Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
cinci zoo sniper
Mar 14, 2013






Shame Boy posted:

windows the poo

Adbot
ADBOT LOVES YOU

cinci zoo sniper
Mar 14, 2013






spb posted:

Welllllllllll. Looks like we got a fuckup. LOL

blow it out your aes

cinci zoo sniper
Mar 14, 2013






curling will continue until the morale improves

cinci zoo sniper
Mar 14, 2013






power botton posted:

i got an email to my work address from myself saying i got hacked and theyre gonna release nudes to everyone in my contacts so long story short everyone at work knows what my penis looks like

long story short indeed, heh

cinci zoo sniper
Mar 14, 2013






pseudorandom name posted:

I think this is the first time in yospos's history that a lost fyad wandered in and actually managed to be funny

cinci zoo sniper
Mar 14, 2013






Krankenstyle posted:

wasnt there a respiration machine or something that rebooted for windows update in the middle of open heart surgery so they had to keep the patient alive manually

yeah, norway a year or 2 ago

cinci zoo sniper
Mar 14, 2013






Security Fuckup Megathread v18.2 - Long my computer cried in pain: Are all my protections in vain?

cinci zoo sniper
Mar 14, 2013






akadajet posted:

my dell laptop has that nice low angle nostril cam which I'm sure makes it look good

edit: you can really see my deviated septum with this thing lol

yeah i have a work xps13 and a window behind my back (office space is an unfortunate cube with bay windows where sun shines full blast until like 2pm), so on every skype call i'm basically an imposing drug cartel figurehead b/c i tower over this child-sized laptop and the lighting comes in from my back

cinci zoo sniper
Mar 14, 2013






i probably should just order a desk lamp or something so i can light myself up for videocalls

cinci zoo sniper
Mar 14, 2013






Cybernetic Vermin posted:

also if you're doing regular videocalls in the office it is worth it picking up a cheap logitech webcam and placing it properly. they vastly outperform whatever you get builtin, for both checking your nostrils and playacting being the smoking man.

thinking about that too. being procurement guy for office though, i had to employ scorched earth tactics to raise new hire workstation computer mouse budget to $35 so a webcam may be a bit of a hard sell :v:

cinci zoo sniper
Mar 14, 2013






Vomik posted:

get a ring light and a yeti mic. youíll be the king of conference calls

i have a xiami led lamp thing for that at home and it's real good yeah. no yeti though, i don't plan on having any heated gaming moments

speaking of xiaomi and back to thread topic, that desk lamp is really thirsty for some wifi lol

cinci zoo sniper
Mar 14, 2013






Midjack posted:

FULLY ONLINE ILLUMINATION

there is a companion app for smartphones to remotely adjust brightness and colour temperature of the lamp, but it only works over wifi :thunk:

cinci zoo sniper
Mar 14, 2013








quote:

Hi all. I'm the (actual) owner of that gem.

As already hypothesized in the comments I'm pretty sure this was a simple account hijack. The kickball user likely cracked an old password of mine from before I was using 1password that was leaked from who knows which of the various breaches that have occurred over the years.

I released that gem years ago and barely remembered even having a rubygems account since I'm not doing much OSS work these days. I simply forgot to rotate out that old password there as a result which is definitely my bad.

Since being notified and regaining ownership of the gem I've:

1. Removed the kickball gem owner. I don't know why rubygems did not do this automatically but they did not.

2. Reset to a new strong password specific to rubygems.org (haha) with 1password and secured my account with MFA.

3. Released a new version 0.0.8 of the gem so that anyone that unfortunately installed the bogus/yanked 0.0.7 version will hopefully update to the new/real version of the gem.

cinci zoo sniper
Mar 14, 2013






https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/

cinci zoo sniper
Mar 14, 2013






https://www.heise.de/ct/artikel/Logitech-keyboards-and-mice-vulnerable-to-extensive-cyber-attacks-4464533.html

cinci zoo sniper
Mar 14, 2013






pseudorandom posted:

poo poo, is there any easy way to tell if website X is actually a Zoom thing? I've been assuming that the meeting website my employer is using is just a simple WebRTC thing.

Actually, now I feel like I answered my question; if it's only using the browser with no additional software, then it can't be Zoom, right? (I have no idea what Zoom is).

zoom needs additional software, similarly to webex. your guy is probably on bluejeans or something small or custom

cinci zoo sniper
Mar 14, 2013






crazysim posted:

oddly enough, it doesn't need additional software too. the client is super pushed for because of the "nativeness" , but there's a web zoom client. the software however is also great for low bandwidth connections.

Kazinsal posted:

same with webex these days, though you can't host a screenshare through the WebRTC client

i see. we are just rolling in our own poo poo at this place so itís been a while since ive touched a proper internet telephony

cinci zoo sniper
Mar 14, 2013






Carbon dioxide posted:

your operating system is a point of sale.

lol

cinci zoo sniper
Mar 14, 2013






Jabor posted:

it's a start

yeah, although the penny change fine is hardly impressive

cinci zoo sniper
Mar 14, 2013






under which conditions a mobile app on android would not be able to access host devices imei?

cinci zoo sniper
Mar 14, 2013






yoloer420 posted:

Where target SDK is above 4 and the app doesn't have the READ_PHONE_STATE permission. I'm sure in most cases you could get it via a lovely IPC or poorly stored data elsewhere though.

thanks, will check. im almost certain we require that permission for our app to function, so a customer that used the app with no imei to behave strangely would mean quite an interesting subject for study. thankfully the monitoring system did catch this soon enough

cinci zoo sniper
Mar 14, 2013






yoloer420 posted:

Are you using the IMEI as a unique identifier for each device? You're not really supposed to do that, but all the alternatives kind of suck.

There are heaps of weird Android devices that don't have an IMEI as well. So you would need an alternative or to just declare that you don't support those.

it is not a seriously utilised unique identifier, we primarily use pii for that. just a few interesting cases we discovered recently, with newly appeared flavour of undesired customers that all share lack of imei recorded by our app, either as missing or blank imei. thankfully itís a microscopic trickle so far so itís likely safe to be lazy about this and ban that type of thing altogether. thanks for the links!

cinci zoo sniper
Mar 14, 2013






i donít get the last bit

cinci zoo sniper
Mar 14, 2013






Krankenstyle posted:

impossible/hard to tell who has the rights to which parts of the code, I'm guessing

ah, makes sense

cinci zoo sniper
Mar 14, 2013






https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/ :nsa:

cinci zoo sniper
Mar 14, 2013






Subjunctive posted:

if you donít have an HR dept, the CEO is the HR dept

we have no hr department and 3000 employees

cinci zoo sniper
Mar 14, 2013






https://www.zdnet.com/article/remote-code-execution-vulnerability-in-vlc-remains-unpatched/ new day new vlc vuln

cinci zoo sniper
Mar 14, 2013






endlessmonotony posted:

I'm more looking for something I can toss onto family etc computers as "the video player" for whatever the hell their ancient phones record video in and avoiding secfucks, janitoring or calls about how it doesn't work.

But what it sounds like is that all media players are the secfucks.

mpc-be

cinci zoo sniper
Mar 14, 2013






https://arstechnica.com/?p=1540685

Monokle uses several novel tools, including the ability to modify the Android trusted-certificate store and a command-and-control network that can communicate over Internet TCP ports, email, text messages, or phone calls.

cinci zoo sniper
Mar 14, 2013






clearly a master thief, stealing both from their victim and dominos

cinci zoo sniper
Mar 14, 2013






infernal machines posted:

inkjet drivers used to include a local apache tomcat instance and java runtime

i donít think itís legal to use printer software in comparisons

cinci zoo sniper
Mar 14, 2013






Krankenstyle posted:

also, is it really true that you have to work up credit by loaning and paying back and if you never use credit you have no worthiness?

its not perfect, but how about current net worth + last couple months paychecks instead (assuming credit is for a mortgage

yes. i work in the industry, sort of, and ďhas never paid back on a loan formally registered with a credit bureauĒ is universally a statistically significant indicator for predicting defaults on loans (mind you, im not doing mortgages or car loans and have no experience with north america north of mexico or africa- literally everywhere else this holds true)

current net worth + current stable income sounds okay for europe, where itís really hard to fire people and average person has a decent enough safety net (provided your net worth calculation is sane). it would most definitely not be a feasible primary determinant in the states, in 31 of which you can be fired without any notice and any reason given.

for mortgages specifically, having talked to people who do them, age is a major factor because they all are trying to estimate probability of your death before repayment

cinci zoo sniper
Mar 14, 2013






D. Ebdrup posted:

you are, OP. hth
--an europoopian

about that capital one hack, did erratic basically turn herself in? certainly living up to her nickname :v:

??

cinci zoo sniper
Mar 14, 2013






ErIog posted:

This is kind of the racket in America. How are you supposed to have paid the loan registered with the credit bureau if in order to get the loan you need to have paid off a loan registered to the credit bureau?

yes, it sucks and ive encountered similar situation in other countries too. i assume that in america you effectively are forced to take some garbage point of sales instalment loans or some payday loans and pay them off to prove that you can pay off loans, which is a pretty nice trap in itself because neither of those are cheap on the borrower, especially payday loans lmao, and if you are going to repay them on the same day then youíll alert every aml officer on the planet + paint yourself red as someone who is not a profitable borrower (under the assumption that for 90 day 1%/day loan of $100 on day 3 you can only pay $103+administrative fees, if any, to have it settled)

cinci zoo sniper
Mar 14, 2013






Truga posted:

from what i've heard paying off all loans also tanks your credit score because you now have no loans you're paying off lmao

this is true but only in cases with high-value long-term obligations like car loans, mortgages, and credit cards - logic there is that big companies give those, and they have means to push your skull in for misbehaving, so youíll be careful around those and cannot afford to be too reckless with anything else either as a consequence. also i wouldnít necessarily call it a tanking, itís more of a decrease from like 8 to 7 on a favourability score of 10, when loans are being issued at 5+.

cinci zoo sniper
Mar 14, 2013






Boiled Water posted:

can you transfer money to yourself in a loop through paypal and another account and make itself known this way?

no, its only official debt so issued by a legal lender and as reported to an accredited credit history bureau

cinci zoo sniper
Mar 14, 2013






spankmeister posted:

How do expats coming into the country as adults get a credit score?

very painfully, especially outside eu and when moving from place a to place b with no credit history information sharing initiatives between a and b. your best bet probably is to minmax your cc in such scenario

cinci zoo sniper
Mar 14, 2013






CRIP EATIN BREAD posted:

whats the credit score number (in the US) actually mean, anyways?

what are the units

it works like this, simplifying

letís say that score of 40 is 10% probability of non-repayment. then you pick a point interval, for example 10, that will be your ďpoints to double the oddsĒ - meaning that score of 30 implies 20% probability, and score of 50 - 5%.

thatís quite literally it to the actual number formula, itís a logarithmic conversion of probabilities of bad or good thing happening during loan contract

cinci zoo sniper
Mar 14, 2013







hhahahaha how dumb you have to be to post haul from a major hack to your legit personal github?

Adbot
ADBOT LOVES YOU

cinci zoo sniper
Mar 14, 2013






https://amonitoring.ru/article/steamclient-0day/

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply