Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

0xD

@0xD@infosec.pub

This profile is from a federated server and may be incomplete. Browse more on the original instance.

0xD ,

That's not an unpopular opinion, it's an outrageously stupid and uninformed one and you should keep it to yourself.

0xD ,

So?

0xD ,

Biden's support for Israel wasn't nearly as flagrant as it is now

You're saying that about a guy who has been saying shit like "I am a zionist" every year while sucking Israel's dick. LOL.

You're just showing that you have 0 idea what you're talking about and that your opinion is only based on your fantasies, reality does not seem to be of interest to you.

Linus Tech Tips (LTT) release investigation results on former accusations (x.com)

There were a series of accusations about our company last August from a former employee. Immediately following these accusations, LMG hired Roper Greyell - a large Vancouver-based law firm specializing in labor and employment law, to conduct a third-party investigation. Their website describes them as “one of the largest...

0xD ,

That's not how this works. Maybe if you get some business consultants, but this ain't it. Just because you hire them yourself, doesn't mean that they'll fall in line with your wishes.

0xD ,

With Gemini you can let it show you search results for (some) of its statements. It's useful for cross-checking: I was, for example, researching plastics recycling and there was a claim that seemed untrue and corporate. The automagic search/source function for that statement led me to a blog post of some consortium/lobbying group
of manufacturers. After telling that to Gemini it apologized and compiled a list of different view points for that specific statement.

I was pretty impressed with that, and I find it very useful for researching topics I know basically nothing about. Of course it's not the sole source of truth.

0xD ,

It's not as vulnerable but it still is.

Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn't implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks.

0xD ,

I'm a big fan of hashcat for this use case myself! I route it through WS, however. I like being on the bleeding edge.

0xD ,

Check out openvas.

https://github.com/greenbone/openvas-scanner

I use Nessus professionally, they are somewhat similar. I can't decide which one has the worse user interface.

0xD ,

I had a colleague at work years ago who did his Master's thesis on network scanning. He ran a PoC in the company's network and had all the printers print hundreds of pages.

We learned that printers suck and that we should always know our payloads and targets 😁

0xD ,

No, it's spelled the same.

0xD ,

Because it's still in development, but afaik it is the goal to include it once it's stable.

0xD , (edited )

You need Administrative permissions for psexec. It uploads a file to the target computer's \admin$ share (just C:\Windows) and starts a service to execute it. Services run as SYSTEM so that's why you get those privileges.

(Hah, I forgot your message while typing mine and just copied you :)

Edit: fixed c$ to admin$

0xD ,

Thank you for clearing it up!

And regarding your assessment: Exactly!

0xD ,

And then you have Austria where that just doesn't exist, there are just periodical controls in the vehicles or when coming out lol. In my entire life I was checked maybe three or four times!

0xD ,

Only PHP programmers post something like this as an image! 😘

0xD ,

Still trips me up from time to time after all these years!

0xD ,

I approach interviews for penetration testing positions in the same way, just with hacking challenges!

0xD ,

The Windows API is the direct access to OS functions. If you're using the API it's your responsibility to do it securely and protect your users.

0xD ,

Because good journalism isn't free and the expectation that it is leads to societal downfall ;)

0xD ,

If you forget everything else, it's basically an unencrypted chat where the company behind it can read all your messages.

0xD ,

Banning software is not the same as banning books, lol. Books are passive ideas, software is active and can be used for espionage. You're creating a false equivalence here.

0xD ,

Oh yeah, the fallacious slippery slope again. How creative and intellectual!

0xD ,

I never cared about discord so I don't know, but I'd assume so, yes.

0xD ,

To force elaboration while staying on point. Details are just as important to writing as conciseness.

0xD ,

A platform is nothing but a reflection of its users and of humanity :) An empty canvas we can fill.

0xD ,

I'm convinced a lot of it is astroturfing. It's just too perfect and consistent, with the perfect answers for everything and just the right amount of fear mongering.

Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery Stores (gizmodo.com)

Amazon is phasing out its checkout-less grocery stores with “Just Walk Out” technology, first reported by The Information Tuesday. The company’s senior vice president of grocery stores says they’re moving away from Just Walk Out, which relied on cameras and sensors to track what people were leaving the store with.

0xD ,

Sure they can, it just isn't as simple as "just" ;) How do you, for example, determine who picked which item if two people are standing next to each other? Or if something is put back?

Sure, a proof of concept will always work. Building it for the real world is a completely and utterly different beast.

0xD ,

Lemmy's development is to a large part subsidized by some kind of OSS fund.

[Thread, post or comment was deleted by the author]

    •
    0xD ,

    Those companies do, and they maliciously manipulate people for their own profit. This is not on people, this is on toothless regulation.

    0xD ,

    https://www.thelocal.at/20210201/what-is-austrias-e-card-everything-you-need-to-know

    0xD ,

    Have you thought about e-ink readers? There are ones you can write/draw with, and since I got mine I completely skip paper!

    [Thread, post or comment was deleted by the author]

    •
    0xD ,

    Lol. Word unprofessional!

    0xD ,

    Don't you think there are better, more recent examples of this?

    (Oh, I missed the instance I was on lol)

    0xD ,

    You're hilarious!

    0xD ,

    Where I live changing the price after agreeing on it would even be illegal :0

    0xD ,

    What do you think that job consists of? Lol

    0xD ,

    You can't compare those two. First of all, Apple's walled garden makes it significantly harder to perform security research. Second, Android has a way larger ecosystem and is not a monolith, so of course there's gonna be more.

    Apple = Apple, but Android ≠ Android.

    0xD ,

    If you had any idea about how it works, you would not compare them. If you had any idea about how hard Apple makes security research, especially without a Mac, you would not compare them.

    But you don't know what it's about. Being a consumer does not make you an expert.

    US sues Apple for illegal monopoly over smartphones (www.theverge.com)

    The US Department of Justice and 16 state and district attorneys general accused Apple of operating an illegal monopoly in the smartphone market in a new antitrust lawsuit. The DOJ and states are accusing Apple of driving up prices for consumers and developers at the expense of making users more reliant on its iPhones.

    0xD ,

    It's getting worse and worse, completely agree. The reasonable people are getting pushed out by brainless zombies, just like on Twitter or something.

    0xD ,

    It would not. It's really as simple as that, saying as someone with two degrees in cyber security and 7 years of experience as a security consultant for various companies from small shops to multinational businesses, banks, and insurance companies.

    I would love to see their threat modelling to justify what they're saying to brainwash their acolytes... It's a pure strawman to justify their bullshit.

    0xD ,

    The overall point may be relatively obvious, but the details are not.

    Which steps of which processes is it good at, and which not? What can be easily integrated into existing tooling? Where is is best completely skipped?

    0xD ,

    You really have less than zero idea of what you're talking about, this is actually hilarious.

    0xD ,

    I impaled your heart with my mighty sword, peasant; And all that solemnly using but my words. Words... Forged in the gaping depths of my unending intellect, sharpened with rigorous studies, and honed through years of practice. You can only hope to reach the heights of my wit.

    tip of my hat
    turn to the beautiful maiden on my side

    M'lady, I'm sorry that you had to witness this murder. Shall we?

    make passionate love to my queen

    0xD ,

    Welcome to the future! Standard everywhere.

    0xD ,

    You're not even good at whataboutism, lol. Changing one setting is not even comparable to Apple's perfection. The message that you need to allow it first even takes you straight to the setting.

    0xD ,

    Not really: You don't need to log in. That is more effort than enabling sources ;)

    Don't forget that registration also requires an email account! And a phone number! All of that is not necessary for sideloading in Android.

    0xD ,

    And before that you need to register and validate your contact data. Even the act of that one login is more work than changing one setting to allow sideloading. Your point is just completely wrong.

    0xD ,

    Right, and since 2008 not a single thing has changed in this world.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • incremental_games
  • meta
  • All magazines
    •