|
I wouldn’t have thought so, since that’s basically the purpose of them, but you seem to disagree. the lockscreen background image is also available without a PIN, and the device’s notion of the current time!
|
![]() |
|
![]()
|
# ? Jun 18, 2024 09:32 |
|
hasn't there been like a dozen different ways to get the full photos or contacts list on iOS directly from the lock screen because of some loopholes in the ui? how can that be if the data on the phone is encrypted with the pin?
|
![]() |
|
it’s encrypted behind the PIN after reboot, until first unlock
|
![]() |
|
CmdrRiker posted:I love it when people who know nothing about software security think they know everything about software security. https://www.npr.org/2020/02/21/805032627/trump-administration-targets-your-warrant-proof-encrypted-messages "Pull requests welcome."
|
![]() |
|
https://twitter.com/letsencrypt/status/1230957211590873088![]()
|
![]() |
|
Let's Encrypt saved my rear end by being baked into Bomgar when my company didn't know how to Certificate
|
![]() |
|
Doom Mathematic posted:"Pull requests welcome." please don't put your grindr profile in your sig
|
![]() |
|
dont git shame
|
![]() |
|
Krankenstyle posted:dont git blame
|
![]() |
|
Krankenstyle posted:lol at autodecrypting contacts on boot netplwiz.exe
|
![]() |
|
physical security fuckup: NBNco, the company created by the government responsible for deploying a
|
![]() |
|
Methanar posted:Is there an iot furnace yet. I want to streamline and disrupt the thermostat middle man industry and connect my natural gas combuster directly to the internet This is industrial/office HVAC. Systems that have the capacity to injure people and destroy property run XP (edit - and ancient Andriod) connected to "secure backnets" that are just tcp/ip networks badly partitioned from existing corporate infrastructure. You haven't felt fury until you've been shrugged off by a bunch of fat, 50-year-old, pickup-driving hicks who confidently assure you that your security concerns are a non-issue because everything is connected to this "backnet." Potato Salad fucked around with this message at 19:25 on Feb 23, 2020 |
![]() |
|
Potato Salad posted:This is industrial/office HVAC. you know "bacnet" is a protocol yeah
|
![]() |
|
baby got bacnet edit: building got bacnet
|
![]() |
|
abigserve posted:you know "bacnet" is a protocol yeah today I learned something! im wondering if this is contributing to the confusion -- facility guys not really realizing that their unpatched endpoints are actually on improperly-segregated, chatty tcp/ip networks instead of a separate control network Potato Salad fucked around with this message at 20:11 on Feb 23, 2020 |
![]() |
|
Potato Salad posted:today I learned something! guaranteed most people dealing with this poo poo are just electricians entirely unaware of anything beyond plugging poo poo in (edit: as in they don't care about anything beyond layer 1) (and why should they, there's no accreditation or standards for installing this poo poo, as long as it works they get paid).
|
![]() |
|
There is though, it's just not their job. Electricians have to qualify under an apprenticeship. They hook it up to plan, and yeah as long as it works, they get paid. Facility won't care, because they get paid to maintain it, not plan it. It's the fault of the doofus that decided to hook the pos system, automation, and wifi up to the same lan. The best way to get it fixed is to get them to cut you another contract to tell their cj's what to rearrange.
|
![]() |
|
is bacnet even mac based layer 2? i know layer 1 is ethernet, but i thought everything above that was completely different. to the extent that it's exposed to your regular tcp/ip network it's through a gateway device specifically designed to provide an interface to the bacnet gear
|
![]() |
|
iirc bacnet can run on multiple layers so in addition to bacnet over rs-485 it could be ethernet or ip etc etc sounds like they’re running on an (*isolated*, lol) ip network
|
![]() |
|
when you discover bits of a client's HVAC infra via shodan, there's work to be done
|
![]() |
|
Potato Salad posted:when you discover bits of a client's HVAC infra via shodan, there's work to be done adiabatic thinking, number one
|
![]() |
|
Potato Salad posted:when you discover bits of a client's HVAC infra via shodan, there's work to be done ah the Target strategy
|
![]() |
|
infernal machines posted:is bacnet even mac based layer 2? i know layer 1 is ethernet, but i thought everything above that was completely different. to the extent that it's exposed to your regular tcp/ip network it's through a gateway device specifically designed to provide an interface to the bacnet gear The other benefit is that you might not need to run another cable at all! But of course that has it's issues ... I might be just pulling this out of my rear end based on the couple of times I have seen it, both at hotels for some reason.
|
![]() |
|
Oh, and now that I remember, in the case of hotels at least ... room thermostats were on the same bacnet network as everything else.
|
![]() |
|
huh. there's moderate sized bacnet deployment at one of my client's offices, i thought it was physically independent of the building management network. i guess i'll take a poke around the next time i'm there.
|
![]() |
|
infernal machines posted:huh. there's moderate sized bacnet deployment at one of my client's offices, i thought it was physically independent of the building management network. i guess i'll take a poke around the next time i'm there. Please keep us updated on how the poop touching is going for you
|
![]() |
|
Oooh, this chat reminds me of a great talk at FOSDEM this year, which has great potential to be a secfuck: https://fosdem.org/2020/schedule/event/modbus_2020/ ![]()
|
![]() |
|
Pile Of Garbage posted:physical security fuckup: NBNco, the company created by the government responsible for deploying a I've heard of cgi-bin but this is ridiculous!
|
![]() |
|
~Coxy posted:cgi-bin Is this where they dump rejected live action sonic designs
|
![]() |
|
Potato Salad posted:today I learned something! where's that article where someone found a random cat 5 cable on the bridge of an oil tanker and it turned out to be some sort of internal engineering diagnostic/control network that nobody knew about
|
![]() |
|
unpacked robinhood posted:Is this where they dump rejected live action sonic designs not to be confused with where they dump bizarre hyper-expensive graphics workstations, sgi-bin
|
![]() |
|
unpacked robinhood posted:Is this where they dump rejected live action sonic designs It's where they dump all of the animators just before release ![]()
|
![]() |
|
One thing I've noticed with facilities systems is that facilitates purchasing is super different to other purchasing internally for some reason Like if you go out to tender for servers, you go out to tender for a huge stack of them and it becomes your encumbant solution so you can buy more if needed until it's time for a full refresh Facilities they get three quotes for loving everything and pick the cheapest. Even if it's the same thing they'll get three quotes and buy a totally different solution if it's cheaper. A HVAC monitoring system one building away from another one will be a totally different vendor, installed and managed by someone else. It's mental. I remember once convincing a big BMS solution to use dhcp and reservations instead of static addressing because it's easier and cleaner, so they rolled out two hundred devices without a hitch. The exact same solution, for the same purpose, starts in the next state over...and they buy equipment that doesn't do dhcp
|
![]() |
|
Powerful Two-Hander posted:where's that article where someone found a random cat 5 cable on the bridge of an oil tanker and it turned out to be some sort of internal engineering diagnostic/control network that nobody knew about
|
![]() |
|
abigserve posted:equipment that doesn't do dhcp I honestly didn't know this was possible in tyool 2020
|
![]() |
|
NecroBob posted:I honestly didn't know this was possible in tyool 2020 there’ll always be someone who’s willing to disable a feature and knock a cent off the price to get beancounters’ business
|
![]() |
|
NecroBob posted:I honestly didn't know this was possible in tyool 2020 our LARGEST CUSTOMER sourced OUR PRODUCT from a BEST BUY and plugged it into their IT closet and it TOOK DOWN their ENTIRE NETWORK I dont CARE what the spec sheet says, TAKE IT OUT
|
![]() |
|
Sniep posted:our LARGEST CUSTOMER sourced OUR PRODUCT from a BEST BUY and plugged it into their IT closet and it TOOK DOWN their ENTIRE NETWORK We had a lab network that was suppoed to be VLAN'ed and sandboxes. One day they enabled DHCP on a POC device.....and it took down the switch on that floor. It wasn't as sandboxed as they claimed.
|
![]() |
|
Powerful Two-Hander posted:where's that article where someone found a random cat 5 cable on the bridge of an oil tanker and it turned out to be some sort of internal engineering diagnostic/control network that nobody knew about i haven't seen the article but i have experienced that exact situation a couple times off-shore on drilling rigs and deep-water subsea/pipelay vessels . poo poo is so haphazard out there.
|
![]() |
|
![]()
|
# ? Jun 18, 2024 09:32 |
|
abigserve posted:One thing I've noticed with facilities systems is that facilitates purchasing is super different to other purchasing internally for some reason it’s the thing where free market makes efficient and good decisions because of freedom of choice op like a robotics startup paying phds for time spent freeing space on their laptops because gently caress spending a tiny bit more to get a disk that can actually hold the necessary software instead of taping an external hdd to a rugged machine meant to go on outdoors field testing
|
![]() |