Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
The Iron Rose
May 12, 2012

Cat Army


klosterdev posted:

Are we talking about the Google/Oracle API Copyright case now

APIs are the intellectual property equivalent of QWERTY!

Adbot
ADBOT LOVES YOU

D. Ebdrup
Mar 13, 2009



People who're looking for guides on how to find vulnerabilities might get something out of reading this.

Subjunctive
Sep 12, 2006

careful now


Achmed Jones posted:

It's very likely you're legally compelled to block traffic from embargoed countries. Geoip blocking is useless for actually preventing attacks from those countries, but does fulfill your legal obligation*

At a previous job about a decade ago, we had a download map for a consumer software release (which included strong crypto) and there was some noise about the fact that Iran appeared and was tracked. The solution was to just exclude Iran from the geo-IP lookup set and show up as “unknown” along with a few Pacific islands or whatever. We didn’t have to block it if we weren’t determining where it was from, per our counsel at the time.

If you can identify your users the standards are different, I believe, so our services signup had to take more steps to attempt to avoid the banned countries (and theoretically the DPL but nobody really bothers outside of finance and some dual-use applications AFAICT).

Subjunctive
Sep 12, 2006

careful now


D. Ebdrup posted:

People who're looking for guides on how to find vulnerabilities might get something out of reading this.

Swearing isn’t as good as “TODO” I suspect, but any code that evokes an emotional reaction in the writer is suspect.

e: oop, double

Internet Explorer
Jun 1, 2005


Thanks everyone who chimed in about Darktrace. Glad to hear "you don't necessarily need something like this" is the consensus. I don't know if I'll be able to convince management to drop it entirely, but if we don't need it I'm not going to bother offering up an alternative. I'll just suggest way pay as little as possible for renewal or drop it. We still have a lot of low-hanging fruit we could be focusing on.

D. Ebdrup
Mar 13, 2009



Subjunctive posted:

Swearing isn’t as good as “TODO” I suspect, but any code that evokes an emotional reaction in the writer is suspect.

e: oop, double
I mean, at the end of the day, XXX is a lot of fun, even in code.

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate






Rufus Ping
Dec 27, 2006





I'm a Friend of Rodney Nano


Biowarfare posted:

I haven't done this in a while, what's the easiest way to break cert pinning on a Win32 application?

file magic says PE32 executable (GUI) Intel 80386, for MS Windows; as far as I know it ships with embedded OpenSSL and a bunch of CA certificates embedded into the exe.


edit: I'm going to hex editing a DER into one of the replacements and see what happens, lol

Either do that or edit it to use SSL_VERIFY_NONE if you can find the right place

Bob Morales
Aug 18, 2006

I love the succulent taste of cop boots

Achmed Jones posted:

It's very likely you're legally compelled to block traffic from embargoed countries. Geoip blocking is useless for actually preventing attacks from those countries, but does fulfill your legal obligation*

*In my experience, that is. I am not a lawyer, this is not legal advice

Anyone else have to disable QUIC?

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

Internet Explorer posted:

If you need to follow ITAR or something, it's absolutely something that you'll need to do. Pretty much for the reasons stated above.

That's....not my experience, and my environment passes annual alphabet soup audits with flying colors each year.

Internet Explorer
Jun 1, 2005


Potato Salad posted:

That's....not my experience, and my environment passes annual alphabet soup audits with flying colors each year.

Really? It always seems like one of the first requests.

Thanks for the correction. I guess it's one of those things that persists like regular password resets / complex passwords. Maybe it's something I need to start pushing back on!

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

Internet Explorer posted:

Really? It always seems like one of the first requests.

Thanks for the correction. I guess it's one of those things that persists like regular password resets / complex passwords. Maybe it's something I need to start pushing back on!

definitely do whatever the suits from ABC XYZ tell you to do, of course

Maneki Neko
Oct 27, 2000



Whoa, looks like Tyler Tech who is in deep with lots of government clients paid out their ransom:

https://www.bleepingcomputer.com/ne...decryption-key/

Methylethylaldehyde
Oct 23, 2004

BAKA BAKA


Internet Explorer posted:

Really? It always seems like one of the first requests.

Thanks for the correction. I guess it's one of those things that persists like regular password resets / complex passwords. Maybe it's something I need to start pushing back on!

A lot of time this is poo poo like 'you must use the DoD 7 wipe DBAN or else the drive isn't clean' that persists more out of it being tons easier to wait an extra day for the drive to be reusable than it is to argue with your boss who has to argue with legal who has to argue with some government drone, who then has to make a descison, who then tells you "no, do it anyway."

ITAR/FINRA/HIPPA poo poo on the technology side is a big 'one size fits all, if you squint at it right', with a ton of poo poo that are genuine good ideas interspersed with poo poo that might have made sense two decades ago but now is the regulatory equivalent of vestigial limbs. If it's stupid but it makes the auditors happy, it's our job to make it somehow work, not call the nice XYZ agency guy a dipshit (at least to his face).

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

secret hint: All ITAR boils down to "don't let unapproved foreign persons see widget" one way or another

That's, when you're trying to do work, sometimes you're trying to secure access to widget. sometimes you're trying to recategorize or beneficially categorize widget. sometimes you are applying for an approval license.

technical controls themselves don't exist specifically in the itar

Bob Morales
Aug 18, 2006

I love the succulent taste of cop boots

Methylethylaldehyde posted:

A lot of time this is poo poo like 'you must use the DoD 7 wipe DBAN or else the drive isn't clean' that persists more out of it being tons easier to wait an extra day for the drive to be reusable than it is to argue with your boss who has to argue with legal who has to argue with some government drone, who then has to make a descison, who then tells you "no, do it anyway."

ITAR/FINRA/HIPPA poo poo on the technology side is a big 'one size fits all, if you squint at it right', with a ton of poo poo that are genuine good ideas interspersed with poo poo that might have made sense two decades ago but now is the regulatory equivalent of vestigial limbs. If it's stupid but it makes the auditors happy, it's our job to make it somehow work, not call the nice XYZ agency guy a dipshit (at least to his face).

I'm digging through a pile of servers and removing any RAM cache from RAID controllers and destroying them today. Because paranoid.

Sir Bobert Fishbone
Jan 16, 2006

Beebort


Maneki Neko posted:

Whoa, looks like Tyler Tech who is in deep with lots of government clients paid out their ransom:

https://www.bleepingcomputer.com/ne...decryption-key/

They've been extremely tight-lipped about this, even with the support managers I've spoken to, who say they don't know anything more about it than the customers do. Wonder when they paid--their phone systems are all still completely down.

Saukkis
May 16, 2003

Unless I'm on the inside curve pointing straight at oncoming traffic the high beams stay on and I laugh at your puny protest flashes.
I am Most Important Man. Most Important Man in the World.

Bob Morales posted:

I'm digging through a pile of servers and removing any RAM cache from RAID controllers and destroying them today. Because paranoid.

Now that I think about it, I'm not sure how to erase the data on the flash backed write cache on our company servers, what data might be there and in which situations it gets written there. I assume it only happens if the server loses power, so most of the UPS connected servers will have them empty. But then there are those few servers that have started misbehaving enough that I've gone to yank the power leads.

spankmeister
Jun 15, 2008








e: nvm im wrong

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

Saukkis posted:

Now that I think about it, I'm not sure how to erase the data on the flash backed write cache on our company servers, what data might be there and in which situations it gets written there. I assume it only happens if the server loses power, so most of the UPS connected servers will have them empty. But then there are those few servers that have started misbehaving enough that I've gone to yank the power leads.

1)if the cache was nand, hammer it to gently caress
2) if the cache was dram backed by a battery, unplug the battery
3) hammer everything to gently caress anyway, it's fun form of stress relief

Mustache Ride
Sep 11, 2001



Pillbug

Go rent this from lowes: https://www.lowes.com/pd/Detail-K2-...ires/1002826350

Volmarias
Dec 31, 2002


Saukkis posted:

Now that I think about it, I'm not sure how to erase the data on the flash backed write cache on our company servers, what data might be there and in which situations it gets written there. I assume it only happens if the server loses power, so most of the UPS connected servers will have them empty. But then there are those few servers that have started misbehaving enough that I've gone to yank the power leads.

Something something degauss something lower it into a vat of molten metal

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate





Do they have physical shredders for hard drives yet? I want to reduce a rectangle of metal to strips.

Maneki Neko
Oct 27, 2000



Cup Runneth Over posted:

Do they have physical shredders for hard drives yet? I want to reduce a rectangle of metal to strips.

Most of the truck mounted shredders will do it. We have one site where we inherited one of these from the previous regime, it has a very satisfying "destroy" button:

https://garnerproducts.com/products...drive-destroyer

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

degauss before physical destruction if you're a federal contractor

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!

Maneki Neko posted:

Most of the truck mounted shredders will do it. We have one site where we inherited one of these from the previous regime, it has a very satisfying "destroy" button:

https://garnerproducts.com/products...drive-destroyer
That's certainly an expensive sledgehammer.

D. Ebdrup
Mar 13, 2009



There's always the thermite recipe from the anarchists cookbook.

astral
Apr 26, 2004



D. Ebdrup posted:

There's always the thermite recipe from the anarchists cookbook.

https://www.youtube.com/watch?v=-hNQ280Zkk4

D. Ebdrup
Mar 13, 2009



https://www.youtube.com/watch?v=2iWB7FkuM_4

Bob Morales
Aug 18, 2006

I love the succulent taste of cop boots

Volmarias posted:

Something something degauss something lower it into a vat of molten metal

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate





Maneki Neko posted:

Most of the truck mounted shredders will do it. We have one site where we inherited one of these from the previous regime, it has a very satisfying "destroy" button:

https://garnerproducts.com/products...drive-destroyer

Crushing is good but I'm talking about turning a hard disk drive into strips like you put a piece of paper in a paper shredder.

klosterdev
Oct 10, 2006

Na na na na na na na na Batman!

Kind of surprised I never hear about systems that heat a hard drive up to the platter's curie temperature for data destruction

Methylethylaldehyde
Oct 23, 2004

BAKA BAKA


Cup Runneth Over posted:

Crushing is good but I'm talking about turning a hard disk drive into strips like you put a piece of paper in a paper shredder.

https://www.youtube.com/watch?v=wb3Xa1h_RqM

It's as magnificent to behold in person as you'd expect.

D. Ebdrup
Mar 13, 2009



klosterdev posted:

Kind of surprised I never hear about systems that heat a hard drive up to the platter's curie temperature for data destruction
Don't worry, it's not a topic that's been left untouched:

video abstract posted:

How much more paranoid are you now than you were four years ago? Warrantless surveillance and large-scale data confiscation have brought fear of the feds filching your files from black helicopter territory into the mainstream. Recent government snatch-and-grabs have run the gamut from remotely imaging foreign servers to straight up domestic coffeeshop muggings, so if you think you might need to discard a lot of data in hurry you're probably right. In their legendary DEF CON 19 presentation Shane Lawson, Bruce Potter and Deviant Ollam kicked off the discussion, and now it's time for another installment. While purging incriminating material residing on spinning disks remains the focus, the research has been expanded to encompass solid state storage and mobile solutions to your terabyte trashing needs. With best efforts to comply with the original constraints, the 2015 update features more analysis of the efficacy of kinetic projectiles, energetic materials and high voltages for saving your freedom at the potential cost of only a redundant body part... or two.
https://www.youtube.com/watch?v=-bpX8YvNg6Y

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

D. Ebdrup posted:

There's always the thermite recipe from the anarchists cookbook.

There was a good DEFCON talk on hard disk destruction:

https://www.youtube.com/watch?v=-bpX8YvNg6Y

Saukkis
May 16, 2003

Unless I'm on the inside curve pointing straight at oncoming traffic the high beams stay on and I laugh at your puny protest flashes.
I am Most Important Man. Most Important Man in the World.

Cup Runneth Over posted:

Do they have physical shredders for hard drives yet? I want to reduce a rectangle of metal to strips.

In the 00s I was researching for drive destruction and I found a hand-operated single drive shredder. Same principle as the videos posted, but with a handle on the side you cranked. I bet that would have been some satisfying to use, probably even better than the hammer.

Methylethylaldehyde
Oct 23, 2004

BAKA BAKA


Saukkis posted:

In the 00s I was researching for drive destruction and I found a hand-operated single drive shredder. Same principle as the videos posted, but with a handle on the side you cranked. I bet that would have been some satisfying to use, probably even better than the hammer.

.308 HDD Decommissioning will always be my favorite way to do things.

dougdrums
Feb 25, 2005
CLIENT REQUESTED ELECTRONIC FUNDING RECEIPT (FUNDS NOW)

.

Only registered members can see post attachments!

Darchangel
Feb 12, 2009

Tell him about the blower!




Oh, hey, a '90s Mac. I like Macs, but... go ahead and shoot that one.

Adbot
ADBOT LOVES YOU

klosterdev
Oct 10, 2006

Na na na na na na na na Batman!

Performas were awful for a kid who couldn't play his friend's DOS/Win95 computer games

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply