|
akadajet posted:How would blocking the US help with GDPR?
|
#
?
May 4, 2018 20:59
|
|
|
|
| # ? Apr 25, 2024 18:43 |
|
|
is 1password still the best choice for a low hassle, cross platform password manager?
|
|
#
?
May 4, 2018 21:07
|
|
|
Father Jack posted:is 1password still the best choice for a low hassle, cross platform password manager?
|
|
#
?
May 4, 2018 21:27
|
|
|
anthonypants posted:yes. if you're on windows get the v4 version v7 beta has standalone vaults now
|
|
#
?
May 4, 2018 21:42
|
|
|
Wiggly Wayne DDS posted:it'd help a ton with any discussion related to it if prior threads have been any indication lol
|
|
#
?
May 4, 2018 21:43
|
|
|
Rufus Ping posted:v7 beta has standalone vaults now oh? so you can sync with dropbox instead of buying a subscription?
|
|
#
?
May 4, 2018 21:59
|
|
|
Rufus Ping posted:v7 beta has standalone vaults now
|
|
#
?
May 4, 2018 22:18
|
|
|
anthonypants posted:yes. if you're on windows get the v4 version why v4 rather than the current version?
|
|
#
?
May 4, 2018 22:44
|
|
|
Rufus Ping posted:v7 beta has standalone vaults now they also have a CLI version for all platforms: https://support.1password.com/command-line-getting-started/
|
|
#
?
May 4, 2018 22:50
|
|
|
i have weird sync issues between my mac and windows box lol
|
|
#
?
May 5, 2018 01:42
|
|
|
Father Jack posted:why v4 rather than the current version? The current non-alpha/beta Windows version requires a 1Password cloud subscription. v4 is currently the supported stand-alone (it still gets security updates), but there’s not Edge extension for it if that’s a deal breaker.
|
|
#
?
May 5, 2018 02:36
|
|
|
https://www.nytimes.com/interactive/2018/05/03/magazine/money-issue-iowa-lottery-fraud-mystery.html
|
|
#
?
May 5, 2018 04:21
|
|
|
Powerful Two-Hander posted:I had to do some it sec training today and it had an absolutely superb "interview with a hacker" segment that had: cmon you have to leak that now, that sounds brilliant
|
|
#
?
May 5, 2018 14:41
|
|
|
Lutha Mahtin posted:https://www.nytimes.com/interactive/2018/05/03/magazine/money-issue-iowa-lottery-fraud-mystery.html this was good, thanks
|
|
#
?
May 5, 2018 14:54
|
|
|
The presentation was corny and cringy as a tool to ensure you paid attention and remembered it. You took to the training so well that you're here telling us to be careful about what we click on, and to pay attention to when someone is trying too hard to get our browser traffic. I'd say the training was well worth the cost.
|
|
#
?
May 5, 2018 16:44
|
|
|
Subjunctive posted:this was good, thanks i think it's pretty cool the article explained programming stuff, like pseudocode and the actual sneaky bit of code. i also think it's pretty bad that the lottery association doesn't keep backups and was foiled by if (date == memorial Day) {rigThe Game();}
|
|
#
?
May 5, 2018 16:51
|
|
|
https://twitter.com/KateLibc/status/992810127383183364 the thread i quoted is good too but yeah. telephony sucks and it will never get better so i talked about how i abused it once
|
|
#
?
May 5, 2018 18:23
|
|
|
with the current way the networks are setup the best way to handle robocalls is to put liability for them onto the carriers with penalties paid by the carriers to consumers reporting the calls rather than the FTC.
|
|
#
?
May 5, 2018 20:25
|
|
|
I think someone started doing that poo poo for my area too. I get a bunch of spam calls from numbers with the same area code and first 3 digits as my cell phone. gently caress to phones
|
|
#
?
May 5, 2018 20:25
|
|
|
yeah same. i get it at my cell number and google voice number. at&t has a blocker/“likely spam” app now, so we’ll see how well it works
|
|
#
?
May 5, 2018 20:31
|
|
|
Achmed Jones posted:yeah same. i get it at my cell number and google voice number. at&t has a blocker/“likely spam” app now, so we’ll see how well it works i've been using that app for a while, it works... alright. a few still get through since the spammers are literally just randomly changing numbers so it's kinda hard to do any sort of correlation an interesting side effect though is it shows you each individual time it blocks something, which shows interesting behavior - they'll call over and over again rapidly, like 8 to 10 times in a few seconds, then give up for a while and call again two days later, stuff like that
|
|
#
?
May 5, 2018 20:44
|
|
|
Jewel posted:Did someone order a two for one deal? wait, which one is RCE? it can't be the exif bug since that is an overread, and none of the other bugs backported to 5.6 look like an RCE either. i mean i get that they've decoupled all these php bugs from cve numbering to prevent integer exhaustion but come on (i'm using RHEL so I need a CVE to see if redhat has/will patch it)
|
|
#
?
May 5, 2018 20:57
|
|
|
https://www.bleepingcomputer.com/news/security/microsoft-working-on-a-fix-for-windows-10-meltdown-patch-bypass/quote:Welp, it turns out the Meltdown patches for Windows 10 had a fatal flaw: calling NtCallEnclave returned back to user space with the full kernel page table directory, completely undermining the mitigation. This is now patched on RS4
|
|
#
?
May 6, 2018 01:08
|
|
|
amazing
|
|
#
?
May 6, 2018 01:23
|
|
|
just in time for the next spectre patches to be released and also hosed up
|
|
#
?
May 6, 2018 01:39
|
|
|
The New York Times Magazine has an article about how the man who was responsible for much of the IT for the lotteries in a number of states (including RNG implementation) put in a back door so he could cheat. There's some very stupid things in there, like how he managed to buy a jackpot ticket (despite knowing every possible number that could win so easily could have played a non-winning number to ensure he missed the jackpot), how he bought his own lottery tickets (despite being legally forbidden from playing the lottery as a lottery employee), how the lottery RNG was a Mersenne Twister (not a cryptographically secure RNG) seeded with Geiger counter readings, and how they apparently only relied on third-party black-box testing to audit the RNG's functionality with no internal testing or even code review (which would have caught the described backdoor very easily). To top it all off: his stated reason for doing it in the first place? A coworker joked about him having the power to do it and he wanted to see if he actually could 
Mr.Radar fucked around with this message at 03:37 on May 6, 2018 |
|
#
?
May 6, 2018 03:30
|
|
|
Mr.Radar posted:The New York Times Magazine has an article about how the man who was responsible for much of the IT for the lotteries in a number of states (including RNG implementation) put in a back door so he could cheat. There's some very stupid things in there, like how he managed to buy a jackpot ticket (despite knowing every possible number that could win so easily could have played a non-winning number to ensure he missed the jackpot), how he bought his own lottery tickets (despite being legally forbidden from playing the lottery as a lottery employee), how the lottery RNG was a Mersenne Twister (not a cryptographically secure RNG) seeded with Geiger counter readings, and how they apparently only relied on third-party black-box testing to audit the RNG's functionality with no internal testing or even code review (which would have caught the described backdoor very easily). To top it all off: his stated reason for doing it in the first place? A coworker joked about him having the power to do it and he wanted to see if he actually could Yes, that would be this article Lutha Mahtin posted:https://www.nytimes.com/interactive/2018/05/03/magazine/money-issue-iowa-lottery-fraud-mystery.html My favorite part is that this guy had been getting his friends and family rigged lottery tickets for years but was trying to pass himself off as an ambitious nerd who just wanted to see if it could be done and not the actual thief he was.
|
|
#
?
May 6, 2018 03:42
|
|
|
brand engager posted:I think someone started doing that poo poo for my area too. I get a bunch of spam calls from numbers with the same area code and first 3 digits as my cell phone. gently caress to phones I made an app that I'm unreasonably proud of to just block all same area code + prefix calls without even ringing.
|
|
#
?
May 6, 2018 06:08
|
|
|
i finally started a twitter account for my professional/hobbyist computer touching other than tavis, who's a good follow for infosec stuff
|
|
#
?
May 6, 2018 06:08
|
|
|
brand engager posted:I think someone started doing that poo poo for my area too. I get a bunch of spam calls from numbers with the same area code and first 3 digits as my cell phone. gently caress to phones this has been happening to me at least twice daily for almost a year, and it's infuriating
|
|
#
?
May 6, 2018 06:09
|
|
|
Volmarias posted:I made an app that I'm unreasonably proud of to just block all same area code + prefix calls without even ringing. That's incredible and you are right to be proud and also give me it because my ringer is just off 24/7 because I get like 10 calls a day.
|
|
#
?
May 6, 2018 06:10
|
|
|
RISCy Business posted:i finally started a twitter account for my professional/hobbyist computer touching i follow tavis, @thegrugq (if you don't mind weird thai politics and crazy stuff sometimes) and lain's @KateLibc account infosec taylor swift has fallen out of favor with the thread it seems so follow at your own peril
|
|
#
?
May 6, 2018 06:17
|
|
|
there's also that one account with the pony avatar that's apparently good but which i refuse to follow on principle ...unlike my ironic pony avatar that is cool and good and totally excusable
|
|
#
?
May 6, 2018 06:20
|
|
|
RISCy Business posted:i finally started a twitter account for my professional/hobbyist computer touching Krebs is pretty good.
|
|
#
?
May 6, 2018 06:36
|
|
|
Lutha Mahtin posted:https://www.nytimes.com/interactive/2018/05/03/magazine/money-issue-iowa-lottery-fraud-mystery.html this was a good read
|
|
#
?
May 6, 2018 06:53
|
|
|
Subjunctive posted:I built a custom string type that couldn't easily be passed to logging functions for things like message text and passwords. if there was an implicit conversion, they would convert to things like "[[message text: 251 chars]]" or "[[password]]" and log a warning about misuse. it took about two days including converting a relatively large codebase. I don't know why people don't use the type system more for stuff like this oooh this is a cool idea
|
|
#
?
May 6, 2018 07:42
|
|
|
Garrand posted:Yes, that would be this article on the other hand, lotteries exist purely to siphon money from the poor. stealing from a lottery is good.
|
|
#
?
May 6, 2018 07:59
|
|
|
Powerful Two-Hander posted:I had to do some it sec training today and it had an absolutely superb "interview with a hacker" segment that had: did the hacker say "i'm in" in a hacker voice?
|
|
#
?
May 6, 2018 08:25
|
|
|
cheese-cube posted:did the hacker say "i'm in" in a hacker voice? yep I think they did because I said it out loud at the same time and got a weird look from the guy next to me
|
|
#
?
May 6, 2018 09:24
|
|
|
|
| # ? Apr 25, 2024 18:43 |
|
|
RISCy Business posted:i finally started a twitter account for my professional/hobbyist computer touching Troy Hunt.
|
|
#
?
May 6, 2018 09:27
|
|
