hate these ads?, log in or register to hide them
Page 43 of 43 FirstFirst ... 3340414243
Results 841 to 855 of 855

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #841

    Join Date
    April 13, 2011
    Posts
    6,959
    Quote Originally Posted by Lana Torrin View Post
    The other issue at least for decent sized businesses is the more records you have the less secure it is.

    For your phone, you have what, 4 fingers?

    For our work thumb scanner we have say 150 staff with at least 2 scans each. That's 300 scans minimum. Ignoring the ex staff that never got removed (which we only audit about every 6 months), any misread scan of some random person has a chance of being a close enough match to an existing scan.. Looking though the scanner logs we see a misread rate of about 30% on our main scanner (it's old). We have also observed it reading prints as the wrong person..

    I don't trust our scanners but the boss doesn't like swipe cards so that's what we have.
    you need to work somewhere less completely fucking terrible because everything you've just written indicates you work somewhere completely fucking terrible.

  2. #842
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,623
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Lana Torrin View Post
    The other issue at least for decent sized businesses is the more records you have the less secure it is.

    For your phone, you have what, 4 fingers?

    For our work thumb scanner we have say 150 staff with at least 2 scans each. That's 300 scans minimum. Ignoring the ex staff that never got removed (which we only audit about every 6 months), any misread scan of some random person has a chance of being a close enough match to an existing scan.. Looking though the scanner logs we see a misread rate of about 30% on our main scanner (it's old). We have also observed it reading prints as the wrong person..

    I don't trust our scanners but the boss doesn't like swipe cards so that's what we have.
    you need to work somewhere less completely fucking terrible because everything you've just written indicates you work somewhere completely fucking terrible.
    You can believe what you want. Finger prints are secure, reading them accurately and instantly matching them against a database of potentially badly recorded finger prints, not as much.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  3. #843
    Keckers's Avatar
    Join Date
    July 31, 2012
    Posts
    18,311
    Quote Originally Posted by elmicker View Post
    you need to work somewhere less completely fucking terrible because everything you've just written indicates you work somewhere completely fucking terrible.
    Not every slightly problematic process is a business critical failure waiting to happen.

    Management consultants might make a living and have a ridiculously large market peddling falsehoods like that but they're largely wrong.
    Quote Originally Posted by Paul Mason
    It is absurd that we are capable of witnessing a 40,000 year old system of gender oppression begin to dissolve before our eyes yet still see the abolition of a 200 year old economic system as an unrealistic utopia.

  4. #844
    Mashie Saldana's Avatar
    Join Date
    April 10, 2011
    Location
    Peterborough, UK
    Posts
    1,001
    Quote Originally Posted by Lana Torrin View Post
    I don't trust our scanners but the boss doesn't like swipe cards so that's what we have.
    Can't you just microchip the boss and have the rest of you use swipe cards?
    How to tell the difference between Machine Learning and AI:
    If it is written in Python it is most likely Machine Learning.
    If it is written in PowerPoint it is most likely AI.

  5. #845

    Join Date
    April 13, 2011
    Posts
    6,959
    Quote Originally Posted by Keckers View Post
    Quote Originally Posted by elmicker View Post
    you need to work somewhere less completely fucking terrible because everything you've just written indicates you work somewhere completely fucking terrible.
    Not every slightly problematic process is a business critical failure waiting to happen.

    Management consultants might make a living and have a ridiculously large market peddling falsehoods like that but they're largely wrong.
    If you're working in a business where "the boss doesn't like swipe cards" and you only audit your joiners/leavers every six months you are 100% living in a world of a critical failure waiting to happen.

  6. #846
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,623
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Keckers View Post
    Quote Originally Posted by elmicker View Post
    you need to work somewhere less completely fucking terrible because everything you've just written indicates you work somewhere completely fucking terrible.
    Not every slightly problematic process is a business critical failure waiting to happen.

    Management consultants might make a living and have a ridiculously large market peddling falsehoods like that but they're largely wrong.
    If you're working in a business where "the boss doesn't like swipe cards" and you only audit your joiners/leavers every six months you are 100% living in a world of a critical failure waiting to happen.
    It's not full time leavers that are the issue, those are gone on their final day (sometimes before they have actually left). The issue is we have 3 businesses in the building (which rent from us) and we have to also administer their thumb prints. They are not so fast at removing people. We also have a bunch of 'will come in once every now and then' casuals and contractors who may legitimately not show up for 2 months then be in the building every day. We rarely find out that these people aren't coming back until we haven't seen them for months on end and partly it's because the people that use these casuals have every intention to use them again when needed but they just aren't needed again.

    Quote Originally Posted by Mashie Saldana View Post
    Quote Originally Posted by Lana Torrin View Post
    I don't trust our scanners but the boss doesn't like swipe cards so that's what we have.
    Can't you just microchip the boss and have the rest of you use swipe cards?
    I have considered mangeling her hand on more than one occasion just so we can start using actual secure cards.. Winter is coming (for reals) and water on the scanners means they wont read shit so you literally have to spend 30 seconds wiping it down and drying it off so you can get in the building.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  7. #847
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,972
    https://motherboard.vice.com/en_us/a...s-of-computers

    I never could get ASUS's online update to work, guess I dodged a bullet?
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  8. #848
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,721
    If you write-off your Tesla, don't forget to total the car computer.

    CNBC: Tesla cars keep more data than you think, including this video of a crash that totaled a Model 3

    • Crashed Tesla vehicles, sold at junk yards and auctions, contain deeply personal and unencrypted data including info from drivers’ paired mobile devices, and video showing what happened just before the accident.
    • Security researcher GreenTheOnly extracted unencrypted video, phonebooks, calendar items and other data from Model S, Model X and Model 3 vehicles purchased for testing and research at salvage.
    • Hackers who test or modify the systems in their own Tesla vehicles are flagged internally, ensuring that they are not among the first to receive over-the-air software updates first.
    Then, there was the crash.

    This video extracted from the wrecked Model 3 shows the car speeding out of the right lane into the trees off the left side of a dark two-lane route.

    GPS and other vehicle data reveals that the accident happened in Orleans, Massachusetts, on Namequoit Road, at 11:15 pm on Aug 11, and was severe enough that airbags deployed.

    Call logs show that an iPhone present in the car at the time of the crash belonged to a relative of the founder and chairman of the company that owned the Model 3. Moments before the vehicle crashed, researchers found, incoming call logs indicate that a family member had called the driver of the Model 3.

    Another video stored on the car showed an earlier accident where the Model 3 side-swiped a guard rail.
    As the tweet drawing my attention to this article contemplates, are we approaching a future where cars may be stolen not for any intrinsic material value they may hold, but rather the data they contain. Like phones & laptops.

  9. #849
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,373
    Quote Originally Posted by Sparq View Post
    As the tweet drawing my attention to this article contemplates, are we approaching a future where cars may be stolen not for any intrinsic material value they may hold, but rather the data they contain. Like phones & laptops.
    Stolen? Why not just broken into and have the data stolen? Or even better, remote in? Because honestly, if the security is that bad, it's only a matter of time until they find some way in remotely. If there is not already one available
    Guns make the news, science doesn't.

  10. #850
    Donor Spaztick's Avatar
    Join Date
    April 10, 2011
    Location
    No Longer up High Sierra's Ass
    Posts
    9,940
    I think it's akin to locking a laptop in a car. If you can be at the terminal physically it's really easy to steal data. Of course, if it's encrypted that would help, but inherently cars would be easier to steal data from if you're at the car itself.

  11. #851
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,373
    Quote Originally Posted by Spaztick View Post
    I think it's akin to locking a laptop in a car. If you can be at the terminal physically it's really easy to steal data. Of course, if it's encrypted that would help, but inherently cars would be easier to steal data from if you're at the car itself.
    Yeah but at the moment there's no encryption, so this point is moot. Car security is really laughable - have a look:

    Guns make the news, science doesn't.

  12. #852

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,615
    Quote Originally Posted by Cosmin View Post
    Yeah but at the moment there's no encryption, so this point is moot. Car security is really laughable -
    It's not funny
    Please don't teach me what to do with my pc.

  13. #853
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,373
    I didn't present it as funny, I'm sorry. Laughable can be sad too, like look at my love life for example.
    Guns make the news, science doesn't.

  14. #854
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,721
    ~ and on the theme of tragic-comedy,

    Arizona Beverages, one of the largest beverage suppliers in the U.S., is recovering after a massive ransomware attack last month, TechCrunch has learned.

    containing such gems as,

    • The company’s name was in the ransom note, indicating a targeted attack.
    • The company is still rebuilding its network almost two weeks after the attack hit, effectively shutting down sales operations for days until incident response was called in.
    • It took the company another five days from when the attack started, before the company brought in incident responders to handle the outbreak.
    • Many of the back-end servers were running old and outdated Windows operating systems that are no longer supported. Most hadn’t received security patches in years.
    • A day after the attack hit, staff found the backup system wasn’t configured properly and were unable to retrieve the data for days until the company signed an expensive contract to bring in Cisco incident responders.
    • The ransomware infection, understood to be iEncrypt (related to BitPaymer) per a screenshot seen by TechCrunch, was triggered overnight on March 21, weeks after the FBI contacted Arizona to warn of an apparent Dridex malware infection.
    • The source said incident responders believed Arizona’s systems had been compromised for at least a couple of months.
    • There’s no known decryption tool for iEncrypt.
    • The company’s security awareness 'has improved'.

  15. #855
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,721
    Microsoft reveals hackers accessed some Outlook.com accounts for months

    Microsoft has started notifying some Outlook.com users that a hacker was able to access accounts for months earlier this year. The software giant discovered that a support agent’s credentials were compromised for its web mail service, allowing unauthorized access to some accounts between January 1st and March 28th, 2019. Microsoft says the hackers could have viewed account email addresses, folder names, and subject lines of emails, but not the content of emails or attachments.
    HOWEVER

    Contrary to what Microsoft & some media outlets are saying, Motherboard reports the hackers DID access email content of affected accounts. So if by happenstance you get an email from Microsoft saying your account was one of those affected, you should probably go ahead and change your credentials for any account tied into that email.

    The hack affected regular consumer accounts, enterprise / corporate accounts allegedly unaffected.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •