BangersInMyKnickers posted:the assumption is that if you have access to the hardware to the point that you can directly sniff the key material from the internal interconnects then you could have much more easily embedded a hardware keylogger and gotten it that way. they should still encrypt those communications as a matter of best practice, but its not a terribly realistic attack scenario compared to other options. probably don't even need to bother for most bitlocker installs since people don't bother with the pin/pass to release the key material from the TPM so the OS automatically boots and you can just execute some manner of RCE against that or UEFI and effectively bypass the entire drive encryption layer
|
|
# ? Oct 17, 2019 10:20 |
|
|
# ? Apr 27, 2024 17:13 |
|
BangersInMyKnickers posted:if any bank these days has an SPF record that isn't in hardfail mode they should be banned from all forms of online banking *Extremely 90's era IT manager voice* We need to allow customers to get our emails at all costs
|
# ? Oct 17, 2019 12:47 |
|
Captain Foo posted:poms over shagghdad
|
# ? Oct 17, 2019 12:52 |
|
https://www.bbc.co.uk/news/technology-50080586quote:The issue was spotted by a British woman whose husband was able to unlock her phone with his thumbprint just by adding a cheap screen protector. Unlocks with a thumbprint, just not necessarily your thumbprint
|
# ? Oct 17, 2019 15:34 |
|
a friend of mine works at Pilz. they're now on holiday because every single computer in the company got cryptolockered. and all the backups also have it. the entire company is completely halted right now, even the manufacturing control stuff is gone. their website is just a static html page. ded
|
# ? Oct 17, 2019 15:48 |
|
Spatial posted:and all the backups also have it. what the gently caress kind of backups are these?
|
# ? Oct 17, 2019 15:54 |
|
infernal machines posted:what the gently caress kind of backups are these?
|
# ? Oct 17, 2019 16:07 |
|
backup servers were either live disk arrays with snapshots or some kind of version repository backup to disk solution, and they put it all on the same domain so once a DA cred was popped it was game over for everything
|
# ? Oct 17, 2019 16:14 |
|
I saw one place get screwed because their "backups" were just the default VSS snapshots on the windows share. If you don't configure them, they will default to deleting old snapshots when free space gets low. Cryptolocker started doing its thing on the share, VSS helpfully purged all the snapshots to free up space for it, and by the time it was done they couldn't revert anything
|
# ? Oct 17, 2019 16:16 |
|
Spatial posted:Pilz is that some kind of start-up that sends you monthly loot boxes full of research chems or something
|
# ? Oct 17, 2019 17:47 |
|
BangersInMyKnickers posted:I saw one place get screwed because their "backups" were just the default VSS snapshots on the windows share. If you don't configure them, they will default to deleting old snapshots when free space gets low. Cryptolocker started doing its thing on the share, VSS helpfully purged all the snapshots to free up space for it, and by the time it was done they couldn't revert anything ...did they not have disaster recovery backups? vss is great, but it doesn't do you much good if your array nukes itself and you have to rebuild from scratch
|
# ? Oct 17, 2019 17:49 |
|
Shame Boy posted:is that some kind of start-up that sends you monthly loot boxes full of research chems or something Looks like it's an industrial control and automation company, so after this and other threads I 100% believe that their backups were just to another machine on the network.
|
# ? Oct 17, 2019 18:18 |
|
gaaahahahhahahquote:Samsung Admits Major Security Flaw in Galaxy S10 Under-Screen Fingerprint Sensor
|
# ? Oct 17, 2019 19:10 |
|
https://twitter.com/Sta_Light_/status/1184475413252210688
|
# ? Oct 17, 2019 19:31 |
|
Shame Boy posted:is that some kind of start-up that sends you monthly loot boxes full of research chems or something Volmarias posted:Looks like it's an industrial control and automation company, so after this and other threads I 100% believe that their backups were just to another machine on the network. a while back my buddy got a call from someone in a completely different country complaining that because of him they couldn't access loads of their production machines. why? he had spun up about 50 VM instances to test stuff and used up the tiny remaining space in the subnet all the sites were on. lol
|
# ? Oct 17, 2019 19:39 |
|
Shame Boy posted:is that some kind of start-up that sends you monthly loot boxes full of research chems or something monthly allotment of Saskatchewan champagne
|
# ? Oct 17, 2019 19:48 |
|
Hooooo boy just came across a secfuck at work. IT janitor decides to develop a php-based tool to manage folder permissions on a sensitive file share... by shell_exec()'ing everything using an admin service account. And of course it accepts direct user input with no sanitization or anything Eeehhhhuuuummmmmm
|
# ? Oct 17, 2019 19:56 |
|
ewiley posted:Hooooo boy just came across a secfuck at work. IT janitor decides to develop a php-based tool to manage folder permissions on a sensitive file share... by shell_exec()'ing everything using an admin service account. And of course it accepts direct user input with no sanitization or anything rip
|
# ? Oct 17, 2019 20:02 |
|
infernal machines posted:...did they not have disaster recovery backups? of course not, VSS is backup
|
# ? Oct 17, 2019 20:52 |
|
ah, of course
|
# ? Oct 17, 2019 21:03 |
|
its the secfuck thread. imagine the dumbest possible explanation for a bad thing happening and the reality in inevitably worse.
|
# ? Oct 17, 2019 21:04 |
|
Oh good; my new bank's online password system is hosed. Passwords must be <= 15 characters long Passwords cannot contain spaces or any of the following invalid characters: : * ! ; | / ' Guess who probably isn't sanitizing input and/or storing passwords in plain text or just MD5'ing them/and or both?
|
# ? Oct 17, 2019 21:58 |
|
I'm not a developer but is it normal to include credentials inline in PHP?
|
# ? Oct 17, 2019 22:01 |
|
php maybe, but not in real languages
|
# ? Oct 17, 2019 22:06 |
|
ewiley posted:I'm not a developer but is it normal to include credentials inline in PHP? Yes, this is very normal in PHP and one of the reason doing a Google dork for download.php?file= will yield so many juicy DB creds (when you edit the url to file=../config.php or w/e). When I was at Yahoo! we had developed an in house solution to read credentials out of a service at runtime. I haven't used PHP since then so I don't know if they have a better solution, but this isn't unique to you, but it is somewhat unique to PHP!
|
# ? Oct 17, 2019 22:55 |
|
well this is fun, a remotely exploitable bug in the realtek wifi driver can cause a buffer overflow in the linux kernel
|
# ? Oct 17, 2019 23:09 |
|
BangersInMyKnickers posted:its the secfuck thread. imagine the dumbest possible explanation for a bad thing happening and the reality in inevitably worse. yeah, like one guy in the ‘70s decided that storing the length of buffers was too hard and instead just said“make the last thing in the array null” lmao
|
# ? Oct 17, 2019 23:40 |
|
Cocoa Crispies posted:yeah, like one guy in the ‘70s decided that storing the length of buffers was too hard and instead just said“make the last thing in the array null” lmao
|
# ? Oct 17, 2019 23:45 |
|
ewiley posted:I'm not a developer but is it normal to include credentials inline in PHP? yeah, any environment that supports shared hosting style ftp deployments was going to do this
|
# ? Oct 17, 2019 23:46 |
|
storing credentials in a php file is a Best Practice when deploying to lovely shared hosting because you don't have anywhere to put them other than in a file and you don't have the ability to put them in a file that the http server won't serve to people. putting them in a php file at least means that navigating to the url of that file will run the file rather than serving it up directly.
|
# ? Oct 17, 2019 23:47 |
|
mystes posted:It's not like Dennis Ritchie knew that in the 2010s internet-connected devices would have security vulnerabilities as a result of this decision. Not storing the size of the buffers/arrays at the begging is a real dumb oversight.
|
# ? Oct 17, 2019 23:54 |
|
The Fool posted:php maybe, but not in real languages Strongly disagree. Credentials/private keys/secrets are all over the place. It’s easy and people are lazy.
|
# ? Oct 17, 2019 23:54 |
|
Janitor Prime posted:Not storing the size of the buffers/arrays at the begging is a real dumb oversight. If you drink an old mercury based cure for syphilis or kill yourself trying to use a flintlock rifle in 2019 is it the fault of the person who invented it?
|
# ? Oct 18, 2019 00:06 |
|
Not the inventor, but definitely the committee that oversees the C language for not having safe strings and related functions in the standard library in 2019 is a huge fuckup, considering that the stupid language is still necessary in all kinds of low level programming like this wifi driver. No, actually even the inventor is dumb. Having the size upfront simplifies so many drat operations, it's a more obvious way of doing things with the benefit of not having all these stupid gotchas.
|
# ? Oct 18, 2019 00:26 |
|
but it will take one extra instruction to access a character of the string on some architectures and use an entire word of memory. are you mad? *iterates over the string for the 18th time*
|
# ? Oct 18, 2019 00:32 |
|
Plorkyeran posted:storing credentials in a php file is a Best Practice when deploying to lovely shared hosting because you don't have anywhere to put them other than in a file and you don't have the ability to put them in a file that the http server won't serve to people. putting them in a php file at least means that navigating to the url of that file will run the file rather than serving it up directly. yeah I see it's not in the source when the server serves it up, but still there's got to be a way to have the webserver process run as creds, like an iis worker process does. Or have them in some protected include file at least...
|
# ? Oct 18, 2019 01:25 |
|
Volmarias posted:Or you have a Twitter handle someone really wants, or someone wants to gently caress with you specifically, or yeah happened to a friend of mine with 150k instagram followers. someone with a physical fake id went into a spring store in another state and hijacked his sim.
|
# ? Oct 18, 2019 01:40 |
|
Spatial posted:but it will take one extra instruction to access a character of the string on some architectures and use an entire word of memory. are you mad? *iterates over the string for the 18th time* code:
|
# ? Oct 18, 2019 02:19 |
|
putting the length at the beginning of a string is a terrible design because you can't form substrings without copying the string constantly, which is in fact much worse than repeatedly scanning it to compute the length. the right design is to pass around the length separately from the pointer, which was not obvious in the 70s
|
# ? Oct 18, 2019 02:47 |
|
|
# ? Apr 27, 2024 17:13 |
|
ewiley posted:yeah I see it's not in the source when the server serves it up, but still there's got to be a way to have the webserver process run as creds, like an iis worker process does. Or have them in some protected include file at least... php has been able to read server and environment variables for a long time, people are just lazy
|
# ? Oct 18, 2019 02:58 |