|
Really sad someone has https://www.amicybersafe.org right now.
|
![]() |
|
![]()
|
# ? Jun 22, 2024 10:23 |
|
Ellipson posted:Close down Infosec, we've got 5 Dimensional Crypto now Apparently they practically booed them off the stage, it was that lovely and fake
|
![]() |
CommieGIR posted:Apparently they practically booed them off the stage, it was that lovely and fake nevermind how bad it gets when you add nebulously defined crypto to it
|
|
![]() |
|
Lucid Nonsense posted:I posted in here a while back, and got some good feedback. I've been promoted to a decision making level on the software dev side for an alternative to Splunk. We run splunk and elastic. I like that splunk lets you extract after forwarding. Their search syntax is also pretty easy to learn.
|
![]() |
|
D. Ebdrup posted:mental illness is one hell of a drug And when they straight ignore actual maths, while claiming to know maths.
|
![]() |
|
CommieGIR posted:And when they straight ignore actual maths, while claiming to know maths. quote:DON'T ROLL YOUR OWN CRYPTO
|
![]() |
|
Crypto: Brought to you by the History Channel and Ancient Aliens
|
![]() |
|
CommieGIR posted:And when they straight ignore actual maths, while claiming to know maths. I had a pitch from a startup whose premise was, baldly, "we violate CAP and provide all three because our code is really efficient". I'm sure someone funded them, it was a pretty well-put-together presentation.
|
![]() |
|
CommieGIR posted:Apparently they practically booed them off the stage, it was that lovely and fake Not only booed them off the stage, got debunked live in person with a finisher of someone taking the mic to just yell at them, lol
|
![]() |
|
LtCol J. Krusinski posted:I’ve just finished reading this entire thread, and I saved several of your posts into my keep for later.rtf file. If you wouldn’t mind, could you expand on your disdain for AV software? Is it all AV software or just certain companies? I don't really feel the need to talk about my time in the industry any longer--this was years ago and I've moved on to cooler things. My role wasn't super important but it did let me know how the inner-workings of the whole thing work. It's the fundamentals of AV that are wrong so it's irrelevant to anyone or even myself what company I worked for since the principles are all the same. The AV vendors with larger research and analysis teams are the vendors that tend to get better coverage but really that is it. AV doesn't scale well and is a technological dead-end as there are better ways to thwart off malware and the like.
|
![]() |
Ellipson posted:Not only booed them off the stage, got debunked live in person with a finisher of someone taking the mic to just yell at them, lol
|
|
![]() |
|
If you scroll through the twitter thread there is some video further down. People yelling “get off the stage! You shouldn’t be here!” lmao
|
![]() |
|
Double Punctuation posted:Big zero-day EOP for Steam: Ars has an article with a more clear example, which is much easier to understand than the somewhat incoherent blog. The guy is russian so ESL is understandable, but in this case I've seen uninformed pushback from the Steam Defense Force & people not understanding it. I didn't quite follow the final steps in the blog myself, but looked at the guy's twitter and another security guy who had also submitted the same exploit and got stonewalled put a simple example on github. The flaw is absolutely on steam's part, and it's that the steam service stomps on security permissions every time it runs, blindly, on everything in the steam registry subdirectory. Restricting registry symbolic links to SeCreateSymbolicLinkPrivilege wouldn't help in practice since symbolic links are one of the things that doesn't fire a UAC prompt if you're an Administrator, which most people are. (It is weird that non-admins can do it in the registry tho. ![]() If the service only set it once when steam installs, or in a targeted way when it installs a new game, it wouldn't be quite as exploitable. Plus apparently the info steam keeps in that subdirectory is related to the redistributes that Steam now keeps centralized (rather than every game coming with 200mb of directx). Not particular games. also also, klosterdev posted:
|
![]() |
|
CommieGIR posted:I'm mostly self-taught, so I have a little bit of a bias, but lab courses, youtube videos, and online guides are my classroom. Best way is a virtual lab, via Virtualbox, a couple VMs, and a Kali instance. I tend to agree. You won't catch me knocking classroom learning -- it's a great way to learn theory and fundamentals, and I'm very glad of my CS degree -- but you've got to supplement that with reading cool poo poo and trying cool poo poo for yourself. Hell, at one job soon after college, I got a reputation as the office's "white hat hacker" because I was able to recover a bunch of deleted emails from someone's local Outlook mailbox. I happened to have run across the method of blowing away the table of contents with a hex editor and then letting scanpst rediscover everything. Not exactly an advanced technique, but nobody else there knew of it, and it's not really the sort of thing that would come up in a classroom either. And that job led directly to one where I started having actual infosec responsibilities (and started realizing just how much I still had to learn).
|
![]() |
|
Lain Iwakura posted:I don't really feel the need to talk about my time in the industry any longer--this was years ago and I've moved on to cooler things. My role wasn't super important but it did let me know how the inner-workings of the whole thing work. Thanks for the response. I actually found an old OP you did for the “Your operating system has poor operational security” thread and it answered any questions I had about AV. I’m trying to read all the IT and Infosec threads, there’s good nuggets of info in those threads, there are lots of good recommendations and what have you.
|
![]() |
Oh, everything makes sense now. It was a sponsored talk. Has DEFCON^wblackhat sold out? BlankSystemDaemon fucked around with this message at 19:52 on Aug 9, 2019 |
|
![]() |
|
noted good security events defcon and blackhat
|
![]() |
|
Defenestrategy posted:I "Learn to use Kali, learn to use Wireshark, and Learn to use niche software that looks like it hasn't been updated since the mid 2000's and hopefully not cop some liability for accidentally destroying evidence". On the flip, tools created in the mid 2000s are still good when you are finding systems that have not been updated since the mid 2000s.
|
![]() |
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. No, but they will next year, which is 2009.
|
![]() |
|
EVIL Gibson posted:On the flip, tools created in the mid 2000s are still good when you are finding systems that have not been updated since the mid 2000s. True, but I have no clue if it was because the tools are niche enough, I can't remember exactly which tools but there was some stuff for steganography and recovery of deleted/scrubbed files we played with, the company who produces it can just kinda coast on a really poor Windows 98 UI that crashes on newer systems or if the school was just cheap and using depreciated software, or both.
|
![]() |
|
ah not naming names just encase they find out
|
![]() |
|
Just your regular reminder of where my hatred of AV comes from: https://twitter.com/ericlaw/status/1159850783862640641 Avast has done this poo poo before too.
|
![]() |
|
I'm sorry, Jon.
|
![]() |
|
Stanley Pain posted:I'm sorry, Jon. I hate zero days Jon
|
![]() |
|
Lain Iwakura posted:Just your regular reminder of where my hatred of AV comes from: Yeah, our most common crashes in Firefox were consistently a) Flash, b) Flash, c) DLLs injected by AV bullshit, d) Flash. It's been going on a long time.
|
![]() |
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. This happens pretty regularly. Enough that I think they have a a spot or two reserved for nutters. Normally they're entertaining enough noone really cares.
|
![]() |
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. ![]()
|
![]() |
|
yea actually
|
![]() |
|
I wish we could make this the thread title
|
![]() |
|
Next week as my team's on-call rotation is rolling over, gonna offer the next person up the choice of drowning in alerts or balls and see what happens. Because the best move isn't obvious here.
|
![]() |
|
Docjowles posted:Next week as my team's on-call rotation is rolling over, gonna offer the next person up the choice of drowning in alerts or balls and see what happens. Because the best move isn't obvious here. It's kind of disappointing that no one has made a teabagging emoji yet.
|
![]() |
|
Never seen a better name, post, avatar combination before.
|
![]() |
|
Anyone ever use Bay Dynamics Risk Fabric? Seems ok, waiting on a PoC to be installed in our lab soo.
|
![]() |
|
![]()
|
![]() |
|
![]()
|
![]() |
|
Just that picture is enough to make me laugh. That whole poo poo-show was amazing.
|
![]() |
|
Wiggly Wayne DDS posted:ah not naming names just encase they find out Since OpenText took over that product has taken a nosedive.
|
![]() |
|
What's the best option for a group of u.s. immigration lawyers looking to move off of Facebook? I'm suggesting Signal, but I think they want something more like the fb group setup. Tech skills vary too much for anything extremely niche, and they are using phones, macs, and pcs. I've lurked in the thread on and off for years, but am not skilled or qualified, just looking to give a group of good people doing good work good advice. I'm not sure what options exist that are secure against both bad actors and, potentially, state actors ![]()
|
![]() |
|
The Aphasian posted:What's the best option for a group of u.s. immigration lawyers looking to move off of Facebook? I'm suggesting Signal, but I think they want something more like the fb group setup. Tech skills vary too much for anything extremely niche, and they are using phones, macs, and pcs. What makes you think Discord or Slack are somehow anymore secure or safe than Facebook? Maybe use Telegram or something I dunno, not sure what you mean by "fb group setup" and this seems pretty paranoid.
|
![]() |
|
![]()
|
# ? Jun 22, 2024 10:23 |
|
Sorry. I meant they will want something with the ability to follow different threads/posts/conversations in a format that allows a moderator to add and remove people as needed. I honestly don't know how discord or slack compare because I'm ignorant. I am probably overthinking it. Ive been editing a podcast for an immigration lawyer, and the stories and cases they discuss probably just made me depressed and paranoid.
|
![]() |