Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
CRIP EATIN BREAD
Jun 24, 2002

Hey stop worrying bout my acting bitch, and worry about your WACK ass music. In the mean time... Eat a hot bowl of Dicks! Ice T



Soiled Meat

dpkg chopra posted:

Any time I've given the olds any sort of small device that is not their phone, they lose it within 2 months, and within those 2 months they maybe remember to actually bring it with them maybe 2 days. Giving them yubikeys to be able to do their job sounds like hell.

this is actually fine because then they have to wait until a new small device is procured and they can't do anything until then, and it's not your problem

Adbot
ADBOT LOVES YOU

DELETE CASCADE
Oct 25, 2017

i haven't washed my penis since i jerked it to a phtotograph of george w. bush in 2003
i keep my small device in my pants where it's safe and secure

Raymond T. Racing
Jun 11, 2019

CRIP EATIN BREAD posted:

this is actually fine because then they have to wait until a new small device is procured and they can't do anything until then, and it's not your problem

"you're telling me, that if I lose this small device, I'll be unable to work until I get a new small device?????"

mystes
May 31, 2006

Beeftweeter posted:

am i stupid or do nfc stickers seem like a cheap way of doing this
A simple nfc sticker is just a fixed code so it definitely can't do this.

If you try to make it work, congratulations you just reinvented smartcards, which have been supported for authentication for a really long time, but you either need readers or the smartcard needs to be a USB token which isn't cheaper than a fido2 only yubikey.

Also u2f is designed to be way simpler

redleader
Aug 18, 2005

Engage according to operational parameters

ew, gross, what the gently caress

sb hermit
Dec 13, 2016





Real talk. All the NFC usb stuff that's good for desktops is like $100, maybe $50 for sketchy stuff. Does anyone have a recommendation from a reputable vendor? Or are all the $20 readers only available on aliexpress or something?

I would be very mad if there was just a cheap hp or dell or microsoft thing that everyone uses but I somehow overlook.

EDIT: I'm just talking about something that can read NFC on a yubikey or an NFC tag or something, nothing too complicated.

Hed
Mar 31, 2004

Fun Shoe

sb hermit posted:

Real talk. All the NFC usb stuff that's good for desktops is like $100, maybe $50 for sketchy stuff. Does anyone have a recommendation from a reputable vendor? Or are all the $20 readers only available on aliexpress or something?

I would be very mad if there was just a cheap hp or dell or microsoft thing that everyone uses but I somehow overlook.

EDIT: I'm just talking about something that can read NFC on a yubikey or an NFC tag or something, nothing too complicated.

I bought this HID reader a couple months ago and 3M stripped it to the underside of my desk. https://www.amazon.com/gp/aw/d/B079T2FKN1

at $67 it’s a slight premium to your sketch tier but works for me. I bought it so I didn’t have to go all the way to the USB port on my compy

Midjack
Dec 24, 2007



sb hermit posted:

Real talk. All the NFC usb stuff that's good for desktops is like $100, maybe $50 for sketchy stuff. Does anyone have a recommendation from a reputable vendor? Or are all the $20 readers only available on aliexpress or something?

I would be very mad if there was just a cheap hp or dell or microsoft thing that everyone uses but I somehow overlook.

EDIT: I'm just talking about something that can read NFC on a yubikey or an NFC tag or something, nothing too complicated.

the scl3711 is a fairly competent reader that also works with libnfc if that's something you need. there are a couple of formats it can't handle (don't think it does iclass for example) but it's a good general purpose hf rfid reader.

Beeftweeter
Jun 28, 2005

a medium-format picture of beeftweeter staring silently at the camera, a quizzical expression on his face

sb hermit posted:

Real talk. All the NFC usb stuff that's good for desktops is like $100, maybe $50 for sketchy stuff. Does anyone have a recommendation from a reputable vendor? Or are all the $20 readers only available on aliexpress or something?

I would be very mad if there was just a cheap hp or dell or microsoft thing that everyone uses but I somehow overlook.

EDIT: I'm just talking about something that can read NFC on a yubikey or an NFC tag or something, nothing too complicated.

idk, a lot of aliexpress poo poo is just rebranded with like xyzzy or some poo poo and then sold on amazon with a 75% markup. i wouldn't entirely count it out

RFC2324
Jun 7, 2012

http 418

Beeftweeter posted:

idk, a lot of aliexpress poo poo is just rebranded with like xyzzy or some poo poo and then sold on amazon with a 75% markup. i wouldn't entirely count it out

My understanding was that it was the other way, with the AliExpress poo poo being stuff where the batch failed QA but individual units are (probably) still good?

Guy Axlerod
Dec 29, 2008
If you're after a cheap solution, I'm not sure why you'd use a USB nfc reader for a yubikey. You can just plug it in? Get a USB hub or extension to put it on top of your desk if that's what you're missing and price sensitive.

If you're just after a fun project, then go for it. I think it could be cool to have it built-in under your desk top, or integrated into the keyboard.

sb hermit
Dec 13, 2016





Guy Axlerod posted:

If you're after a cheap solution, I'm not sure why you'd use a USB nfc reader for a yubikey. You can just plug it in? Get a USB hub or extension to put it on top of your desk if that's what you're missing and price sensitive.

If you're just after a fun project, then go for it. I think it could be cool to have it built-in under your desk top, or integrated into the keyboard.

I'm asking for suggestions for which usb based nfc reader to buy.

EDIT: I somehow misread this. I'm testing out security solutions and it's easier for users to just use nfc than to try plugging stuff in. I mentioned yubikeys because they're the easiest thing I have on hand to try out.

sb hermit fucked around with this message at 16:53 on May 10, 2022

sb hermit
Dec 13, 2016





Hed posted:

I bought this HID reader a couple months ago and 3M stripped it to the underside of my desk. https://www.amazon.com/gp/aw/d/B079T2FKN1

at $67 it’s a slight premium to your sketch tier but works for me. I bought it so I didn’t have to go all the way to the USB port on my compy

Midjack posted:

the scl3711 is a fairly competent reader that also works with libnfc if that's something you need. there are a couple of formats it can't handle (don't think it does iclass for example) but it's a good general purpose hf rfid reader.

Sweet! Thank you!

Beeftweeter
Jun 28, 2005

a medium-format picture of beeftweeter staring silently at the camera, a quizzical expression on his face

RFC2324 posted:

My understanding was that it was the other way, with the AliExpress poo poo being stuff where the batch failed QA but individual units are (probably) still good?

it's both, really. i've bought poo poo from amazon that was clearly from an ODM because i saw the same thing on aliexpress sans branding. yup, it still failed

the only benefit of getting it from amazon in that case imo is so you can easily return it, but whether or not that justifies the markup is up to you

El Mero Mero
Oct 13, 2001

Beeftweeter posted:

which a lot of enterprise laptops do have and i think a bulk purchase of usb readers or something would probably be cheaper than $30-50/yubikey

$30-50 is cheap as hell. Alternatively, do people not get security badges issued? You can always make those more expensive and turn them into nfc-enabled cards.

It's probably way more expensive, but maybe it comes from an existing budget line item rather than a new one lol.

aspiring_skid
May 10, 2022
Sup infosec peeps,
I created this cowardly rereg account so as not to doxx myself. Although I’m sure that some of you have the skills and connections to figure out my identity if you truly cared.

I’m looking to get into infosec. I’m currently working on improving various fundamental skills before I attempt to attain professional script kiddie status and start looking for an infosec job. Ultimately I want to be a defender and do blue team type stuff, but I understand that you cannot be good at defense until you know how offense works. Defense is at such a disadvantage sometimes I wonder why I am bothering to do this. But I find infosec really interesting, and I like helping people. Aside from learning technical stuff I have done a ton of reading so I can understand the big picture stuff. Gotta make sure learning all this technical bullshit is worth it. I know the learning never stops and if you want to be any good you have to learn stuff in your spare time. I hear infosec can pay well but I’m not in it for the money.

Do you mind if I ask you all some questions about getting into the industry? I don’t know anyone that works in infosec. And I’d rather ask goons these questions anyway. I’ve already learned a ton from lurking this thread and the SH/SC infosec thread. It’s clear that most of the people posting in these threads measure their experience in decades. And I would bet money that there is a goon that works for every major tech company either posting in this thread or elsewhere in YOSPOS.

sb hermit
Dec 13, 2016





El Mero Mero posted:

$30-50 is cheap as hell. Alternatively, do people not get security badges issued? You can always make those more expensive and turn them into nfc-enabled cards.

It's probably way more expensive, but maybe it comes from an existing budget line item rather than a new one lol.

the yubikey security key nfc is $25 and at times has been as low as $10 (in a $100 10-pack)

Hed
Mar 31, 2004

Fun Shoe

sb hermit posted:

Sweet! Thank you!

Sure thing. I actually went to my order history and realize now I paid $54 for this in January; it's $67 now. Also the seller was named "UNIQUEPOS LLC" so I think it's a sign.

Crime on a Dime
Nov 28, 2006

hbag
Feb 13, 2021

aspiring_skid posted:

Sup infosec peeps,
I created this cowardly rereg account so as not to doxx myself. Although I’m sure that some of you have the skills and connections to figure out my identity if you truly cared.

I’m looking to get into infosec. I’m currently working on improving various fundamental skills before I attempt to attain professional script kiddie status and start looking for an infosec job. Ultimately I want to be a defender and do blue team type stuff, but I understand that you cannot be good at defense until you know how offense works. Defense is at such a disadvantage sometimes I wonder why I am bothering to do this. But I find infosec really interesting, and I like helping people. Aside from learning technical stuff I have done a ton of reading so I can understand the big picture stuff. Gotta make sure learning all this technical bullshit is worth it. I know the learning never stops and if you want to be any good you have to learn stuff in your spare time. I hear infosec can pay well but I’m not in it for the money.

Do you mind if I ask you all some questions about getting into the industry? I don’t know anyone that works in infosec. And I’d rather ask goons these questions anyway. I’ve already learned a ton from lurking this thread and the SH/SC infosec thread. It’s clear that most of the people posting in these threads measure their experience in decades. And I would bet money that there is a goon that works for every major tech company either posting in this thread or elsewhere in YOSPOS.

unsure why you think posting that you want to get into infosec is going to doxx you

spankmeister
Jun 15, 2008






aspiring_skid posted:

Sup infosec peeps,
I created this cowardly rereg account so as not to doxx myself. Although I’m sure that some of you have the skills and connections to figure out my identity if you truly cared.

I’m looking to get into infosec. I’m currently working on improving various fundamental skills before I attempt to attain professional script kiddie status and start looking for an infosec job. Ultimately I want to be a defender and do blue team type stuff, but I understand that you cannot be good at defense until you know how offense works. Defense is at such a disadvantage sometimes I wonder why I am bothering to do this. But I find infosec really interesting, and I like helping people. Aside from learning technical stuff I have done a ton of reading so I can understand the big picture stuff. Gotta make sure learning all this technical bullshit is worth it. I know the learning never stops and if you want to be any good you have to learn stuff in your spare time. I hear infosec can pay well but I’m not in it for the money.

Do you mind if I ask you all some questions about getting into the industry? I don’t know anyone that works in infosec. And I’d rather ask goons these questions anyway. I’ve already learned a ton from lurking this thread and the SH/SC infosec thread. It’s clear that most of the people posting in these threads measure their experience in decades. And I would bet money that there is a goon that works for every major tech company either posting in this thread or elsewhere in YOSPOS.

sure thing kid here's a pdf that explains everything and will get you started:

https://www.legit-update-server.cn/wp-includes/.documents/how-2-cyber.pdf.exe

hbag
Feb 13, 2021

heres a host you can practice your l33t skillz on OP
127.0.0.1

CommieGIR
Aug 22, 2006

The blue glow is a feature, not a bug


Pillbug

hbag posted:

heres a host you can practice your l33t skillz on OP
127.0.0.1

How did you get my IP?!

Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'

hbag posted:

heres a host you can practice your l33t skillz on OP
127.0.0.1

why are you sockpuppetting itt

KirbyKhan
Mar 20, 2009



Soiled Meat

aspiring_skid posted:

Sup infosec peeps,
I created this cowardly rereg account so as not to doxx myself. Although I’m sure that some of you have the skills and connections to figure out my identity if you truly cared.

I’m looking to get into infosec. I’m currently working on improving various fundamental skills before I attempt to attain professional script kiddie status and start looking for an infosec job. Ultimately I want to be a defender and do blue team type stuff, but I understand that you cannot be good at defense until you know how offense works. Defense is at such a disadvantage sometimes I wonder why I am bothering to do this. But I find infosec really interesting, and I like helping people. Aside from learning technical stuff I have done a ton of reading so I can understand the big picture stuff. Gotta make sure learning all this technical bullshit is worth it. I know the learning never stops and if you want to be any good you have to learn stuff in your spare time. I hear infosec can pay well but I’m not in it for the money.

Do you mind if I ask you all some questions about getting into the industry? I don’t know anyone that works in infosec. And I’d rather ask goons these questions anyway. I’ve already learned a ton from lurking this thread and the SH/SC infosec thread. It’s clear that most of the people posting in these threads measure their experience in decades. And I would bet money that there is a goon that works for every major tech company either posting in this thread or elsewhere in YOSPOS.

You're going to have to go into FYAD and post your balls with this burner. Only way to get an invite to the discord.

KirbyKhan
Mar 20, 2009



Soiled Meat

CommieGIR posted:

How did you get my IP?!

Crime on a Dime
Nov 28, 2006

KirbyKhan posted:

You're going to have to go into FYAD and post your balls with this burner. Only way to get an invite to the discord.

serious post how did that work out for you?

KirbyKhan
Mar 20, 2009



Soiled Meat

Crime on a Dime posted:

serious post how did that work out for you?

Oh somebody posted their balls while I was in the shower. Totally deflating, never even posted mine out of shame.

Crime on a Dime
Nov 28, 2006
was pretty obviously you but I'm not continuing this derail or giving you attention ITT

post hole digger
Mar 21, 2011

lol

post hole digger
Mar 21, 2011

aspiring_skid posted:

Gotta make sure learning all this technical bullshit is worth it.

i have some terrible news for you, op,

KirbyKhan
Mar 20, 2009



Soiled Meat

Crime on a Dime posted:

was pretty obviously you but I'm not continuing this derail or giving you attention ITT

Yes, we have to focus on who's alt this is and where they sourced this cringy request for coffee chats. It's ok dude, we're in the same loving bootcamp you don't have to do this.

dioxazine
Oct 14, 2004

post hole digger posted:

i have some terrible news for you, op,

Crime on a Dime
Nov 28, 2006

Wiggly Wayne DDS
Sep 11, 2010



as an intro to learning infosec you have to watch at least every conference video i've ever linked in these threads. that should be a brief starting point

i swear i had put them all into one post at some point, your job is to dig out that post or make it for me

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer
your first job as an infosec security intern is to go outside and check if p still equals np.

Beeftweeter
Jun 28, 2005

a medium-format picture of beeftweeter staring silently at the camera, a quizzical expression on his face
first things first! is everything secure?

no? well, secure it.

but don't spend a lot of money

4lokos basilisk
Jul 17, 2008


i would start with reading this thread and previous incarnations, trying to understand some of the secfucks and articles linked

after you do all that, and still want to work in infosec then godspeed

disclaimer i dont work in infosec and seriously wouldnt want to i feel

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer
you guys *snort* I just told the intern to go to the CEO and tell him he has to use MFA from now on

Adbot
ADBOT LOVES YOU

Phone
Jul 30, 2005

親子丼をほしい。
brb going to the best buy to get some rng fluid

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply