Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«178 »
  • Locked thread
Schadenboner
Aug 15, 2011




Plays For Sure

Adbot
ADBOT LOVES YOU

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



Schadenboner posted:

For Businessgroups

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

"Time to renew your OS Subscription"

Diva Cupcake
Aug 15, 2005



oh
https://twitter.com/MikaelThalen/st...620252901924864

cinci zoo sniper
Mar 14, 2013




my

Subjunctive
Sep 12, 2006

careful now


Cybernetic Crumb

anything good in there?

cinci zoo sniper
Mar 14, 2013



Subjunctive posted:

anything good in there?

plenty, click through to article

Subjunctive
Sep 12, 2006

careful now


Cybernetic Crumb

I was hoping for a little curation, maybe put together something thematic

Truga
May 4, 2014


Lipstick Apathy

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

Y'know: That's the one thing I love about the shift to Cloud, all these devs who don't know infrastructure security who were protected in the datacenter by Networking now openly exposed thanks to ignorance.

cinci zoo sniper
Mar 14, 2013



https://threatpost.com/apache-strut...fax-bug/136850/ heh

cinci zoo sniper
Mar 14, 2013



https://www.theinquirer.net/inquire...t-as-we-assumed

Wiggly Wayne DDS
Sep 11, 2010





Nap Ghost

yeah that's been kicking around but the story is funnier

https://twitter.com/GossiTheDog/sta...627867845357568

spankmeister
Jun 15, 2008






Slippery Tilde

BangersInMyKnickers posted:

is there an easy way in redhat to interrogate if a process is using the nx bit?

You can check the binary using https://github.com/slimm609/checksec.sh or maybe inspect the memory map in the /proc filesystem?

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



cool thanks

Potato Salad
Oct 23, 2014


Tortured By Flan

Wiggly Wayne DDS posted:

yeah that's been kicking around but the story is funnier

https://twitter.com/GossiTheDog/sta...627867845357568

I want to see the "breaking & entering a house" metaphors for this

Subjunctive
Sep 12, 2006

careful now


Cybernetic Crumb

itís just social engineering via README

anthonypants
May 6, 2007

by Nyc_Tattoo


Dinosaur Gum

wait, what

quote:

A researcher from Vanderbilt University in Nashville, Tennessee found that although the data collected appears to be anonymised, in reality, Google can retroactively identify it from the usernames and other account data used during the session.

So, for example, if you sign into a website while using a private browsing window, the details of that login are still sent to Google which can put two and two together.
there's a loving disclaimer when you open a new incognito mode window for these people. yes, when you sign in to youtube, google will know whose account you're using. a bunch of places do tracking by ip + useragent/os too, incognito mode won't save you

anthonypants fucked around with this message at Aug 23, 2018 around 19:18

D. Ebdrup
Mar 13, 2009



But !

Daman
Oct 28, 2011


gossi is an idiot, the github does include working OGNL exploit code and the configuration change isn't needed because if you're using struts you're probably already using actionchaining.

spankmeister
Jun 15, 2008






Slippery Tilde

Kevin Beaumont also didn't understand backporting when he scanned the Voatz website.

Diva Cupcake
Aug 15, 2005



im dumb

Diva Cupcake fucked around with this message at Aug 24, 2018 around 16:25

Subjunctive
Sep 12, 2006

careful now


Cybernetic Crumb

then youíre in the right thread!!!

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang




Chris Knight
Jun 5, 2002

And I'm only saying this because I care.

There are a lot of decaffeinated brands on the market today that are just as tasty as the real thing.



Fun Shoe

ayyy lmao

https://twitter.com/_r00k_/status/1...4796456962?s=21

https://twitter.com/lorenzofb/statu...076790686883842

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



imo their senior it guys should be fired and whoever they reports to should be as well. in this day & age its p much inexcusable to be that crappy about passwords

wolrah
May 8, 2006
what?


Krankenstyle posted:

imo their senior it guys should be fired and whoever they reports to should be as well. in this day & age its p much inexcusable to be that crappy about passwords

By that logic 90% of bank IT should be fired, since they're basically the home of the "password too complicated" error.

Not that I'd disagree with that, but it hasn't happened yet and it's not like lovely password storage is hard to identify.

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



wolrah posted:

By that logic 90% of bank IT should be fired

yes

wolrah posted:

, since they're basically the home of the "password too complicated" error.

Not that I'd disagree with that, but it hasn't happened yet and it's not like lovely password storage is hard to identify.

ya it sucks

Midjack
Dec 24, 2007





Biscuit Hider

D. Ebdrup posted:

Counterpoint: All secure options will eventually be insecure.

https://youtu.be/FUPstXCqyus

Kuvo
Oct 27, 2008

Blame it on the misfortune of your bark!


Fun Shoe


Boner Wad
Nov 16, 2003


Ex-Tesla employee complains about stuff. I donít think itís completely unexpected for such a large company. click through the entire thread for extra laughs.

https://twitter.com/atomicthumbs/st...939617404645376

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



literally a goon

hope they obscured details enough to prevent dangers... this poo poo has wings now

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



ps: leaker uses the orange-ey custom stylesheet tho so you know its someone who gives a gently caress

Boner Wad
Nov 16, 2003


Krankenstyle posted:

literally a goon

hope they obscured details enough to prevent dangers... this poo poo has wings now

yeah thatís what I thought too but the yellow threw me off

Beamed
Nov 26, 2010

FAAAATHEEER
THE SLEEEEEEPER HAS *snooze*


Boner Wad posted:

yeah thatís what I thought too but the yellow threw me off

the best part about this post is it could be made in one of two ways and it's amazing either way

Shame Boy
Mar 2, 2010

THE HORROR
THE HORROR



Boner Wad posted:

yeah thatís what I thought too but the yellow threw me off

it's literally this thread in yospos:

https://forums.somethingawful.com/s...0#post487296229

and it's loving amazing


also dammit atomicthumbs don't tell people about our secret computer club!!!!

spankmeister
Jun 15, 2008






Slippery Tilde

Krankenstyle posted:

ps: leaker uses the orange-ey custom stylesheet tho so you know its someone who gives a gently caress

it's called amberpos and it's shameful

anthonypants
May 6, 2007

by Nyc_Tattoo


Dinosaur Gum

spankmeister posted:

it's called amberpos and it's shameful
amberpos => ambergris => musk

spankmeister
Jun 15, 2008






Slippery Tilde

Also atomicthumbs is the security fuckup imo

In the infosec game you don't disseminate information without the source's prior approval.

Adbot
ADBOT LOVES YOU

Krankenstyle
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



anthonypants posted:

amberpos => ambergris => musk

  • Locked thread
«178 »