Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


https://twitter.com/mattcarthy/status/1120641557886058496

Adbot
ADBOT LOVES YOU

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


they have to be legit, they advertise on podcasts! not just anyone can do that

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


how would autopilot react to red being inside the car

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


ewiley posted:

Unlikely, here's more Bloomberg being kinda lovely:

https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment?srnd=technology-vp

I've not actually seen any evidence of Huawei actively backdooring aside from the typical consumer telnet daemon that literally all vendors were guilty of in the early 2000's and 2010's and just generally lovely security development practices all around.

and the vendor response: https://www.bbc.com/news/business-48103430

quote:

"The 'backdoor' that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet.

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


im very immature

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


SIGSEGV posted:

so, we have to enable studies in order to fix this and not, you know, a good and simple update, nice

studies is a temp fix until they can get a new cert

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Munkeymon posted:

the process was pretty bad and may be the reason insulin prices weren't capped

I've been wondering for a while now if selling a dumbed down git clone to legislatures to handle what are effectively giant merge conflicts would be a good business or if they'd just stubbornly refuse to do it electronically

there's been a few places that have tried that and it seems to have worked out well, it just requires people younger than dirt to be in power

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


i just wish that either we could use a version of kronos that doesnt require java or hr would go back to doing their job so we dont need to use kronos

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


cybrancyborg posted:

Specifically Java 1.7u9? 'cause my employer thinks that will work fine, forever.

probably, i know i have to keep acknowledging that it is insecure for it to display anything

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Cybernetic Vermin posted:

weeeell, i don't doubt that local government does indeed struggle with security for reasons not entirely in their control, and in fact agree that the culture around the ongoing security catastrophy we all inhabit is part of the problem.

its purely a cost issue

quote:

Baltimore's information security manager warned of the need for such a policy during budget hearings last year. But the final budget did not include funds for that policy, nor did it include funding for expanded security training for city employees, or other strategic investments that were part of the mayor's strategic plan for the city's information technology infrastructure.

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Shame Boy posted:

why is there a bitcoin in that phone

did they steal that graphic from a bitcoin website

its to illustrate the crime the cops are looking for in a phone

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


love to put success conditions in the url and not validate them anywhere

quote:

Yesterday, the SEC announced that they'd found a second, even more disturbing pattern of cheating, one that went right to the top, with Big Four accounting firm KPMG's most senior staff cheating on their integrity exams. The tests were delivered online, and in the URL for the test was a variable that set the percentage needed for a passing grade: "MasteryScore=70" -- by lowering this value, cheaters could turn any number of right answers into a pass

http://fcpacompliancereport.com/2019/06/day-reckoning-kpmg-failures-ethics/

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Penisface posted:

got an email today from instagram saying my profile name has been changed. I don’t have a instagram account so I tried to log in with my email going directly to the site and not clicking any email links (although the email was legit)... some verify codes and forgot passwords later I am apparently logged in but it’s no way my account. probably should contact their customer service and roll back this stuff so the crypto dude who apparently set my email in there gets his acc back

in retrospect I should have left it alone but I figured that if it’s some scam I better do something before my email is associated with something I don’t control

you are supposed to close the account of anyone who uses your email address, in theory they will eventually learn their email address

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost



death to prank culture

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


CRIP EATIN BREAD posted:

death to all culture

also acceptable

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


the regulators can/will fine them again since they are not going to ever be in compliance

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Vomik posted:

the eu already has their own intelligence agencies with backdoors why would they need the nsa’s

because you should always have a back up plan

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost



units of capitalism

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


ewiley posted:

https://twitter.com/GossiTheDog/status/1163753873351356417?s=20

Hmm what's the over/under this is a secfuck or just an IT outage.

three weeks

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Deep Dish Fuckfest posted:

starting to wonder if those addresses are worth any serious money. i mean if your name + lastname is common enough, there's bound to be someone out there with too much money and an oversized ego ready to pay for it

most big actors have their name @gmail because names are important to them and they can offer things besides money

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


look at this money bags that can afford to run a blowtorch instead of using a clothes iron like the rest of us

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


if thats what it takes to get people to keep their dependencies up to date...

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Sniep posted:

iowa, and yeah that doesnt matter anymore.

The problem is they got hacked and need to punish the hackers. Simple as that.

thats not what happened, its a pissing match between the local sheriff and the state government

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


https://twitter.com/AndrewDesiderio/status/1176890146567983104

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Shame Boy posted:

wait why are they replacing monitors too :confused:

...that makes me wonder if there's any way for a virus to stay resident in like, monitor firmware, and somehow work its way back into the computer via the HDMI port.

i seem to remember seeing a poc at defcon a few years back but that might have been storing the payload in the monitor and relying on a reinfection of the loader via normal means

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


i keep getting mailers for the texas cyber summit and one of the bullet points on them is that i will save 50% compared to black hat which really seems like a bad comparison

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


ewiley posted:

yeah I see it's not in the source when the server serves it up, but still there's got to be a way to have the webserver process run as creds, like an iis worker process does. Or have them in some protected include file at least...

php has been able to read server and environment variables for a long time, people are just lazy

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Plorkyeran posted:

pen testing is only useful if you actually intend to fix any of the problems

sometimes its useful as a management bludgeon so that you can eventually fix the problems

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Chalks posted:

Does it matter as long as they're able to repeat the character sequence consistently?

it makes it harder for the customer support agent on the phone when you read it out to them

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


CMYK BLYAT! posted:

for google? ahahahahahahaha you are a funny poster

do you normally give your password out over the phone?

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Stabby McDamage posted:

https://krebsonsecurity.com/2019/11/retailer-orvis-com-leaked-hundreds-of-internal-passwords-on-pastebin/


You can read between the lines and imagine the exact mixture of incompetence that led to this.

my_passwords.txt

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


i think the only reason left is avoiding government sunshine laws

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Cocoa Crispies posted:

tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught"

my_crimes.txt is a good what not to do guide

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


redleader posted:

computers are an utter joke and society should never have trusted even the simplest, least important thing to them

in picard when the lady romulan was explaining how romulans dont trust any form of machine intelligence and keep their computers simple i just kept nodding in agreement

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


CRIP EATIN BREAD posted:

i wasnt talking about the performers.

im talking about the customers.

credit cards generally don't like fake names

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


because there is no one checking on that
it would cost money to hire people to review app permissions

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Chris Knight posted:

does android not have a built in flashlight feature?

it does, but i wouldnt be surprised if a carrier removed it so they could install their own ad laden one

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


this is kazooie erasure

Adbot
ADBOT LOVES YOU

duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost


Perplx posted:

i would hope there was a waiting room and dedicated call attendant, something my company does everyday

what about the current british government would give you that idea

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply