User: campuscodi

Re:Let's Encrypt

on Google Reducing Trust In Symantec Certificates Following Numerous Slip-Ups (bleepingcomputer.com)

No it's not. Let's Encrypt is even a bigger offender. Example: Let's Encrypt issued over 15,000 certificates for domains containing PayPal in their name (obvious phishing sites): https://crt.sh/?identity=paypa...

Ormandy recommends

on LastPass Bugs Allow Malicious Websites To Steal Passwords (bleepingcomputer.com)

FYI, on Twitter, someone asked Ormandy what was the best password manager. His reply was "KeePass or KeePassX are both perfectly reasonable choices." Source: https://twitter.com/taviso/sta...

Re:This Worked So Well For Yahoo!

on IBM, Remote-Work Pioneer, is Calling Thousands Of Employees Back To the Office (qz.com)

That's why she'll make $23 million after she resigns her CEO position at a company she just sold for a meager $4 billion, after being worth $90 billion. Great decision (among many). Bravo!

The image

on Women Still Underrepresented in Information Security (betanews.com)

And of course the site uses an image of two supermodels to portray women in infosec :)))) No wonder they're underrepresented

Re:The Dutch were justified

on Hundreds of Verified Twitter Accounts Compromised, Post Swastikas, Pro-Erdogan Content (bloomberg.com)

yes they were, but the new Turkish administration is full of retards pushing a pro-Russian agenda against anything EU

Chrome too

on Will WebAssembly Replace JavaScript? (medium.com)

Google also officially added support for WebAssembly in Chrome 57, released 3 days ago, btw

Not IOT

on Hidden Backdoor Discovered In Chinese IoT Devices (techradar.com)

It's not an IoT device. It's basic networking equipment. Stop calling everything IoT.

Re:Who the fuck uses anything PHP in production?

on Severe SQL Injection Flaw Discovered In WordPress Plugin With Over 1 Million Installs (bleepingcomputer.com)

People on cheap shared hosting providers. Mom an' pop shops.

OMG

on Congressional Candidate Brianna Wu Claims Moon-Colonizing Companies Could Destroy Cities By Dropping Rocks (washingtontimes.com)

What the heck did I just read? Why doesn't the URL include "onion" anywhere in there?

Corporations

on EU Moves To Bring In AI Laws, But Rejects Robot Tax Proposal (newatlas.com)

EU and governments all over the world would do anything to protect corporations. The only tax they'll push is slacker tax in case you didn't find a job fast enough after a robot took yours

Wrong

on Facebook's New Tool Looks To Replace Traditional Two-Factor Authentication (thenextweb.com)

2FA is used for logging in. Delagated Recovery is used for account recovery. How can one replace the other?

Oh yeah, the quality

on Node.js's npm Is Now The Largest Package Registry in the World (linux.com)

Can you really call 10-line code snippets... packages?

bu-huu

on Medium Cuts Staff By One-Third, Shuts Down New York and DC Offices (arstechnica.com)

bu-huu, we can't find advertisers that don't want to censor our content... bu-huu

Not white hat

on White Hat Security Group Hacks Marvel Twitter Accounts (polygon.com)

Definitely not white hat. These guys were breaching forums and launching DDoS attacks last year. Get a clue!

Re:Tor

on First Version of Sandboxed Tor Browser Available (bleepingcomputer.com)

No, it's not. I use it every day as my default browser.

Replacing CMD

on PowerShell Security Threats Greater Than Ever, Researchers Warn (computerweekly.com)

And that's why Microsoft is replacing cmd.exe with PowerShell

Re:I wonder what the access level would be?

on You Can Now Rent A Mirai Botnet Of 400,000 Bots (bleepingcomputer.com)

You obviously can only launch attacks. Don't think they'd give you access to bot updates.

Half

on Slashdot Asks: Will Farming Be Fully Automated in the Future? (bbc.com)

It's already half-automated in many parts of the world. I'll give it until 2030-2040.

Small tidbit

on Security Researchers Can Turn Headphones Into Microphones (techcrunch.com)

You don't have to be a security researcher to do that. Electrical engineers can do it as well. The point of the article is the privacy and security implications that come from malware that can switch I/O audio jacks using software toggles found in audio drivers and secretly record you while you have your headphones or simple speakers plugged in.

Re:Non Issue

on Second Chinese Firm In a Week Found Hiding a Backdoor In Android Firmware (bleepingcomputer.com)

They don't have it for the OS itself, but there are firmware components for OEM-specific software that receives OTA updates.

Not the first

on Researchers Set To Work On Malware-Detecting CPUs (helpnetsecurity.com)

Since 2014 I've been reading about hardware-based detection. I'm starting to think this is just panacea... like those cloud-based antivirus engines that never picked up anything. Here's a bunch of research on the topic: http://www.ieee-security.org/T... http://caslab.eng.yale.edu/wor... http://www.cs.binghamton.edu/~... http://www.cs.binghamton.edu/~...

Re:Goodbye democracy

on Turkey Doubles Down On Censorship With Block On VPNs, Tor (vice.com)

Said Turkish teens in 2012, probably earlier. This is not new.

Technically speaking

on Mirai and Bashlight Join Forces Against DNS Provider Dyn (arstechnica.com)

Technically speaking, Mirai and Bashlight are the most widespread. So it's like launching an attribution dart at a board large as a two-storey building

Re:On ./

on 'StrongPity' Malware Infects Users Through Legitimate WinRAR and TrueCrypt Installers (neowin.net)

I'll just leave this here: "The owner of dotslash.org is offering it for sale for an asking price of 10000 USD!"

Bullshit

on When Her Best Friend Died, She Rebuilt Him Using Artificial Intelligence (theverge.com)

You can't call something AI if it pulls random text lines from a config file. Talk about an overhyped term. I presume the WordPress Hello Dolly plugin is AI too, right?