A thousand novel mistakes.
- 0 Posts
- 107 Comments
Joined 1 year ago
Cake day: July 2nd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
The two cases, they knew what it was and they did it maliciously. They didn’t know what they were doing and got socially engineered in the process. Both cases are cause for failure.
Sure. But for an entry level interview as a pen tester… Scanning with Kali should be an easy task.
Using Kali? Easy if you have training. The capstone for our security course a decade ago was too find and exploit 5 remote machines (4 on the same network, 1 was on a second network only one of the machines had access to) in an hour with Kali. I found all 5 but could only exploit 3 of them. If I didn’t have to exploit any of them 7 would be reasonably easy to find.
Kali basically has a library of known exploits and you just run the scanner on a target.
This isn’t novel exploit discovery. This is “which of these 10 windows machines hasn’t been updated in 3 years?”
10·9 months agoSeparation of data between accounts makes them fall under different retrieval requirements.
As one account, a request for all of the data from that account contains both chunks. Separation of those accounts separates the need to accommodate requests for data from one on the other.
It can also mean that internally they may have a sufficient mechanism that data that was previously identifying to no longer being identifying (breaking userid to data pairings for example) which is sufficient to “anonymize” the data that it no longer needs to be reported or maintained.
GDPR and pii reasons most likely. It’s a nightmare keeping track of why certain data is on certain accounts. This can vastly simplify the GDPR compliance mechanisms. If your GOG account is merged with your PR account, there is probably significantly more “sensitive” data (CC numbers, addresses, etc) in the GOG account. This probably exempts some data that either cdpr or gog tracks from deletion or retrieval requests.
Win12 confirmed 2044 release date.
Win12 confirmed as a Linux mint cinnamon derivative distro.
This will do the opposite of what you want. All of these policies disproportionately cause poor people to remain poor.
It’s not intuitive and it sounds great till you realize that unless you tax wealth and income with a progressive rate well into the 90% at the highest levels.
People who are wealthy don’t give a single shit about consumption tax. They also don’t care about transaction taxes (unless it’s progressive). A person with a million dollars doesn’t care if milk costs 5 bucks or 6 bucks a gallon… But the person making the minimum wage absolutely cares.
32·9 months agoI don’t think either is actually true. I know many programmers who can fix a problem once the bug is identified but wouldn’t be able to find it themselves nor would they be able to determine if a bug is exploitable without significant coaching.
Exploit finding is a specific skill set that requires thinking about multiple levels of abstraction simultaneously (or intentionally methodically). I have found that most programmers simply don’t do this.
I think the definition of “good” comes into play here, because the vast majority of programmers need to dependably discover solutions to problems that other people find. Ingenuity and multilevel abstract thinking are not critically important and many of these engineers who reliably fix problems without hand holding are good engineers in my book.
I suppose that it could be argued that finding the source of a bug from a bug report requires detective skills, but even this is mostly guided inspection with modern tooling.
1·9 months agoI wasn’t trying to be dismissive. You bring up several good points. I asked because what seems to me the most obvious small form factor answer hadn’t been considered at all.
Lol. That’s my thought. We use the virtual keyboards a lot already. Like the other poster said there are some drawbacks but I find it much easier than any physical mini keyboard (far less strain).
Maybe I am confused why you can’t play them on a smartphone?
I’d this is autism then I have some unexpected conversations coming up.
This story is literally every experienced Linux users first horror story.
I still remember the first time I broke my xorg config on my shiny new slackware 10 install in early 2005.
Suburbs without cars are food deserts. No shops, no public transit. Only single family homes, schools and pedophile shuffling services (churches). If I had to walk to buy any food (even fast food) it would be a 45 minute trip minimum.
I thought this rule was about Minecraft until I read the comments…
It depends on what you are trying to do… There are many tunnel / reverse proxy routing services like https://www.cloudflare.com/products/tunnel/
Here’s a list https://github.com/anderspitman/awesome-tunneling
You can also get a super cheap vps, do some ssh reverse tunnel magic and go along with your day.
I feel like people need an education about the difference between spirit of the law and letter of the law.
This comment reads like this:
“I posted some truly heinous shit and a mod/admin removed it but I didn’t break any written rules therefore my right to force other people to be subjected to my desires was impinged upon😭😭😭😭.”