|
flakeloaf posted:"we rolled our own security" “our developers are very clever”
|
# ? May 22, 2019 23:28 |
|
|
# ? Apr 24, 2024 04:06 |
|
very clever, but it's exploits all the way down
|
# ? May 22, 2019 23:31 |
|
taking a page from prince
|
# ? May 22, 2019 23:34 |
|
quote:We chose to communicate 😾😾😾 through a visual representation of symbols, rather than “words.” Naming vulnerabilities using emoji sequences instead of other pronounceable natural languages have several advantages. First, emoji sequences are universally understood across nearly all natural languages. Choosing 😾😾😾 instead of a name rooted in any one language ensures that the technical contents of our research can be discussed democratically and without latent cultural or linguistic bias. Second, emojis are indexical to the digital age. Third, clear communication is the foundation of friendship, and such a foundation must begin with proper ontological agreement. Just as the universal language of mathematics is largely expressed through interlinguistic symbology, so too is 😾😾😾. Fourth, cats are seen as almost paradoxical beings. While they exist in our lives as the ultimate creatures of leisure, cats are also fierce predators. “Cats are the most highly specialized of the terrestrial flesh-eating mammals. They are powerfully built, with a large brain and strong teeth. The teeth are adapted to three functions: stabbing (canines), anchoring (canines), and cutting (carnassial molars).” (Lariviere, Serge; Stains, Howard James. “Feline.” Encyclopedia Britannica. Feline). For an incomplete list of felines in various mythologies, see this webpage. I was going to trim this down to just the insane bits but it turned out to be all insane bits
|
# ? May 22, 2019 23:42 |
|
idk my cat is kind of a dick but he's never hacked my router ... as far as I know
|
# ? May 22, 2019 23:48 |
|
tres gatos enojados posted:An attacker with root privileges on the device can modify the contents of the FPGA anchor bitstream, which is stored unprotected in flash memory. wait hold up, you need root access? so, you need to have already pwned the box?
|
# ? May 22, 2019 23:51 |
|
yes but youre still not supposed to be able to do that even as root
|
# ? May 23, 2019 00:24 |
|
|
# ? May 23, 2019 01:12 |
|
Kazinsal posted:wait hold up, you need root access? You need root to compromise the box. But once the box is compromised the equivalent of a format and reinstall, won't uncompromise it. So for cisco specifically, you could install untrusted software on the router, then ship it to the target, and they would have no way to detect the software was compromised.
|
# ? May 23, 2019 01:19 |
|
ate poo poo on live tv posted:You need root to compromise the box. But once the box is compromised the equivalent of a format and reinstall, won't uncompromise it. So for cisco specifically, you could install untrusted software on the router, then ship it to the target, and they would have no way to detect the software was compromised. or ever fix it, *kiss noise*
|
# ? May 23, 2019 01:32 |
|
COACHS SPORT BAR posted:
that's a lot of words to say there to say "we're trying to downplay this as much as possible so we made the official name ungoogleable"
|
# ? May 23, 2019 04:31 |
|
Perplx posted:that's a lot of words to say there to say "we're trying to downplay this as much as possible so we made the official name ungoogleable" you can google emojis tho i think it translates them to their unicode description https://www.google.com/search?q=%F0%9F%92%A9&ie=UTF-8&oe=UTF-8
|
# ? May 23, 2019 04:56 |
|
lol
|
# ? May 23, 2019 05:02 |
|
NSA <3 Cisco
|
# ? May 23, 2019 15:48 |
|
Beautiful
|
# ? May 23, 2019 15:55 |
|
i'm looking for a video that was posted in this thread awhile back, it was a pretty funny guy talking about why sockets/IoT was bad iirc, he's also done talks on why blockchain isn't the end all be all solution, and javascript. unfortunately i can't remember his name, or the title of any of the videos. if someone could help me out that would be pretty great.
|
# ? May 23, 2019 19:40 |
|
James Mickens?
|
# ? May 23, 2019 19:51 |
|
I love that talk so much https://twitter.com/omgbeckilee/status/631127484898148353?s=20
|
# ? May 23, 2019 20:43 |
|
yeah, that's what i'm looking for. Love his talks, always forget his name.
|
# ? May 23, 2019 21:17 |
|
so my executive got a cold call sales email from our current vpn appliance vendor identifying our current firewall mfr and product family (based on ‘research’) helpfully letting us know that gartner doesn’t think the firewall vendor is cutting edge and that they are im pretty sure they fingerprinted it from the vpn appliance inside my net bye
|
# ? May 24, 2019 14:44 |
|
PCjr sidecar posted:so my executive got a cold call sales email from our current vpn appliance vendor identifying our current firewall mfr and product family (based on ‘research’) helpfully letting us know that gartner doesn’t think the firewall vendor is cutting edge and that they are see this is what i always imagined would happen if you don't uncheck that "send anonymous data to help us make our products better" box in every single piece of software
|
# ? May 24, 2019 14:50 |
|
Shame Boy posted:see this is what i always imagined would happen if you don't uncheck that "send anonymous data to help us make our products better" box in every single piece of software yeah that box is unchecked lol gonna bet there’s one line in the eula that allows it
|
# ? May 24, 2019 14:55 |
|
PCjr sidecar posted:yeah that box is unchecked lol
|
# ? May 24, 2019 14:58 |
|
Wiggly Wayne DDS posted:ah so you opted out of it being anonymous
|
# ? May 24, 2019 15:01 |
|
Shame Boy posted:see this is what i always imagined would happen if you don't uncheck that "send anonymous data to help us make our products better" box in every single piece of software I am certified in checkbox unchecking, or checking in this case.
|
# ? May 24, 2019 16:22 |
|
uncheck yourself before you wreck yourself
|
# ? May 24, 2019 19:01 |
|
Midjack posted:uncheck yourself before you
|
# ? May 24, 2019 19:05 |
|
Midjack posted:uncheck yourself before you wreck yourself
|
# ? May 24, 2019 21:51 |
|
https://twitter.com/briankrebs/status/1132026003386241029
|
# ? May 24, 2019 22:25 |
|
what year is it
|
# ? May 24, 2019 22:48 |
|
Wiggly Wayne DDS posted:what year is it
|
# ? May 24, 2019 22:55 |
|
today is the first 0day of the rest of your life
|
# ? May 24, 2019 23:03 |
|
Wiggly Wayne DDS posted:what year is it Gonna answer this repeatedly with different years to hear all your replies
|
# ? May 24, 2019 23:31 |
|
didn't chase or capital one or some bank let you just type in someone else account number once you were logged in a few years ago
|
# ? May 24, 2019 23:35 |
|
i remember a british bank forgot to key their http cache on the logged in userid and customers suddenly started seeing other peoples account details
|
# ? May 24, 2019 23:41 |
|
iirc steam had the same issue too a couple years back
|
# ? May 24, 2019 23:43 |
|
spankmeister posted:iirc steam had the same issue too a couple years back Steam was leaking mortgage information and SSNs? drat.
|
# ? May 24, 2019 23:47 |
|
Proteus Jones posted:Steam was leaking mortgage information and SSNs? drat. valve's coders during the early years of steam were just that good
|
# ? May 25, 2019 00:15 |
|
Rufus Ping posted:i remember a british bank forgot to key their http cache on the logged in userid and customers suddenly started seeing other peoples account details https://nypost.com/2018/02/22/chase-says-glitch-gave-customers-access-to-wrong-accounts/ apparently that's popular. this is probably what I was thinking of.
|
# ? May 25, 2019 00:21 |
|
|
# ? Apr 24, 2024 04:06 |
|
spankmeister posted:iirc steam had the same issue too a couple years back Pretty sure it happened on Christmas day too.
|
# ? May 25, 2019 00:23 |