|
/!\ everyone set your clocks back /!\
|
# ¿ May 4, 2019 07:39 |
|
|
# ¿ Apr 23, 2024 16:35 |
|
Shame Boy posted:i've got a question about old cryptography that y'all can probably answer: so i know that in world war 2, the allies used that weird robotic voice SIGSALY system for their highest-level communications. what did the axis powers use for that same role? was it just some more complicated variant of a rotor-based system like the enigma machine? maybe your answer is in this fine book on vocoders http://howtowreckanicebeach.com/?page_id=14 edit: the enigma machine? Computer Serf fucked around with this message at 01:42 on May 13, 2019 |
# ¿ May 13, 2019 00:12 |
|
All Computers Are Broken!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
# ¿ May 14, 2019 22:35 |
|
|
# ¿ May 22, 2019 10:19 |
|
not sure if someone posted this yet, but cisco is bork again and they named the bug 😾😾😾 THRANGRYCAT DOT COM posted:😾😾😾 is caused by a series of hardware design flaws within Cisco’s Trust Anchor module. First commercially introduced in 2013, Cisco Trust Anchor module (TAm) is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the root of trust that underpins all other Cisco security and trustworthy computing mechanisms in these devices. 😾😾😾 allows an attacker to make persistent modification to the Trust Anchor module via FPGA bitstream modification, thereby defeating the secure boot process and invalidating Cisco’s chain of trust at its root. While the flaws are based in hardware, 😾😾😾 can be exploited remotely without any need for physical access. Since the flaws reside within the hardware design, it is unlikely that any software security patch will fully resolve the fundamental security vulnerability. https://thrangrycat.com/
|
# ¿ May 22, 2019 21:45 |
|
thanks cisco
|
# ¿ May 22, 2019 21:47 |
|
|
# ¿ May 23, 2019 01:12 |
|
wheres the obscure deep irc fried onion forum where they explain the technical details behind cves because when a vendor says: lovely app posted:An attacker can overwrite or restore files to locations they do not have write privileges to. This can be accomplished via API or via the User Interface. lovely app posted:A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user. that seems to imply some shitlord can just send api requests to everyone running this app and
|
# ¿ May 31, 2019 02:27 |
|
without knowing how hosed up this gently caress up is i dont know how much anxiety to allocate
|
# ¿ May 31, 2019 02:28 |
|
spankmeister posted:It was probably a good idea in like, the 90's
|
# ¿ Jun 18, 2019 08:00 |
|
is it normal when an embeded nas suddenly changes its update server to something in chinacode:
|
# ¿ Jun 28, 2019 07:27 |
|
infernal machines posted:where do you think qnap as a company comes from?
|
# ¿ Jun 28, 2019 07:33 |
|
Chris Knight posted:what do you think CNAME stands for?
|
# ¿ Jun 28, 2019 17:18 |
|
mystes posted:Taiwan. idk it was more like, why did the firmware update server suddenly change from download.qnap.com to download.qnap.com.cn maybe it was just a normal janitoring fuckup tbh anytime a piece of network equipment has an irregular issue like an unexpected reboot i just assume either a teenager or some nation state prob just my box so i put it in my freezer until i find a proper burial site
|
# ¿ Jun 28, 2019 17:35 |
|
infernal machines posted:functionally what's the difference between download.qnap.com and download.qnap.com.cn? do they even resolve to different ips? if qnap wanted to gently caress any of its customers im sure it could just leave an obscure set of vulnerabilites in and have plausible deniability so ultimately its probably just a novelty that the update server changed but it just got me thinking about update servers and end user transparency. releases might be signed, or if you're lucky the developers will publish checksums but then there's situations like that time some guy handed over one of the largest node.js libraries to another developer and the new guy put malware in it and all the projects using that library pushed to their releases so this is all the more reason why we need an entirely new architecture made up of a network of unhackable laptops and ROM chips code:
code:
CRIP EATIN BREAD posted:so yeah .cn goes to a chinese only CDN while the .com goes to an aws cloudfront hosted cdn. everything is in the cloud
|
# ¿ Jun 28, 2019 19:30 |
|
Lutha Mahtin posted:lol if u haven't configurated your POS
|
# ¿ Jul 12, 2019 15:34 |
|
Plorkyeran posted:i can't imagine any significant number of people actually ever downloaded a forked version of firefox 38
|
# ¿ Jul 22, 2019 10:24 |
|
Trabisnikof posted:you need a chill-sec person and a security kraken. follow the chill-sec advice and you won’t attract the worm
|
# ¿ Jul 22, 2019 21:49 |
|
Lain Iwakura posted:so this got posted to the grey thread oh weird thats a girl i used to date, we met on linkedin
|
# ¿ Jul 25, 2019 02:31 |
|
D. Ebdrup posted:you used to date a porn star? technically it was a long distance fling anyway so i'll just accept this allegation at face value
|
# ¿ Jul 25, 2019 20:01 |
|
whos gonna be debugging that secfuck with the hookers
|
# ¿ Oct 14, 2019 05:14 |
|
Ur Getting Fatter posted:after an automatic update windows 10 enabled a hidden "default" user account with no password and admin privileges
|
# ¿ Nov 6, 2019 06:52 |
|
|
# ¿ Nov 19, 2019 06:02 |
|
Shame Boy posted:the kids call it double multi-factor bumping, nasty stuff. one minute you're just trying to secure your amazon account and the next thing you know you're waking up in a cold sweat 3 days later with a bunch of powdered yubikey dust on your nose and all your computers running gentoo
|
# ¿ Jan 2, 2020 22:58 |
|
Phone posted:oopsiesec
|
# ¿ Jun 16, 2020 03:17 |
|
simble posted:i can only get through about half of an apress book video gaem speed runners taught me buffer overflows are part of the system and valid if you can finish the level
|
# ¿ Jun 27, 2020 04:22 |
|
other than ye ole same old economic stratification within gaming world economies, what’s really fucky is how much effort is being put into designing addictive systems to harvest attention oh wai..
|
# ¿ Jul 9, 2020 20:50 |
|
remember that presentation from some hell marketing company trying to explain a system that knows how much income each user has, paired with an AI that learns how frustrated you are and adjusts the gameplay and cyber economy to maximize the grift oh and it secretly maps the layout of everyones home and surroundings through wifi radar magic https://gamerant.com/microtransactions-ai-artificial-intelligence-document-leak/
|
# ¿ Jul 9, 2020 21:09 |
|
x86 iddqd godmode bit? https://m.youtube.com/watch?v=_eSAF_qT_FY
|
# ¿ Jul 13, 2020 19:52 |
|
Grace Baiting posted:the useriferous aethernet
|
# ¿ Jul 22, 2020 15:48 |
|
huh alec uses DoHoT https://github.com/alecmuffett/dohot seems like a weird threat model but okay
|
# ¿ Jul 27, 2020 19:11 |
|
they also have a MUD up and running and someone kindly uploaded the cassette tape
|
# ¿ Aug 5, 2020 22:06 |
|
op just use an analog camera and process the negatives yourself
|
# ¿ Aug 5, 2020 22:09 |
|
PIZZA.BAT posted:starting to lose my patience with nord. i've been having a lot of trouble connecting over the past few weeks and their app gives you no indication of where the problem may be. pretty frustrating!! nord is pretty wild they spend a shitload of money advertising and apparently somewhere close to $0 on configuring their vpn servers this is a pretty good list of vpn hosts and caveats https://thatoneprivacysite.net/
|
# ¿ Aug 7, 2020 08:55 |
|
Oneiros posted:i recently spun up a new digital ocean droplet for vpn / dns (pi-hole) purposes 'cause apparently they're offering double the resources for the same price i had been paying and i decided to give wireguard a shot instead of openvpn. super easy to setup, very happy with it so far. algo or Streisand will setup encrypted DNS for whatever that’s worth 30 TO 50 FERAL HOG posted:openvpn is fine but windows 10 does some absolutely mind glowingly dumb poo poo with networking that fucks with any VPN that doesn't specifically use a built in windows tunnel interface and openvpn/basically all ssl vpn just install a virtual 10/100/1000 adapter just get an openwrt compatible router and install openvpn or wireguard on it and then you can safely remove windows and install gentoo
|
# ¿ Aug 8, 2020 13:01 |
|
security in my browser? nein danke!
|
# ¿ Aug 12, 2020 05:25 |
|
how do i secure my cave
Computer Serf fucked around with this message at 10:43 on Aug 19, 2020 |
# ¿ Aug 19, 2020 10:41 |
|
xtal posted:Flowers for alg=none
|
# ¿ Sep 2, 2020 04:24 |
|
Cybernetic Vermin posted:an experiment already happening on a vast scale. vast enough in fact that it is unfortunately hard to really control for. mental health issues are on the rise among the young, but as they all grew up with both screens and the decay of society it is not obvious which part is the problem. one of the most disturbing thing I’ve ever seen on the internet is the youtube comments section of spammy animated songs for kids and realizing the gibberish comments are babies smashing keyboards, but in different languages bad education is the where secfuckups start
|
# ¿ Sep 11, 2020 23:15 |
|
|
# ¿ Apr 23, 2024 16:35 |
|
Methanar posted:give your laptop your desktop's private key seems risky, what if someone steals your laptop xtal posted:You can just send them to the desktop, remember that you only need to send the public key, which is... public. ya just add multiple public keys to your servers authorized keys list, there’s an added benefit that you can individually revoke a key imo it’s best to setup a deadman’s switch on a 15 minute timer so if you’re under duress the servers can safely remove the keys and secure the data with a xor from /dev/urandom Rufus Ping posted:Log in with your password via the web serial console and paste the new key into your authorized_keys
|
# ¿ Sep 23, 2020 05:20 |