr 28, 2019 21:00
|
|
|
Shame Boy posted:i know at least one retail pharmacy with a robotic filling... cabinet... thing, my friend was the pharmacist there, is that something else? yeah that’s probably something similar if not the pyxis brand thing. theoretically they can hep reduce misfills but that would mean the pharmacy’s database isn’t a pile of poo poo so lmao. i imagine schedule ii diversion is a bigger problem today than it was when i was a pharm tech 20 years ago.
|
|
#
?
Apr 28, 2019 21:33
|
|
|
whats the make/model of this mega scanner? kind of curious...
|
|
#
?
Apr 28, 2019 21:37
|
|
|
simble posted:whats the make/model of this mega scanner? kind of curious... it's a fujitsu scansnap n1800
|
|
#
?
Apr 29, 2019 00:21
|
|
|
Well, looks like someone really hosed up. LOL
|
|
#
?
Apr 29, 2019 00:51
|
|
|
spb posted:Well, looks like someone really hosed up. LOL turn on y
|
|
#
?
Apr 29, 2019 00:52
|
|
|
Sagebrush posted:what does the scanner do that makes it so desirable? Shame Boy posted:it's a real good scanner, like i can put a stack of 100 papers in the feeder and it will quickly but accurately take them one at a time, scan them, exclude blank ones, flip them to be right-side-up if I hosed it up, and even run ocr on them to make the resulting pdf's text-searchable. then it can just drop the resulting file on a windows file server or ftp server, or email it, or send it directly to a printer so it acts like a copier, without any sort of interaction from a computer or drivers needing to be installed. plus it can be managed using active directory and a central config server, there's a bunch of fine-grained access controls and encryption, even a goddamn sdk if you want to write your own software to run on the scanner (it's got a touch screen interface) Thanks for this response, I was curious about it too. As a nerd who frequents The Dorkroom most of my scanner priorities are centered around DPI, but even just the concept of a multi-page feeder is enough to make something like this sound appealing. I'm glad others have bought up checking internal storage, because that was my second question. gently caress, pharmaceutical software and security is giving me flashbacks to my summer internship at a security company when I was helping with a pen test of some pharma web app. I'm really glad I worked that job, because it helped me quickly realize that, while I enjoyed the concept of pen testing, it was not what I wanted to do for a career.
|
|
#
?
Apr 29, 2019 06:53
|
|
|
pseudorandom posted:I'm really glad I worked that job, because it helped me quickly realize that, while I enjoyed the concept of pen testing, it was not what I wanted to do for a career. Yeah, it can be really tedious.
|
|
#
?
Apr 29, 2019 12:00
|
|
|
The Fool posted:Also run by Russian nationals, so take that for what you will. While a couple decades late, yeah, I said non nation actors because there's no way the Russian natsec apparatus can't read it without the Telegram people getting to know the joy of drill bits to the kneecaps and nutsack fricassée in a basement.
|
|
#
?
Apr 29, 2019 14:52
|
|
|
pseudorandom posted:Thanks for this response, I was curious about it too. As a nerd who frequents The Dorkroom most of my scanner priorities are centered around DPI, but even just the concept of a multi-page feeder is enough to make something like this sound appealing. oh yeah this is very much just a document scanner, if you kick its dpi up to the eye-watering maximum of 600 whole dots per inch it gets massively slower and a bunch of limits kick in, like you can't use a bunch of the features because (i assume) it can't process stuff that big. however for documents 200 to 300dpi is completely fine, it generates very good scans with that, and it has a weird feature where it will like, scan a small slice of it and determine what dpi it should use to get legible results? not quite sure how that works but so far i like it  i have a bunch of mail i've been wanting to scan that i can't get delivered online yet (stuff like the contract for my renter's insurance, something i really want a copy of but at the same time will probably never actually need the physical stack of 50 pages that it's made of) and after using a crummy all in one inkjet printer to do this previously one page at a time, just being able to drop in a big-rear end stack of papers and hit a button is real satisfying
|
|
#
?
Apr 29, 2019 15:11
|
|
|
SIGSEGV posted:While a couple decades late, yeah, I said non nation actors because there's no way the Russian natsec apparatus can't read it without the Telegram people getting to know the joy of drill bits to the kneecaps and nutsack fricassée in a basement. they don’t live in Russia nor is the company based in Russia.
|
|
#
?
Apr 29, 2019 15:28
|
|
|
Shame Boy posted:that reminds me, we once had a customer that demanded the ability to log in (over the network!) using just their badges and no password or anything else. no problem, they must be smart card badges and we can just use PKI right? my work badge is a piece of plastic with just my name, title, and a low-res image of the company logo that you can probably find an exact .jpg of on our public website. no chips, no barcodes, no photo. this was instituted because some manager(s) with enough clout are obsessed with mass shootings. so yeah now we have to watch an awful training video every year that instructs us to take down an active shooter if we can't escape or hide oh btw like 80% of people with this type of badge forget to bring it when they come to the central office 
|
|
#
?
Apr 29, 2019 15:42
|
|
|
Lutha Mahtin posted:my work badge is a piece of plastic with just my name, title, and a low-res image of the company logo that you can probably find an exact .jpg of on our public website. no chips, no barcodes, no photo. this was instituted because some manager(s) with enough clout are obsessed with mass shootings. so yeah now we have to watch an awful training video every year that instructs us to take down an active shooter if we can't escape or hide how is that going to stop an active shooter i mean the badge part, the "throw yourself at them to save the executives" bit makes perfect sense
|
|
#
?
Apr 29, 2019 15:48
|
|
|
Vomik posted:they don’t live in Russia nor is the company based in Russia. We've seen that not be an effective deterrent in the past, and the crypto poop touching means they don't even need that and can just mumble something about money laundering to get them sent home.
|
|
#
?
Apr 29, 2019 15:51
|
|
|
Shame Boy posted:how is that going to stop an active shooter because then we know who is an employee and who isn't, of course. also please note that the building has uncontrolled exterior doors during business hours and has multiple common areas that all tenants can access (there are at least 4 different companies with offices throughout the building). package and food delivery people roam the shared halls freely oh btw i just remembered the training video has a bit where a dorky looking guy is awkwardly holding a fire extinguisher and hiding around the corner of his cubicle. yeah just hangin out in the office this afternoon, couldn't run from this shooter dude so im gonna wait til he walks by and clock him Solid Snake style. this will totally work because i learned the training and have COMMITTED TO MY ACTIONS just like the video said
|
|
#
?
Apr 29, 2019 16:15
|
|
|
That is what they teach you though ? Get out and run away. If you can't, shelter and secure yourself. If you can't hide and secure yourself or the threat is now threatening you, then you do what you gotta do.
|
|
#
?
Apr 29, 2019 16:41
|
|
|
ah, the run / hide / fight strategy. i prefer the ban guns & provide mental healthcare strategy.
|
|
#
?
Apr 29, 2019 17:14
|
|
|
the only thing that stops a bad guy with a gun who thinks he's there on orders from jesus is a good guy with a gun who thinks he is jesus
|
|
#
?
Apr 29, 2019 17:17
|
|
|
Krankenstyle posted:ah, the run / hide / fight strategy. i prefer the suppress white nationalists and destroy the places where they organize strategy.
|
|
#
?
Apr 29, 2019 17:28
|
|
|
whoa 😮 the quote is like the post but poo poo
|
|
#
?
Apr 29, 2019 17:43
|
|
|
Partycat posted:That is what they teach you though ? Get out and run away. If you can't, shelter and secure yourself. If you can't hide and secure yourself or the threat is now threatening you, then you do what you gotta do. yeah but the video presented it with the same soundtrack and voiceover as a trailer for an action movie also the bad guy was using a pump action shotgun
|
|
#
?
Apr 29, 2019 17:50
|
|
|
lol I think my company made me watch the same video
|
|
#
?
Apr 29, 2019 17:55
|
|
|
these active shooter trainings are pure grift p much all of them are run by random cop nobodies who saw the reaction to mass shootings in the 90s and realized that there'd soon be a huge market for selling security theater to big organizations
|
|
#
?
Apr 29, 2019 19:06
|
|
|
Main Paineframe posted:these active shooter trainings are pure grift DrPossum posted:https://www.youtube.com/watch?v=kcpsnrxHdCc Doom Mathematic posted:I'm the four hundred thousand dollars.
|
|
#
?
Apr 29, 2019 19:57
|
|
|
Vomik posted:they don’t live in Russia nor is the company based in Russia. Russia has no problem murdering its own citizens abroad
|
|
#
?
Apr 29, 2019 20:06
|
|
|
Celexi posted:Russia has no problem murdering its own citizens abroad
|
|
#
?
Apr 29, 2019 20:26
|
|
|
|
| # ? Apr 23, 2024 21:33 |
|
|
lmao but school officials say worth it in this scary new world
|
|
#
?
Apr 29, 2019 20:33
|
|
