@scottalanmiller said in Your Phone's Motion Sensors Might Be Leading Your Passwords:

@JaredBusch said in Your Phone's Motion Sensors Might Be Leading Your Passwords:

Siri and I are not getting along well this morning I don't know why

She's busy trying to figure out your password.

She's got to be doing something, because I just clarified the disaster in that other thread and it took me like two minutes speaking very slowly to get that post out.

@scottalanmiller said in ShadowBroker Releases EquationGroup Files:

We will find that this is only the tip of the iceberg.

ftfy...
/tinfoilhattime

Someone in the CIA is busy explaining to some congressional sponsors how their "no one will ever know it was us" isn't going as planned.

@momurda said in BrickerBots Targeting Poorly Secured Internet Connected Consumer Devices:

But the people affected will just go buy new devices, connect them back up without changing default access pw

At some point it just becomes funny

@travisdh1 said in Some Android Devices Susceptible to Wifi Hack:

@mlnews Huh, the news story I saw on that sounded like anything using a Broadcom chipset was vulnerable, which means a lot more devices than just Android and Apple.

Anything using a specific chipset. Not sure if anything outside of phones uses that one.

@scottalanmiller said in US Officially Signs Away Internet Privacy Protections:

The US has a relatively uninvolved populace when it comes to politics. Even for the third world it's not very involved.

Some areas of the US have single digit participation rates... that's nearly unheard of in countries outside of authoritarian dictatorships

@Tim_G said in Samsung Galaxy S8 Facial Recognition Already Defeated with Picture:

@matteo-nunziati said in Samsung Galaxy S8 Facial Recognition Already Defeated with Picture:

@Tim_G said in Samsung Galaxy S8 Facial Recognition Already Defeated with Picture:

I don't understand why they didn't do it like the Lumia 950xl... iris scanner. Infrared to light up the eyes, another to take the pic.

they also have it! fingerprint, face, iris, pin, sequence... they only miss the list of things in your fridge 😛

Then how can a regular picture fool it? Seems like a software issue and not hardware.

I mean: you can either auth yourself via face or any other solution. Samsung AFAIK doesn't implement so named pure biometric 2 factor-auth. You have just to avoid face and fingerprint (as it is too close to camera). just use iris or sequence/pin...

I own a xiaomi redmi 4 and to be honest rear-fingerprint scanners are a bit of a pain... I alternate fingerprint to sequences...

@Tim_G said in Edge the Big Loser at Pwn2Own:

The most impressive exploit by far, and also a first for Pwn2Own, was a virtual machine escape through an Edge flaw by a security team from “360 Security.” The team leveraged a heap overflow bug in Edge, a type confusion in the Windows kernel, and an uninitialized buffer in VMware Workstation for a complete virtual machine escape.
The team hacked its way in via the Edge browser, through the guest Windows OS, through the VM, all the way to the host operating system. This impressive chained-exploit gained the 360 Security team $105,000.

I thought VMWare fixed the possibility of this from being possible? This is now the third time I've heard of VM escape on the VMWare platform.

I wonder who is tracking VM escape rates.

Hak5 OpenVPN Series: http://www.youtube.com/playlist?list=PL9Gx4S6DDjBvoIpQZiAhdRFpZ0yztZJms

This all goes back to the CIA triangle. Confidentiality, Integrity, and Availability. An attacker will try to compromise 1 of those 3 components.

@Dashrender said in Australia Post Ransomwared Its Own Staff:

I guess the reason the government cares about this is all FUD then?

Why else did you think that HIPAA has no real value. It doesn't require that things be even remotely secure and doesn't create any security practices that good IT and management would have been worlds beyond already. So given that its purpose clearly wasn't to secure data but to pretend to secure data, what else could it be for?

@stacksofplates said in Ubiquiti vulnerability:

@JaredBusch said in Ubiquiti vulnerability:

@stacksofplates said in Ubiquiti vulnerability:

@JaredBusch said in Ubiquiti vulnerability:

None of that is the EdgeMax series.

That is all the original wireless stuff before even the Unifi line.

Yes it is all still currently available, but not nearly as horrible as that article is trying to insinuate.

All that gear should be behind a router normally.

Ya I was looking through it and noticed that. The tough switch was in there, but that's the only non bridge type device I saw.

The tough switch has been a dead product for years.

Ah didn't realize that. I've seen it for sale a few places, but never noticed they weren't produced any more.

It might still be produced, but it has not been developed against at all.