Security
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
Security
I contend that there is no security for anything that is connected to the net. There I said it. Is this paranoid rambluing? Maybe yes. Maybe no.
Why couldn't the government demand that microsoft program back doors into everything they sell? Why no dammit!!!
And what about this internetthing... can't the government shut it down? And what about cloud computing? What the fuck is up with that? Thats like inviting Joe Biden into your house.
So? Answer me that if you can!!?!11
Why couldn't the government demand that microsoft program back doors into everything they sell? Why no dammit!!!
And what about this internetthing... can't the government shut it down? And what about cloud computing? What the fuck is up with that? Thats like inviting Joe Biden into your house.
So? Answer me that if you can!!?!11
-
- Posts: 37349
- Joined: Tue Jun 08, 2004 1:21 am
- Location: Los Angeles, CA
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
-
- Posts: 37349
- Joined: Tue Jun 08, 2004 1:21 am
- Location: Los Angeles, CA
Re: Security
Not unless I have a canon near me.ed wrote:Don't patronize me, this is serious.
Do you really feel secure?
-
- Posts: 23535
- Joined: Sun Jul 18, 2004 7:15 pm
- Title: Incipient toppler
- Location: Swimming in Lake Ed
Re: Security
A camera is not going to help. 8)Grammatron wrote:Not unless I have a canon near me.ed wrote:Don't patronize me, this is serious.
Do you really feel secure?
-
- Posts: 10271
- Joined: Tue Nov 13, 2007 11:00 pm
- Location: Hangar 18
-
- Posts: 23535
- Joined: Sun Jul 18, 2004 7:15 pm
- Title: Incipient toppler
- Location: Swimming in Lake Ed
Re: Security
Obama took credit for the last big one. Is your memory failing? I mean, I can post a link if you like.Mentat wrote:No need to worry, we still have Obama to blame when a security breach is found.
-
- Posts: 10000
- Joined: Sun Jun 06, 2004 4:09 pm
- Location: Earning my avatar in the rain
Re: Security
Just be sure that the link has a Trojan horse and a worm or two. K thx.Rob Lister wrote:Obama took credit for the last big one. Is your memory failing? I mean, I can post a link if you like.Mentat wrote:No need to worry, we still have Obama to blame when a security breach is found.
CH
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
-
- Posts: 5773
- Joined: Sun Feb 11, 2007 3:43 am
- Location: A little further north.
-
- Posts: 29811
- Joined: Fri Jul 16, 2004 4:00 pm
- Location: Location: Location!
Re: Security
I know my life has been twisted by the Internet because whenever somebody says or writes "Science!" I immediately picture a test-tube dancing to stupid music.
-
- Posts: 25992
- Joined: Tue Jun 29, 2004 12:40 am
- Location: New Port Richey, FL
Re: Security
I picture Magnus Pyke from the Thomas Dolby video... who I just discovered was something of a Bill Nye of his time. (Magnus, that is). I'm thinking new avatar...
-
- Posts: 25992
- Joined: Tue Jun 29, 2004 12:40 am
- Location: New Port Richey, FL
-
- Posts: 35689
- Joined: Thu Sep 19, 2013 5:50 pm
Re: Security
Long, wordy article, so excerpt:
https://www.wired.com/story/the-full-st ... y-be-told/ for all of it.The Full Story of the Stunning RSA Hack Can Finally Be Told
In 2011, Chinese spies stole the crown jewels of cybersecurity—stripping protections from firms and government agencies worldwide. Here’s how it happened.
...
RSA kept those seeds on a single, well-protected server, which the company called the “seed warehouse.” They served as a crucial ingredient in one of RSA's core products: SecurID tokens—little fobs you carried in a pocket and pulled out to prove your identity by entering the six-digit codes that were constantly updated on the fob's screen. If someone could steal the seed values stored in that warehouse, they could potentially clone those SecurID tokens and silently break the two-factor authentication they offered, allowing hackers to instantly bypass that security system anywhere in the world, accessing anything from bank accounts to national security secrets.
Now, staring at the network logs on his screen, it looked to Leetham like these keys to RSA’s global kingdom had already been stolen.
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
Re: Security
https://krebsonsecurity.com/2021/11/hoa ... i-website/
:freedom:The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
Re: Security
Was asked to export a database we had set up for a client. Now, that account and project was closed in December 2020. Had given the client the login credentials for the server and deleted our service accounts. I told our team that I couldn't do the download because it is unethical. I did check and the client has not changed the server account password.
<Insert classic line from Kurosawa epic here.>
<Insert classic line from Kurosawa epic here.>
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
Re: Security
N.B. pROOF OF THE PARANORMAL.ed wrote: ↑Tue Oct 16, 2012 6:44 pm I contend that there is no security for anything that is connected to the net. There I said it. Is this paranoid rambluing? Maybe yes. Maybe no.
Why couldn't the government demand that microsoft program back doors into everything they sell? Why no dammit!!!
And what about this internetthing... can't the government shut it down? And what about cloud computing? What the fuck is up with that? Thats like inviting Joe Biden into your house.
So? Answer me that if you can!!?!11
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
Re: Security
I recall getting into an argument with some dumbfuck about the interwebs. I contended that a government could shut it down. He said "no, impossible".
I realize now that, while I may have been correct, my position was hopelessly naïve. A government would not be served by shutting it down, the right thing to do would be to monitor everything. Then you know who to watch/liquidate. In fact, they ought to entrap.
Live and learn.
I realize now that, while I may have been correct, my position was hopelessly naïve. A government would not be served by shutting it down, the right thing to do would be to monitor everything. Then you know who to watch/liquidate. In fact, they ought to entrap.
Live and learn.
-
- Posts: 6637
- Joined: Mon May 31, 2021 6:07 pm
Re: Security
Man In the Middle is how the spooks get to you still. Rosenstein was still a "van full of people" type of guy in the reports.
See, one of the reasons you don't want Google or Amazon branded products as your router is that they are complicit with the FBI/CIA. Your data and privacy in their ecosystems are non-existent.
You want to disable all Amazon Alexa or Google Home listening devices in your home.Their network devices I would replace with ASUS kit. You will hear people drone on about Ubiquity, but ASUS is fine. You can sideload open source firmware on it too if you don't trust the vendor firmware to not have backdoors. You can scan your home network from the internet to see if there are listening ports. Close them.
Run your ASUS (or other) router with no incoming ports open at all and UPNP disabled. Use a VPN to access sites you don't want snooped at the Telco provider. If the feds want to monitor your shit then, they have to come out in a VAN and re-route your internet from your home through a device nearby as a Man in the Middle attack to snoop your traffic. If they do this, the VPN still protects your session although they will see the destination traffic for Canada or Switzerland or wherever.
We now live in a society where you should be operating with zero trust of the government. We always did, but now the stakes with the march of Democrat Socialists, the gulags in Australia, forced medical procedures, and the general morphing of Progressivism into Nazism; you need to protect your shit.
For the record, I've worked in cybersecurity in some capacity since 1997. I have code in the Linux kernel and wrote the SSL patches for the m68k code for Mozilla. I know a thing or two about this field.
See, one of the reasons you don't want Google or Amazon branded products as your router is that they are complicit with the FBI/CIA. Your data and privacy in their ecosystems are non-existent.
You want to disable all Amazon Alexa or Google Home listening devices in your home.Their network devices I would replace with ASUS kit. You will hear people drone on about Ubiquity, but ASUS is fine. You can sideload open source firmware on it too if you don't trust the vendor firmware to not have backdoors. You can scan your home network from the internet to see if there are listening ports. Close them.
Run your ASUS (or other) router with no incoming ports open at all and UPNP disabled. Use a VPN to access sites you don't want snooped at the Telco provider. If the feds want to monitor your shit then, they have to come out in a VAN and re-route your internet from your home through a device nearby as a Man in the Middle attack to snoop your traffic. If they do this, the VPN still protects your session although they will see the destination traffic for Canada or Switzerland or wherever.
We now live in a society where you should be operating with zero trust of the government. We always did, but now the stakes with the march of Democrat Socialists, the gulags in Australia, forced medical procedures, and the general morphing of Progressivism into Nazism; you need to protect your shit.
For the record, I've worked in cybersecurity in some capacity since 1997. I have code in the Linux kernel and wrote the SSL patches for the m68k code for Mozilla. I know a thing or two about this field.
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
Re: Security
Why I don't use code from GIT
The Verge: Open source developer corrupts widely-used libraries, affecting tons of projects.
https://www.theverge.com/2022/1/9/22874 ... s-affected
The Verge: Open source developer corrupts widely-used libraries, affecting tons of projects.
https://www.theverge.com/2022/1/9/22874 ... s-affected
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
Re: Security
https://blog.avast.com/malicious-qr-cod ... stin-avast
As the Covid-19 pandemic made people hesitant to touch most surfaces in early 2020, QR codes started popping up everywhere. They’ve become even more ubiquitous over the past year and a half, showing up on everything from restaurant menus to mobile check-ins to supermarket displays. And now, according to a report from the City of Austin, fraudulent QR codes have been found on more than two dozen parking pay stations across the city.
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
Re: Security
Link: https://twitter.com/briankrebs/status/1483852269510610946
Article with a 'splainer:https://krebsonsecurity.com/2022/01/irs ... ne-access/
-
- Posts: 41975
- Joined: Tue Jun 08, 2004 11:52 pm
- Title: G_D
-
- Posts: 77289
- Joined: Fri Jun 04, 2004 8:09 pm
- Title: Collective Messiah
- Location: Your Mom
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
-
- Posts: 77289
- Joined: Fri Jun 04, 2004 8:09 pm
- Title: Collective Messiah
- Location: Your Mom
Re: Security
That copy of Justine is somewhat surprising.
– J.D.
– J.D.
Last edited by Doctor X on Mon Feb 07, 2022 12:18 am, edited 1 time in total.
-
- Posts: 5156
- Joined: Fri Feb 14, 2020 2:12 am
- Title: Enchantress
- Location: This septic Isle.
Re: Security
I would have thought that Brenda would stop having having red boxes after Phil the Greek popped his clogs.
Hold onto that image.
It's not going away, is it?
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6
-
- Posts: 77289
- Joined: Fri Jun 04, 2004 8:09 pm
- Title: Collective Messiah
- Location: Your Mom
-
- Posts: 32975
- Joined: Sat Jun 05, 2004 2:17 am
- Title: Man in Black
- Location: Division 6