|
Subjunctive posted:Gonna risk a triple-post and quote myself from another thread: If it's the company I think it is then it does in fact stay installed, constantly "suggests" that you buy the full anti-virus, and finds problems like "this web browser you never use has some kind of edge-case vulnerability if you are dumb enough to use it, but if you want us to automatically fix it you'll need to buy our full suite."
|
# ¿ Apr 30, 2016 03:42 |
|
|
# ¿ Mar 28, 2024 12:07 |
|
Mr Chips posted:Is there anything more recent than Ormandy's 2012 stuff on Sophos being poo poo? Central IT at my workplace has a 'policy' that it has to be installed on all machines (including RHEL machines) and having it sitting there taking up 200+ Mbytes x 2000 VMs seems like a waste of resources. Just use the back door to disable all of them.
|
# ¿ May 3, 2016 01:51 |
|
Subjunctive posted:To follow up here: this vendor's tool was installing itself and being obnoxious, so we have removed it from the program until they remedy that. We do not want to be recommending tools to our users that result in AV software being installed. Complaining is where I'm a Viking!
|
# ¿ May 5, 2016 02:02 |
|
OSI bean dip posted:When I had them pay my company a visit, they gave a full-on demo and even repacked the malware, etc to show off its abilities--which was suspiciously done mind you. When I asked what they'd do when their "magic math" is compromised, they said that they could just adjust some variables and carry on, which smelt of horseshit. I'm having a hard time finding non-effusive coverage about them online (I spent a whole couple of seconds googling them!), but sounds to me like they've been founded by quantitative finance people.
|
# ¿ May 5, 2016 17:13 |
|
What does this thread feel about Bruce Schneier? I've been getting his CRYPTO-GRAM since I want to say the late '90s or early '00s. Way before blogs were a common thing.
|
# ¿ May 13, 2016 02:21 |
|
Subjunctive posted:And as long as you build from source, you know that you're getting the right thing. Oh, I don't know about that. Did you build your build environment from source? Did you get your boostrapping framework audited? Did you get your auditor audited?
|
# ¿ Aug 27, 2016 03:33 |
|
FeloniousDrunk posted:I think for all the fun I have provided I at least deserve a red text. Also, the project lives on, with hazard warnings, because I am a) a dumbass and b) it's useful for other ideas (no crypto). I'd also like to thank all of you for your mostly helpful and not at all calling me an idiot feedback. Special thanks for the PoC and explanation which I have understood. As my username implies, I do get ideas that are not quite rational from time to time. How about you pay for your own red text?
|
# ¿ Sep 6, 2016 03:24 |
|
The latest SMBC is appropriate: The Infosec Thread: It's people! The security vulnerability is people!!
|
# ¿ Sep 10, 2016 05:11 |
|
Internet Explorer posted:Sorry, I only store my hashed password database on an encrypted flash drive stuffed in my rectum that requires a specific sequence of hot peppers at random Scoville values to dislodge. Infosec is a joke.
|
# ¿ Nov 15, 2016 06:24 |
|
psydude posted:It's pretty easy. The part of the Conrad book that explains the order of importance of "values" basically gives you the key to the exam. "The horror. The horror."
|
# ¿ Dec 2, 2016 04:56 |
|
From the A/T cons and scams thread:504 posted:My brand new staff member (night shift) gave me the best present ever. People are the weakest link in your security framework.
|
# ¿ Dec 7, 2016 03:42 |
|
eames posted:This is madness. We made it! Not as a notable site, but at least to the top 10,000 on Alexa.
|
# ¿ Feb 24, 2017 14:31 |
|
MD5 is deader than dead. https://twitter.com/__spq__/status/838583044260904960
|
# ¿ Mar 8, 2017 00:46 |
|
https://twitter.com/preinheimer/status/841273046317060105
|
# ¿ Mar 14, 2017 07:37 |
|
Cup Runneth Over posted:But how do you communicate a secure location for them to meet?? The location doesn't have to be secure if they can just whisper sweet nothings into each others` ears.
|
# ¿ Mar 14, 2017 08:02 |
|
Cup Runneth Over posted:meanwhile, next door פורים שמח!
|
# ¿ Mar 14, 2017 08:58 |
|
LOL (, possibly)
|
# ¿ Mar 15, 2017 02:54 |
|
Volmarias posted:Context for those of us not Australian? Or is it just the funny goatse? It's the Goatse.
|
# ¿ Mar 15, 2017 03:52 |
|
Double-posting for urgency: https://twitter.com/Maliciouslink/status/841789009852538880
|
# ¿ Mar 15, 2017 04:16 |
|
https://twitter.com/hacks4pancakes/status/843299108504948736
|
# ¿ Mar 19, 2017 04:13 |
|
Cutting edge stuff: https://twitter.com/thezdi/status/842788469923442689
|
# ¿ Mar 21, 2017 03:23 |
|
Subjunctive posted:Nobody should ever write anything connected to the internet in C. As long as you religiously query the API about data sizes and allocate appropriately before receiving anything, it's safe as houses.
|
# ¿ Apr 8, 2017 20:45 |
|
ratbert90 posted:Remove all kernels from existence. And all underlying libraries. Don't roll your own sockets
|
# ¿ Apr 8, 2017 20:49 |
|
https://twitter.com/ReneFreingruber/status/855090151411855361/photo/1 Javascript was a mistake.
|
# ¿ Apr 22, 2017 07:28 |
|
Might be too late to uninstall Ghostery, but who knows? https://twitter.com/1BlockerApp/status/858578767039651841
|
# ¿ Apr 30, 2017 21:24 |
|
DON'T ROLL YOUR OWN ROBOTS
|
# ¿ May 3, 2017 13:20 |
|
EVIL Gibson posted:Speaking of third party auth... I got one of these today from someone I've had email correspondence with. Of course I was suspicious, not least due to the hhhhhhh recipient. I marked it as spam, and gmail was kind enough to allow me to mark my correspondent as at risk of having been compromised, which presumably will warn him, as well.
|
# ¿ May 4, 2017 02:08 |
|
Any guesses? https://twitter.com/taviso/status/860679110728622080
|
# ¿ May 6, 2017 03:21 |
|
|
# ¿ May 6, 2017 04:14 |
|
andrew smash posted:seems to be this?
|
# ¿ May 9, 2017 04:26 |
|
Antivirus: not even once. ETA: https://twitter.com/FAANews/status/861697994323787776 Absurd Alhazred fucked around with this message at 05:13 on May 9, 2017 |
# ¿ May 9, 2017 04:35 |
|
https://twitter.com/NerdPyle/status/719977329548664832 https://twitter.com/NerdPyle/status/863203884595953664
|
# ¿ May 13, 2017 05:18 |
|
https://twitter.com/hacks4pancakes/status/863296709681721344 Just when MS thought they were out, they got pulled back in.
|
# ¿ May 13, 2017 08:47 |
|
flosofl posted:So weird to see someone I know IRL quoted here. I can't imagine the anglophone security field is that big, ultimately.
|
# ¿ May 13, 2017 17:54 |
|
Apparently this was sent out by someone at an Israeli company. Translation from the Hebrew follows: "Hello, I assume you're aware of the recent international ransomware cyber-attack. Please see the attached file from the Cyber Bureau (an actual government agency in Israel --- AA). Exercise Caution in Opening Attached Documents The virus is commonly distributed via PDF files. We recommend that you avoid opening such files in the next few days. If you have the smallest suspicion, please get in touch with us, so we can confirm that the file is valid. Thanks Meir" Absurd Alhazred fucked around with this message at 19:26 on May 14, 2017 |
# ¿ May 14, 2017 18:09 |
|
Rectus posted:I hope the PDF just says "What did I just tell you dumbass!" That would be funnier, but according to the person who posted this, it is actually a document from the National Cyber Bureau in the Israeli Prime Minister's Office.
|
# ¿ May 14, 2017 18:31 |
|
Last Chance posted:I don't know much about nothin' here, but wtf is this when I visit that URL: LOL, I thought it was just ScriptSafe acting up or something.
|
# ¿ May 23, 2017 03:27 |
|
https://twitter.com/rygorous/status/871234463165931524 https://twitter.com/rygorous/status/871240324655398913/ Absurd Alhazred fucked around with this message at 06:51 on Jun 4, 2017 |
# ¿ Jun 4, 2017 06:48 |
|
gourdcaptain posted:Is TSX just cursed in general? It was broken and needed to be disabled in microcode updates in Haswell. It was broken in Broadwell...but a year after they shipped the microcode on Haswell my quad-core Broadwell laptop had it broken and needed a microcode update to boot most Linux distributions by disabling it. Now its broken in Skylake. Just.. wow. Spooky Transaction at a Distance.
|
# ¿ Jun 5, 2017 01:35 |
|
|
# ¿ Mar 28, 2024 12:07 |
|
https://twitter.com/ButtCoin/status/874393234037932032
|
# ¿ Jun 12, 2017 23:46 |