https://www.quora.com/Is-there...
Link is a google doc. Which appears to be able to track visitors logged in with a google account.
Sorry about your emails.
Searching for a new keyboard on Amazon and seeing all the existing USB keyboards being sold with this vulnerability really pisses me off. It's some major fucking fraud to keep selling a product with this vulnerability.
It's because they'll give you ****ing Hepatitus!
If I knew water rights and environmentalists, I would pass this along to make a big issue for the whole Olympics.
Disgusting.
Let's not pretend SSL certs were supposed to do things they're not. You can be certain no one is imitating the malware site. And that's all a SSL cert means.
>Instead you've created a tool that will, no doubt, be re-engineered by the black hat community to just redirect all traffic to a host, instead of just BT traffic.
Nope. I actually de-engineered one. Here's the python code I found that helped build the ARP cache poisoning in BitHammer: https://github.com/evilsocket/...
Notice the "all" selection.
It's all good, I don't take it personal:-) Things rarely are. I have memories of mean people have kicking me out of things, and those memories hurt.
> In context, wouldn't a far better use of your technical know-how be to help educate others on proper administration of their open WiFI?
Oh god no. I'm been traveling around South America for a year. These are password-protected WIFI's for a cafe or hostel - usually, the uplink is through a long-range WIFI or microwave antenna up the valley (It's how the rest of the world is being slowly internet'd). The owners either don't speak English, or don't understand. When I bring it up, they think they need to upgrade their connection. And of course the ISP is happy to do so. Sometimes it's the guy who installed it who is torrenting. Sometimes the guy who installed it steals the Wifi equipment and sells it back later. Anyways, I don't give free advice - because it's almost always wasting my time, and the person I'm "giving" it to.
> Or perhaps to instead discuss on/. how other people utilize free and public WiFi?
That's pretty much why I posted on Slashdot. The repo's only a couple days old. I used it at the hostal I was staying at before I found an apartment:-) The apartment owner had the same problem with a BitTorrent user sucking up all the bandwidth. We changed the password and now it's fine.
> Well, no, there is a good way for strangers to work together anonymously. That's what a ridiculously large number of us do on a daily basis. It's called working within standards. It's how open-source projects function
I put alot of time into an opensource project that thousands of developers used. When I needed help with it, I asked and didn't get any. It's not a pity party for me. By definition, "giving" can't have expectations. My point is that open-source has an economic model - usually "consultancy", "personal-brand", or "freemium". And those models are based on building relationships. I don't know of any project that automatically accepts all pull requests. I'm not against you in this, I wish there was a better way. My point is that faceless anonymous actors break down cooperation in economies.
Hey, thanks for the comment.
The owner didn't speak English, so they had no clue re: router configuration. We worked it out in Spanish. Also, the Colombian ISP had installed a firmware allowing anyone to change the wifi password over http://192.168.1.1./ Cool eh? That's the level of sophistication the rest of the world is working with.
Yes, it would be awesome if router vendors made hardware to work with modern programs. Buuuuuut, how likely is that to happen!
Hey everybody, thanks for the comments. Most of you probably won't ever see this comment, but I appreciate your interest and feedback about the program.
Believe it or not, I thought about alot each of the ethical issues yall brought up. And well, frankly there isn't a good way for strangers to work together anonymously. That's probably a good definition of a stranger.
If you have any questions, I'm happy to answer them here.
Anyways thanks again and best wishes!
Mike
The first half of your question is phrased as a contractor. The second half is phrased as an employee. Mixing the two kinds of relationships will likely bring dissatisfaction.
That doesn't mean stay or leave. What it means is that if you have to choose between being: an employee or a professional contractor. Some companies have employees they call contractors which is illegal, but happens anyways.
If you want to be an employee for this company, bring the situation to your supervisor. You supervisor is the person responsible for getting you what you need to do your job. You get to choose if you want to do the job or not.
If you want to be a professional contractor, bring the situation to your client - along with one or two recommendations for action. Working with Mr Respected on this will help you sell it. If they don't want to buy your recommendations, then don't take the project.
Definitely don't leave this as a surprise till the end. That isn't good for your reputation.
Whatever you choose, don't work on deathmarch projects. They pay shti, and you will get no future references for work. They are career killers - A players know to avoid these projects. B players hire C players to take the fall on them. Don't let other people turn you into a B or C player.
Cool video. Awesome they did this. Like the editing and camera work. Shame they had such bland lighting on such a bland background. Turn on a light or something!
http://www.suicidepreventionlifeline.org/
Don't take it personally. People are sometimes mean.
Often it's because they're bullies and they have no understanding of how abusive they are, or the hurtful consequences of their actions.
Hurray! Patent reform finally arrives for those who make "substantial investment in exploiting the patent". Apple, Google, IBM, Oracle be saved! Now get back to work!
Slashdot Mirror
You can't be serious. There won't be truckers in 5 years.
Doesn't work on headphone jacks. What abouts USB-C?
https://www.quora.com/Is-there... Link is a google doc. Which appears to be able to track visitors logged in with a google account. Sorry about your emails.
What standards? And why brick if not updated? Weird...
Searching for a new keyboard on Amazon and seeing all the existing USB keyboards being sold with this vulnerability really pisses me off. It's some major fucking fraud to keep selling a product with this vulnerability.
Say goodbye Microsoft keyboard and mouse. Glad I had a spare :-/
Affected devices
It's because they'll give you ****ing Hepatitus! If I knew water rights and environmentalists, I would pass this along to make a big issue for the whole Olympics. Disgusting.
The Java browser plugin infected millions, loaded bloatware, and generally has been a nuisance for years.
It eventually was blacklisted from browsers.
Let's not pretend SSL certs were supposed to do things they're not. You can be certain no one is imitating the malware site. And that's all a SSL cert means.
Don't Hate the Playa. Hate the Game.
Hey, in my enthusiasm, I pledged a thingy.
Then I saw .com and didn't see an ownership model. Is this a private company (hence seed round), or is it a community owned property?
That frankly makes a huge difference in my contribution. Cool idea though. News is total shit these days.
Mike
More importantly. Is it WEB-scale?
>Instead you've created a tool that will, no doubt, be re-engineered by the black hat community to just redirect all traffic to a host, instead of just BT traffic. Nope. I actually de-engineered one. Here's the python code I found that helped build the ARP cache poisoning in BitHammer: https://github.com/evilsocket/... Notice the "all" selection.
It's all good, I don't take it personal :-) Things rarely are. I have memories of mean people have kicking me out of things, and those memories hurt.
> In context, wouldn't a far better use of your technical know-how be to help educate others on proper administration of their open WiFI?
Oh god no. I'm been traveling around South America for a year. These are password-protected WIFI's for a cafe or hostel - usually, the uplink is through a long-range WIFI or microwave antenna up the valley (It's how the rest of the world is being slowly internet'd). The owners either don't speak English, or don't understand. When I bring it up, they think they need to upgrade their connection. And of course the ISP is happy to do so. Sometimes it's the guy who installed it who is torrenting. Sometimes the guy who installed it steals the Wifi equipment and sells it back later. Anyways, I don't give free advice - because it's almost always wasting my time, and the person I'm "giving" it to.
> Or perhaps to instead discuss on /. how other people utilize free and public WiFi?
That's pretty much why I posted on Slashdot. The repo's only a couple days old. I used it at the hostal I was staying at before I found an apartment :-) The apartment owner had the same problem with a BitTorrent user sucking up all the bandwidth. We changed the password and now it's fine.
> Well, no, there is a good way for strangers to work together anonymously. That's what a ridiculously large number of us do on a daily basis. It's called working within standards. It's how open-source projects function
I put alot of time into an opensource project that thousands of developers used. When I needed help with it, I asked and didn't get any. It's not a pity party for me. By definition, "giving" can't have expectations. My point is that open-source has an economic model - usually "consultancy", "personal-brand", or "freemium". And those models are based on building relationships. I don't know of any project that automatically accepts all pull requests. I'm not against you in this, I wish there was a better way. My point is that faceless anonymous actors break down cooperation in economies.
No and No.
https://github.com/evilsocket/...
Don't know about a Tomato, but it would definitely fit on a Raspberry Pi or Beaglebone. If you figure out a way to do it, post up on the github!
Hey, thanks for the comment. The owner didn't speak English, so they had no clue re: router configuration. We worked it out in Spanish. Also, the Colombian ISP had installed a firmware allowing anyone to change the wifi password over http://192.168.1.1./ Cool eh? That's the level of sophistication the rest of the world is working with. Yes, it would be awesome if router vendors made hardware to work with modern programs. Buuuuuut, how likely is that to happen!
Hey everybody, thanks for the comments. Most of you probably won't ever see this comment, but I appreciate your interest and feedback about the program. Believe it or not, I thought about alot each of the ethical issues yall brought up. And well, frankly there isn't a good way for strangers to work together anonymously. That's probably a good definition of a stranger. If you have any questions, I'm happy to answer them here. Anyways thanks again and best wishes! Mike
Awesome! LOL! People actually send me emails asking to wrestle.
Facebook if you must. Then send them the link.
The first half of your question is phrased as a contractor. The second half is phrased as an employee. Mixing the two kinds of relationships will likely bring dissatisfaction.
That doesn't mean stay or leave. What it means is that if you have to choose between being: an employee or a professional contractor. Some companies have employees they call contractors which is illegal, but happens anyways.
If you want to be an employee for this company, bring the situation to your supervisor. You supervisor is the person responsible for getting you what you need to do your job. You get to choose if you want to do the job or not.
If you want to be a professional contractor, bring the situation to your client - along with one or two recommendations for action. Working with Mr Respected on this will help you sell it. If they don't want to buy your recommendations, then don't take the project.
Definitely don't leave this as a surprise till the end. That isn't good for your reputation.
Whatever you choose, don't work on deathmarch projects. They pay shti, and you will get no future references for work. They are career killers - A players know to avoid these projects. B players hire C players to take the fall on them. Don't let other people turn you into a B or C player.
Cool video. Awesome they did this. Like the editing and camera work. Shame they had such bland lighting on such a bland background. Turn on a light or something!
http://www.suicidepreventionlifeline.org/ Don't take it personally. People are sometimes mean. Often it's because they're bullies and they have no understanding of how abusive they are, or the hurtful consequences of their actions.
And gratuitous sex in advertising.
Hurray! Patent reform finally arrives for those who make "substantial investment in exploiting the patent". Apple, Google, IBM, Oracle be saved! Now get back to work!