|
Would just like to throw out that the red text for him is fantastic.
|
# ¿ May 2, 2016 16:27 |
|
|
# ¿ Apr 26, 2024 00:43 |
|
CLAM DOWN posted:Interesting new password rules from NIST: https://pages.nist.gov/800-63-3/ These are excellent rules.
|
# ¿ Aug 18, 2016 19:13 |
|
OSI bean dip posted:Please come out to this sometime: Need one of these in Edmonton, yarr.
|
# ¿ Sep 7, 2016 21:50 |
|
EssOEss posted:Mozilla’s CA team has lost confidence in the ability of WoSign/StartCom to faithfully and competently discharge the functions of a CA. Therefore we propose that, starting on a date to be determined in the near future, Mozilla products will no longer trust newly-issued certificates issued by either of these two CA brands. This is excellent.
|
# ¿ Sep 27, 2016 16:57 |
|
Thanks Ants posted:Ah, the "have cake and eat it" approach to discussions The ever classic.
|
# ¿ Sep 27, 2016 20:27 |
|
Ah Kazaa and Limewire. Willfully infecting your computer with the worst aids in order to listen to some mp3's.
|
# ¿ Oct 24, 2016 18:10 |
|
Absurd Alhazred posted:From the A/T cons and scams thread: There is no facepalm big enough
|
# ¿ Dec 7, 2016 17:42 |
|
Was it so people didn't have to brave the snow?
|
# ¿ Dec 7, 2016 18:29 |
|
Kazinsal posted:The Free Software Foundation's developers being anti-women turbospergs who are actually really bad at what they do is entirely unsurprising Pretty much.
|
# ¿ Dec 21, 2016 17:46 |
|
Looks like some cute fireworks blowing up around the BetterDiscord community. Haven't read into anything that's going on, my twitter feed is just getting a few people throwing red flags around.
|
# ¿ Feb 21, 2017 20:11 |
|
Not super deep digging, but there may just be no issue. BetterDiscord seems fine; people appear to be the problem (shocker). They're throwing a hissy fit about a 3rd party plugin that was stealing auth tokens and BetterDiscord is taking all the blame. I am the dumb for not spending a minute of my time to read into that before posting "oh hey this could be fun". This was the image that started the whole bush fire:
|
# ¿ Feb 21, 2017 20:20 |
|
Doug posted:Good post. You should really work it up into a blog post, I think there are probably a lot of people that would get value out of it. Agree with that. Also excellent story.
|
# ¿ Feb 22, 2017 19:03 |
|
Absurd Alhazred posted:Double-posting for urgency: Hahahhahahahahahahahaha
|
# ¿ Mar 15, 2017 18:11 |
|
Wiggly Wayne DDS posted:that they've gone to the media to coerce payment and didn't make an example of, say, a thousand random devices being wiped says it all Pretty much this.
|
# ¿ Mar 23, 2017 18:04 |
|
So this came across my feed: https://twitter.com/Snowden/status/850766326943690752 Haven't had a chance to look through it yet.
|
# ¿ Apr 8, 2017 20:07 |
|
Moatman posted:Note to self: don't stop massive malware attacks or the press will doxx you. https://flipboard.com/@thenextweb/-doxing-the-hero-who-stopped-wannacry-wa/f-fa540c0a7c%2Fthenextweb.com What in the actual gently caress is this... Unreal lol
|
# ¿ May 15, 2017 20:14 |
|
hobbesmaster posted:yeah I can't believe flipboard is still going either
|
# ¿ May 15, 2017 22:25 |
|
Mopp posted:OK, I managed to crack the first part and got two flags. It looks like the traffic gets encrypted after this exchange. drat this actually looks fun.
|
# ¿ Jul 26, 2017 18:33 |
|
Moatman posted:For some reason I only post in this thread when it's about Marcus Hutchins (@MalwareTechBlog) but it sure looks like he just got blackbagged by the FBI .....
|
# ¿ Aug 3, 2017 19:00 |
|
I'm glad they've managed to at least figure out where he is. Doesn't make this any less insane though.
|
# ¿ Aug 3, 2017 19:11 |
|
Lockpick village would be hard to replicate online. That place is so fun.
|
# ¿ Aug 4, 2017 17:54 |
|
EveryMicrosoftExamEver.jpg
|
# ¿ Aug 31, 2017 22:13 |
|
Wicaeed posted:Is it common practice for a third party we use to host an external support website (these guys are pretty large too) to ask for the following? What are you trying to do here? Renew a cert? I would say you are extremely correct to be suspect of this request. I can't imagine a world in which they would need your private key for any reason other than to pretend to be your company.
|
# ¿ Sep 1, 2017 19:06 |
|
BangersInMyKnickers posted:Phasing out 3DES is going to be a huge PITA since its the last symm cipher XP/2003 and older systems have left and the world is going to scream murder over it. It will be painful, but it will also be glorious.
|
# ¿ Sep 1, 2017 22:56 |
|
So literally any info, even fake garbage, was likely at risk? Dang I guess we should all sign up for the credit monitoring. Borrowed this from another thread: quote:You give up your right to sue Equifax. If you get the credit monitoring service, you must agree to submit any complaints against Equifax to arbitration. You can’t sue on your own behalf, and you can’t join a class-action case or benefit from any class-action settlement that Equifax agrees to. Well alright then.
|
# ¿ Sep 8, 2017 22:06 |
|
Subjunctive posted:NY AG says that clause is illegal and unenforceable, has told Equifax to remove it. I admit to being an ignorant Canadian, but I thought I heard arbitration clauses were legal. Super glad to hear that I was wrong.
|
# ¿ Sep 8, 2017 22:32 |
|
That's impressive. I don't even know how to feel about that.
|
# ¿ Sep 12, 2017 18:33 |
|
Potato Salad posted:CCleaner lol
|
# ¿ Sep 18, 2017 18:35 |
|
CLAM DOWN posted:https://nakedsecurity.sophos.com/2017/09/17/vevo-hacked-3-12-tb-of-data-leaked/ Unreal. I love this.
|
# ¿ Sep 18, 2017 19:48 |
|
Potato Salad posted:I think at least some small part of it is how short our memories are, and how powerfully conditioned we seem to be to give every possible benefit of the doubt to the invisible hand of money -- capitalism as something that cultivates self-policing, ethical behavior. My much more personal opinion is that we frequently conflate capitalism, patriotism, and Christianity -- so many Americans fuse those three separate things into a single lens through which they interpret the world. I'm only really comfortable living where I do because my husband is a canadian citizen with a current passport with our marriage certificate stapled inside
|
# ¿ Sep 27, 2017 20:22 |
|
Actual content: There's a TOR tunnel to Ireland going through a firewall at one of my clients. Happy Wednesday.
|
# ¿ Sep 27, 2017 20:44 |
|
CLAM DOWN posted:Bank websites (lol) This is less funny because it's true.
|
# ¿ Sep 30, 2017 00:54 |
|
CLAM DOWN posted:https://googleprojectzero.blogspot.ca/2017/10/over-air-vol-2-pt-3-exploiting-wi-fi.html This owns. D. Ebdrup posted:Endless Septemper keeps on giving: A critical vulnerability has been identified in TPM 1.2 and 2.0.
|
# ¿ Oct 11, 2017 20:14 |
|
anthonypants posted:Does android still do that thing where if you install a root certificate, like you might for a VPN, it leaves a notification forever that your phone's network activity is being monitored? There were at least two threads about it on the Google issue tracker, but that was a while ago and they've been disappeared. I also haven't had this stuck on my Andriod for a while now.
|
# ¿ Oct 17, 2017 01:01 |
|
e: wrong as gently caress thread Content >> I have no idea how much bandwidth I push over my VPN monthly, but my home connection (Twitch, Youtube, imgur, stuff) can push 1TB with those services alone. ChubbyThePhat fucked around with this message at 00:16 on Oct 19, 2017 |
# ¿ Oct 19, 2017 00:13 |
|
Volmarias posted:Sometimes when we want to move the big crate of data it doesn't have straps or handles, so we sort of have to shove it and push it to get it over there instead of being able to pull it. Kicking and screaming where necessary.
|
# ¿ Oct 19, 2017 16:33 |
|
Volmarias posted:I'm curious: who's requesting the service from you? The person whose credit is being pulled, or an agent acting on their behalf (finance person at a store, etc)? Is this some sort of credit escrow service where you can "prove" to an interested party that you'll be a good risk without having to give them more intimate details? Good post/av combo.
|
# ¿ Oct 25, 2017 00:51 |
|
"This seems like a bad idea. I could just call up and be like 'hey my SSN is <insert SSN of marketing guy>' and get a credit check pulled as some random dude I don't know."
|
# ¿ Oct 25, 2017 17:08 |
|
D. Ebdrup posted:That sounds like the kind of Fun you get in Dwarf Fortress. Everything always ends in fire. ...So we're not far off really.
|
# ¿ Nov 2, 2017 18:36 |
|
|
# ¿ Apr 26, 2024 00:43 |
|
That's pretty much accurate. It can be a pain to stand up a CA inside an already existing environment because lots of authentication will break until you sort out the individual certs.
|
# ¿ Nov 2, 2017 19:38 |