|
Internet Explorer posted:If this is directed at me, the software requires SMBv1 for pretty much everything. Not sure what you mean by "let the admin install and enable," unless you mean that Windows Server should install with SMBv1 disabled by default, in which case I would agree.
|
# ¿ Jun 28, 2017 23:30 |
|
|
# ¿ Apr 26, 2024 09:49 |
|
The issue seems to be that the "User=" field is interpreting the value "0day" as a UID, because usernames are not allowed to begin with numbers. So "0day" runs as root, and "7oz" doesn't run because there's no user with UID 7. It's possible that some part of systemd relies on reading the UID in this manner, which would mean that it isn't a bug. It is unexpected behavior, but so is a username that begins with a number.
|
# ¿ Jul 2, 2017 05:51 |
|
RFC2324 posted:What is the difference between a bug and "unexpected behavior"?
|
# ¿ Jul 2, 2017 05:59 |
|
vOv posted:If you look at the comment a bit down the page, the '7oz' user gets their thing run as root. Which is idiotic. If it fails to parse the username it should log a message saying so and then fail rather than defaulting to running it as root. Created a user '7oz' Created a test service that runs /usr/bin/whoami Started the service grep whoami /var/log/messages => 'Jul 1 22:29:47 hostname whoami[14664]: 7oz' This is systemd 229 so maybe I need 232 or newer?
|
# ¿ Jul 2, 2017 06:33 |
|
Hey speaking of certs, https://twitter.com/letsencrypt/status/882985570401701888
|
# ¿ Jul 6, 2017 17:21 |
|
Absurd Alhazred posted:So bad, the link is broken, too.
|
# ¿ Jul 16, 2017 19:15 |
|
Cugel the Clever posted:Anyone have input on the best alternative? I'm just a poor web deb with limited knowledge of the things my various tools have going on behind the scenes.
|
# ¿ Jul 18, 2017 18:36 |
|
Trabisnikof posted:It is smuggling the data inside the txt record itself you can do it with at least A, AAAA, CNAME, NS, TXT and MX records.
|
# ¿ Jul 21, 2017 07:58 |
|
Double Punctuation posted:Good news, everyone!
|
# ¿ Jul 25, 2017 19:09 |
|
orange sky posted:wait what I just spent a million on a flash-only storage gently caress this
|
# ¿ Jul 26, 2017 00:20 |
|
22 Eargesplitten posted:Months ago someone in one of the IT threads was saying there was a problem with fingerprint scanning as security on a cell phone. He didn't specify why, though. What's the problem with it? I got a new phone a few days ago and I know I should probably disable the Touch ID unlocking, but I'm wondering why.
|
# ¿ Jul 30, 2017 21:31 |
|
Twerk from Home posted:DEF CON needs to leave the USA ASAP. Wonder if they could get it done by next year.
|
# ¿ Aug 3, 2017 19:56 |
|
[quote="“Dylan16807”" post="“475011367”"] This isn’t about the scope of extradition, since he’s already from the UK. This is about direct grabbing during a visit, and that would be much less of an issue in any other western country. [/quote] I'm sorry I gave you the benefit of the doubt, I didn't know you were implying that hosting DefCon in a different Five Eyes country would be an improvement.
|
# ¿ Aug 3, 2017 22:37 |
|
Kerning Chameleon posted:
|
# ¿ Aug 4, 2017 21:47 |
|
maskenfreiheit posted:HOW CAN FLASH BE BAD IF HOMESTAR IS GOOD. RIDDLE ME THAT LINUX HUFFERS https://www.youtube.com/watch?v=L0nuQ5o2DYU&hd=1
|
# ¿ Aug 7, 2017 00:21 |
|
Moatman posted:I genuinely can't tell if that site is a big troll or not.
|
# ¿ Aug 18, 2017 03:41 |
|
I mean, I guess if it makes you feel better, http://devopsleague.com
|
# ¿ Aug 19, 2017 06:55 |
|
Wicaeed posted:Is it common practice for a third party we use to host an external support website (these guys are pretty large too) to ask for the following?
|
# ¿ Sep 1, 2017 20:53 |
|
It makes more sense when they can't generate a CSR. Either they are incapable of doing so, or they don't know how.
|
# ¿ Sep 1, 2017 21:16 |
|
CLAM DOWN posted:If someone tells me they can't generate a CSR, after I giggle arrogantly I usually just link them the google results for certutil or openssl or whatever, because jesus christ it's 2017 and still no one knows what a certificate is or how they work
|
# ¿ Sep 1, 2017 21:34 |
|
RFC2324 posted:sftp. That way you don't have to deal with loving SSL certs in a way that was never intended.
|
# ¿ Sep 2, 2017 19:49 |
|
D. Ebdrup posted:I was talking about piping standard streams through ssh, like you do with zfs send | receive - because I'd just been doing that to back up stuff, and it reminded me that you could theoretically do that.
|
# ¿ Sep 3, 2017 10:12 |
|
Because that website doesn't actually check if you put a real username/SSN in there, it is entirely a scam to get you to waive your class action rights. This doesn't have any bearing on whether or not arbitration is legal, but I've similarly heard that the clause is unenforceable, but the important thing is that you don't use that website.
anthonypants fucked around with this message at 22:38 on Sep 8, 2017 |
# ¿ Sep 8, 2017 22:36 |
|
lol https://twitter.com/mashable/status/906282056874942465
|
# ¿ Sep 8, 2017 23:31 |
|
Internet Explorer posted:Are you... Are you talking to my grandmother?
|
# ¿ Sep 12, 2017 05:38 |
|
BangersInMyKnickers posted:it's spelled and pronounced "Toronna" please get it right
|
# ¿ Sep 14, 2017 20:30 |
|
Turning off beaconing is as secure as not giving your website a DNS name.
|
# ¿ Sep 15, 2017 19:55 |
|
Potato Salad posted:CCleaner Also they got hacked http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html
|
# ¿ Sep 18, 2017 18:32 |
|
Potato Salad posted:"Hi there's a payload on our installer that we didn't know about"
|
# ¿ Sep 18, 2017 18:58 |
|
CLAM DOWN posted:https://nakedsecurity.sophos.com/2017/09/17/vevo-hacked-3-12-tb-of-data-leaked/
|
# ¿ Sep 18, 2017 20:45 |
|
DACK FAYDEN posted:edit: actually, also, why does Windows only let you uninstall one program at a time, what data collision is it trying to prevent?
|
# ¿ Sep 19, 2017 01:36 |
|
Three-Phase posted:General ITSEC question - how do criminals afford "junk domains" or whatever you'd call them to host malware/spyware or do command and control and so forth? A single .com domain can be like $10 or more a year, how do they register dozens or hundreds of "kj9fslidjflskdjgflkjdfg dot zyx" or whatever domains? They make up for it by making renewals really expensive, but malware vendors or spammers don't have to worry about that. anthonypants fucked around with this message at 02:43 on Sep 19, 2017 |
# ¿ Sep 19, 2017 02:41 |
|
If you're really worried about securely deleting data on an SSD then you should forget about filesystem-level writes and invest in a self-encrypting disk instead.
|
# ¿ Sep 21, 2017 02:42 |
|
Absurd Alhazred posted:WASHINGTON (Reuters) - The U.S. Securities and Exchange Commission (SEC), the country’s top markets regulator, said on Wednesday hackers may have illegally profited by trading using insider information stolen from its corporate disclosure database.
|
# ¿ Sep 21, 2017 05:04 |
|
Absurd Alhazred posted:If the SEC had stocks, I bet people higher up would have sold theirs before this disclosure.
|
# ¿ Sep 21, 2017 05:36 |
|
Proteus Jones posted:Via YOSPOS Sec gently caress thread
|
# ¿ Sep 22, 2017 22:03 |
|
And if you tried to copy large files to the temp folder you'd get people complaining that their disk is full. But you'll notice that Adobe includes network drives along with removable media.
|
# ¿ Sep 23, 2017 19:54 |
|
D. Ebdrup posted:I've heard of browsers that seemingly slow a computer to a crawl, but putting a buttcoin miner in an extension is a new high (or low). The author claims that there "has been a hack", but the extension hasn't actually been updated for over a month, so something doesn't quite add up.
|
# ¿ Sep 23, 2017 22:53 |
|
Boris Galerkin posted:https://www.reddit.com/r/privacy/comments/3frjqw/psa_kaspersky_injects_remote_javascript_into_all/ Unless you meant reddit, in which case, yes, reddit is very bad.
|
# ¿ Sep 27, 2017 06:32 |
|
|
# ¿ Apr 26, 2024 09:49 |
|
Absurd Alhazred posted:
|
# ¿ Sep 30, 2017 03:13 |