Brontoforumus Archive

Please login or register.

Login with username, password and session length
Advanced search  

News:


This board has been fossilized.
You are reading an archive of Brontoforumus, a.k.a. The Worst Forums Ever, from 2008 to early 2014.  Registration and posting (for most members) has been disabled here to discourage spambots from taking over.  Old members can still log in to view boards, PMs, etc.

The new message board is at http://brontoforum.us.

Pages: 1 2 3 4 [5] 6 7 8 9 10 11

Author Topic: Computer security  (Read 26741 times)

0 Members and 3 Guests are viewing this topic.

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #80 on: June 11, 2011, 06:55:57 PM »

*writes down Thad's debit PIN for future reference*

...

Wait... I you haven't got any money!
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #81 on: June 11, 2011, 09:43:19 PM »

If my PIN were the address of a place I hadn't lived in years, I'm sure Demogorgon would have cleaned me out by now.
Logged

Rico

  • Tested
  • Karma: 18
  • Posts: 1916
    • View Profile
Re: Computer security
« Reply #82 on: June 11, 2011, 11:00:50 PM »

Two things, more likely; most people combine four-digit numbers into sets of two.  My address growing up was ten twenty-four, not one zero two four.
Similarly, it's really irritating if someone leaves you a phone number on a voicemail and doesn't follow the proscribed 123--45--67 rhythm.
Logged

Smiler

  • HOM NOM NOM NOM
  • Admin
  • Tested
  • Karma: 66
  • Posts: 3334
    • View Profile
Re: Computer security
« Reply #83 on: June 14, 2011, 12:12:01 PM »

This is my favorite thing said about Lulzsec so far:

Quote
This is what would have happened if the A-Team were headed by Murdoch.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #84 on: July 14, 2011, 01:41:25 PM »

Wired via Ars: How digital detectives deciphered Stuxnet, the most menacing malware in history

It's an interesting damn read, just how complex and targeted an attack it was and the steps that security researchers took to figure out what it really was.

It's also got that nice element of moral ambiguity to it -- you can't really pick the "good guys" between the intel agents trying to covertly sabotage Iran's nuclear program and the security researchers who blew the plan open because computer security is bigger than national borders.
Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #85 on: July 31, 2011, 05:24:07 PM »

Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #86 on: July 31, 2011, 05:38:58 PM »

Wonder how long until the courts throw it out.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #87 on: August 26, 2011, 12:56:36 PM »

...so that giant, terrifying compromise of RSA's entire library of private keys?

Somebody opened an E-Mail with a really, really obvious virus attachment.

After the filters had already stuck it in the Junk folder.

I am trying to produce some kind of comment on this revelation but the only sound that's coming out of my mouth is a sort of incredulous squeak.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: Computer security
« Reply #88 on: August 26, 2011, 01:48:32 PM »

Proving once again WHY no security system can ever be perfect.  I mean, until all the monkeys are exterminated.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #89 on: September 26, 2011, 08:36:54 AM »

Craig S Wright at InfoSec Island: SCADA Systems Are Online Now.  For the laymen: SCADA = Supervisory Control And Data Acquisition, and typically refers to physical control systems.

For those not afraid of flying yet:

Quote from: TFA
A while back now, but many of the same systems are in place in the same way, I was contracted to test the systems on a Boeing 747. They had added a new video system that ran over IP. They segregated this from the control systems using layer 2 - VLANs. We managed to break the VLANs and access other systems and with source routing could access the Engine management systems.

The response, "the engine management system is out of scope."

For those who do not know, 747's are big flying Unix hosts. At the time, the engine management system on this particular airline was Solaris based. The patching was well behind and they used telnet as SSH broke the menus and the budget did not extend to fixing this. The engineers could actually access the engine management system of a 747 in route. If issues are noted, they can re-tune the engine in air.

The issue here is that all that separated the engine control systems and the open network was NAT based filters. There were (and as far as I know this is true today), no extrusion controls. They filter incoming traffic, but all outgoing traffic is allowed. For those who engage in Pen Testing and know what a shoveled shell is... I need not say more.

(via)
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #90 on: November 18, 2011, 11:17:26 AM »

In case there was any doubt that the era of insutrial sabotage via SCADA cracking had begun:

Hackers destroy water pump in SCADA attack

Russians, apparently.

And while I don't buy the "cyberwarfare" histrionics the media like to indulge in, we're going to start seeing a lot more of this shit.
Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #91 on: November 22, 2011, 12:59:11 PM »

In case you ever wondered what the top 25 most-hacked passwords were

I've linked the globe re-post rather than the source article because the globe article numbered their list. The original is linked in the globe article.

#6 is kind of interesting. I bet the users of #9 think they're DOHOHO clever.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #92 on: November 22, 2011, 01:01:16 PM »

Logged

Büge

  • won't give you fleaz
  • Tested
  • Karma: -65304
  • Posts: 10062
    • View Profile
Re: Computer security
« Reply #93 on: November 22, 2011, 03:14:43 PM »

Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #95 on: November 30, 2011, 10:02:53 AM »

Google implements forward secrecy for search traffic.  In other words, keys aren't (entirely) stored, and traffic can't be decrypted after the fact.

Basically, if you sniff some encrypted packets and then later get your hands on the private key used to encrypt them, you still can't decrypt them.

Course, that means that instead of sniffing packets ahead of time and getting a key later, the person who hypothetically breaks into Google will be looking specifically for search data.  But still and all, a good step forward.
Logged

Friday

  • Admin
  • Tested
  • Karma: -65374
  • Posts: 5122
    • View Profile
Re: Computer security
« Reply #96 on: November 30, 2011, 10:09:03 AM »

About a year ago, I had to explain to my mom why adding a "1" after her password didn't make it secure.

A week ago I learned she changed it to a "2".
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #97 on: December 01, 2011, 08:56:44 AM »

Doctorow: Sprint phones preloaded with keylogging rootkit.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: Computer security
« Reply #98 on: December 01, 2011, 09:25:41 AM »

...huh.  I don't know if it shows up during OTA updates but I'm still very glad I broke those a year ago.

Good reason to switch carriers; can someone tell me which one is least certain to stoop to that level?
Logged

TA

  • Tested
  • Karma: 29
  • Posts: 3219
    • View Profile
Re: Computer security
« Reply #99 on: December 01, 2011, 09:45:21 AM »

It's a bit more involved than just "Sprint puts a rootkit", and it's not really a rootkit, but yeah, throwing pretty much any custom ROM on a phone will cancel that out.
Logged
Do you understand how terrifying the words “vibrating strap on” are for an asexual? That’s like saying “the holocaust” to a Jew.
Pages: 1 2 3 4 [5] 6 7 8 9 10 11