Show newer
r000t boosted

Help me prove a point to a colleague:

If your corporate computer (or school computer, or pretend you work for a place that issues computers) normally asks you to press ctrl+alt+del before logging on:

1) Would you ever notice if you *weren't* asked to do that, just once?

2) If you did notice, what would you do?

Selling educational materials for educational purposes only is still legal. Just saiyan.

Alternatively, giving away cyberattack tools is based and GNUpilled

r000t boosted

YOUR
INTERNAL
SERVICES
STILL
NEED
TLS

YOUR
LAN
SHOULD
BE
ASSUMED
TO
BE
HOSTILE

r000t boosted

pam-duress: A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.

github.com/nuvious/pam-duress

r000t boosted

A "podcast" behind a paywall is not a podcast.

A "podcast" that only one app can receive is not a podcast.

A "podcast" without a public feed that can be freely pulled into any podcast client or RSS reader is not a damn podcast, don't let people get away with calling it that.

Bypass HIPAA with oracles...

Dont ask: "Is John Nuckinfutz there?"

Do ask: "Can you transfer me to John Nuckinfutz's room?"

A complete dumpster fire from start to finish, and WD has absolutely no plans to put it out.

But you can always buy a new dumpster. From us, please.

r000t boosted

Windows 10 running Ubuntu 21.04 running Windows 7 running Mac OS 8.5 running Windows 95

r000t boosted
r000t boosted
r000t boosted
r000t boosted

Btw, while a social engineer had control of teslamotors.com DNS

Nobody could start or lock/unlock their $45,000+ cars.

A teenager called up and asked Network Solutions very nicely for control of the domain. And got it. And grounded hundreds of thousands of vehicles.

This company wants you in a self driving car.

Show thread
r000t boosted

University banned from kernel development after professor and students repeatedly intentionally introduce security vulnerabilities into the Linux kernel.

Then they pull the inclusivity card when they're called out on it.

If you were wondering why Microsoft and all the rest are *really* big on Codes of Conduct and other shit that enables this sort of attack....

r000t boosted

Celebrate pissed somebody off.

Say what you will about signal but Moxie knows how to make a drop.

signal.org/blog/cellebrite-vul

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.