Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Absurd Alhazred
Mar 27, 2010

by Athanatos

Subjunctive posted:

Gonna risk a triple-post and quote myself from another thread:

If it's the company I think it is then it does in fact stay installed, constantly "suggests" that you buy the full anti-virus, and finds problems like "this web browser you never use has some kind of edge-case vulnerability if you are dumb enough to use it, but if you want us to automatically fix it you'll need to buy our full suite."

Adbot
ADBOT LOVES YOU

Absurd Alhazred
Mar 27, 2010

by Athanatos

Mr Chips posted:

Is there anything more recent than Ormandy's 2012 stuff on Sophos being poo poo? Central IT at my workplace has a 'policy' that it has to be installed on all machines (including RHEL machines) and having it sitting there taking up 200+ Mbytes x 2000 VMs seems like a waste of resources.

Just use the back door to disable all of them. :shrug:

Absurd Alhazred
Mar 27, 2010

by Athanatos

Subjunctive posted:

To follow up here: this vendor's tool was installing itself and being obnoxious, so we have removed it from the program until they remedy that. We do not want to be recommending tools to our users that result in AV software being installed.

Thanks for the report, Absurd!

Complaining is where I'm a Viking!

Absurd Alhazred
Mar 27, 2010

by Athanatos

OSI bean dip posted:

When I had them pay my company a visit, they gave a full-on demo and even repacked the malware, etc to show off its abilities--which was suspiciously done mind you. When I asked what they'd do when their "magic math" is compromised, they said that they could just adjust some variables and carry on, which smelt of horseshit.

I'm having a hard time finding non-effusive coverage about them online (I spent a whole couple of seconds googling them!), but sounds to me like they've been founded by quantitative finance people.

Absurd Alhazred
Mar 27, 2010

by Athanatos
What does this thread feel about Bruce Schneier? I've been getting his CRYPTO-GRAM since I want to say the late '90s or early '00s. Way before blogs were a common thing.

Absurd Alhazred
Mar 27, 2010

by Athanatos

Subjunctive posted:

And as long as you build from source, you know that you're getting the right thing.

Oh, I don't know about that. Did you build your build environment from source? Did you get your boostrapping framework audited? Did you get your auditor audited?

Absurd Alhazred
Mar 27, 2010

by Athanatos

FeloniousDrunk posted:

I think for all the fun I have provided I at least deserve a red text. Also, the project lives on, with hazard warnings, because I am a) a dumbass and b) it's useful for other ideas (no crypto). I'd also like to thank all of you for your mostly helpful and not at all calling me an idiot feedback. Special thanks for the PoC and explanation which I have understood. As my username implies, I do get ideas that are not quite rational from time to time.

So. If the bookmarklet calls a secure service to obtain a salt

How about you pay for your own red text? :ms:

Absurd Alhazred
Mar 27, 2010

by Athanatos
The latest SMBC is appropriate:



The Infosec Thread: It's people! The security vulnerability is people!!

Absurd Alhazred
Mar 27, 2010

by Athanatos

Internet Explorer posted:

Sorry, I only store my hashed password database on an encrypted flash drive stuffed in my rectum that requires a specific sequence of hot peppers at random Scoville values to dislodge.

[Edit: Sorry, I'm not actually sure if this is a serious thread or not at this point.]

Infosec is a joke.

Absurd Alhazred
Mar 27, 2010

by Athanatos

psydude posted:

It's pretty easy. The part of the Conrad book that explains the order of importance of "values" basically gives you the key to the exam.

"The horror. The horror."

Absurd Alhazred
Mar 27, 2010

by Athanatos
From the A/T cons and scams thread:

504 posted:

My brand new staff member (night shift) gave me the best present ever.

504: Hello new worker, how was the night shift? Completely eventless and no problems at all, just like it always is?
New Guy: Yes, except the computer caught a virus, but its ok, I called the number and fixed it
504: A virus? how odd, what did IT say?
New Guy: Oh I didn't call them, I called the number in the box that popped up 0900 something.
504: (Stomach dropping) What did the "technician" tell you to do?
New Guy: He got me to go to a google page and download a file to fix it.


504: Hello IT? I'm afraid my new staff member has downloaded and installed a remote access program to the hospitals network. Also I cant make the firewall do anything.

Good times.

People are the weakest link in your security framework.

Absurd Alhazred
Mar 27, 2010

by Athanatos

eames posted:

This is madness.
4,287,625 possibly affected domains in total as of right now.

here's a list of noteworthy sites, including iOS apps:

https://github.com/pirate/sites-using-cloudflare

We made it! :unsmith:

Not as a notable site, but at least to the top 10,000 on Alexa.

Absurd Alhazred
Mar 27, 2010

by Athanatos
MD5 is deader than dead.

https://twitter.com/__spq__/status/838583044260904960

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/preinheimer/status/841273046317060105

Absurd Alhazred
Mar 27, 2010

by Athanatos

Cup Runneth Over posted:

But how do you communicate a secure location for them to meet??

The location doesn't have to be secure if they can just whisper sweet nothings into each others` ears.

Absurd Alhazred
Mar 27, 2010

by Athanatos

Cup Runneth Over posted:

meanwhile, next door


פורים שמח!

Absurd Alhazred
Mar 27, 2010

by Athanatos
LOL (:nws:, possibly)

Absurd Alhazred
Mar 27, 2010

by Athanatos

Volmarias posted:

Context for those of us not Australian? Or is it just the funny goatse?

It's the Goatse.

Absurd Alhazred
Mar 27, 2010

by Athanatos
Double-posting for urgency:

https://twitter.com/Maliciouslink/status/841789009852538880

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/hacks4pancakes/status/843299108504948736

Absurd Alhazred
Mar 27, 2010

by Athanatos
Cutting edge stuff:

https://twitter.com/thezdi/status/842788469923442689

Absurd Alhazred
Mar 27, 2010

by Athanatos

Subjunctive posted:

Nobody should ever write anything connected to the internet in C.

As long as you religiously query the API about data sizes and allocate appropriately before receiving anything, it's safe as houses. :v:

Absurd Alhazred
Mar 27, 2010

by Athanatos

ratbert90 posted:

Remove all kernels from existence. And all underlying libraries.

Don't roll your own sockets

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/ReneFreingruber/status/855090151411855361/photo/1

Javascript was a mistake.

Absurd Alhazred
Mar 27, 2010

by Athanatos
Might be too late to uninstall Ghostery, but who knows?

https://twitter.com/1BlockerApp/status/858578767039651841

Absurd Alhazred
Mar 27, 2010

by Athanatos
DON'T ROLL YOUR OWN ROBOTS

Absurd Alhazred
Mar 27, 2010

by Athanatos

EVIL Gibson posted:

Speaking of third party auth...

Everyone be SUPER CAREFUL of opening any share invites to view anything on google docs. A phishing attack is being discovered now that scrapes all your google contacts and has free reign over your gmail.

From random names, but it always seems the first recipient is hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh[@]mailnator.com


Here's a twitter post with a gif of what it looks like: https://twitter.com/zachlatta/status/859843151757955072


More info: https://www.theverge.com/2017/5/3/15534768/google-docs-phishing-attack-share-this-document-with-you-spam

I got one of these today from someone I've had email correspondence with. Of course I was suspicious, not least due to the hhhhhhh recipient. I marked it as spam, and gmail was kind enough to allow me to mark my correspondent as at risk of having been compromised, which presumably will warn him, as well.

Absurd Alhazred
Mar 27, 2010

by Athanatos
Any guesses?

https://twitter.com/taviso/status/860679110728622080

Absurd Alhazred
Mar 27, 2010

by Athanatos

:suspense:

Absurd Alhazred
Mar 27, 2010

by Athanatos

:stonk:

Absurd Alhazred
Mar 27, 2010

by Athanatos
Antivirus: not even once.

ETA:
https://twitter.com/FAANews/status/861697994323787776

Absurd Alhazred fucked around with this message at 05:13 on May 9, 2017

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/NerdPyle/status/719977329548664832

https://twitter.com/NerdPyle/status/863203884595953664

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/hacks4pancakes/status/863296709681721344

Just when MS thought they were out, they got pulled back in.

Absurd Alhazred
Mar 27, 2010

by Athanatos

flosofl posted:

So weird to see someone I know IRL quoted here.

I can't imagine the anglophone security field is that big, ultimately.

Absurd Alhazred
Mar 27, 2010

by Athanatos
Apparently this was sent out by someone at an Israeli company. Translation from the Hebrew follows:



"Hello,

I assume you're aware of the recent international ransomware cyber-attack.

Please see the attached file from the Cyber Bureau (an actual government agency in Israel --- AA).

Exercise Caution in Opening Attached Documents

The virus is commonly distributed via PDF files. We recommend that you avoid opening such files in the next few days. If you have the smallest suspicion, please get in touch with us, so we can confirm that the file is valid.

Thanks

Meir"

Absurd Alhazred fucked around with this message at 19:26 on May 14, 2017

Absurd Alhazred
Mar 27, 2010

by Athanatos

Rectus posted:

I hope the PDF just says "What did I just tell you dumbass!"

That would be funnier, but according to the person who posted this, it is actually a document from the National Cyber Bureau in the Israeli Prime Minister's Office.

Absurd Alhazred
Mar 27, 2010

by Athanatos

Last Chance posted:

I don't know much about nothin' here, but wtf is this when I visit that URL:



LOL, I thought it was just ScriptSafe acting up or something.

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/rygorous/status/871234463165931524

https://twitter.com/rygorous/status/871240324655398913/

:stonk:

Absurd Alhazred fucked around with this message at 06:51 on Jun 4, 2017

Absurd Alhazred
Mar 27, 2010

by Athanatos

gourdcaptain posted:

Is TSX just cursed in general? It was broken and needed to be disabled in microcode updates in Haswell. It was broken in Broadwell...but a year after they shipped the microcode on Haswell my quad-core Broadwell laptop had it broken and needed a microcode update to boot most Linux distributions by disabling it. Now its broken in Skylake. Just.. wow.

EDIT: The completely other frustrating thing is the needed microcode for the Broadwell quad core laptop issue was only released as part of a MSI BIOS update for several months. Queue people writing tools to scrape it and put it in their Linux initramfs.

Spooky Transaction at a Distance.

Adbot
ADBOT LOVES YOU

Absurd Alhazred
Mar 27, 2010

by Athanatos
https://twitter.com/ButtCoin/status/874393234037932032

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply