viking
@viking@infosec.pub
- Comment on [deleted] 9 hours ago:
Have bow and arrows ready, and they just might.
- Comment on [deleted] 12 hours ago:
They have been contacted and responded with aggression, so they are obviously aware that they are not alone, but want to be left alone. Free will is free will.
- Comment on The driver for my mouse occupies over 1 gb 3 days ago:
You need it to remap some of the buttons on the side. I have the same garbage just for this purpose.
- Comment on Update to last week's BestBuy Shenanigan. They refused to refund me after not delivering me the stuff I ordered after a so-called "investigation". 1 week ago:
Doesn’t matter, you need the report as proof for the chargeback.
- Comment on Update to last week's BestBuy Shenanigan. They refused to refund me after not delivering me the stuff I ordered after a so-called "investigation". 1 week ago:
I hope you did report the matter to the police regardless?
- Comment on [deleted] 1 week ago:
Nah that was Windows XP, where the hard drive was not encrypted by default, and the password was stored in a hashed file on the computer itself, freely accessible via any boot stick. Actually cracking it still took some time (below 7 characters a few minutes, 7 about 1h, 8 chars up to 24h, longer… LONG). But if it was a common word, then a dictionary attack with a long enough word list (most word lists have like 400k words or so) would get it in seconds either.
The funny thing with Windows XP was that since none of the data was encrypted, you could simply delete the password hash and set a flag in the registry and you would boot right into Windows with no password at all, and were then prompted to set a new password. That didn’t work since Windows 7 anymore.
- Comment on [deleted] 1 week ago:
You can buy a hardware keystroke recorder for a few bucks. Just plug it between keyboard and computer and it logs all inputs. Once they have the boot password (and maybe a bunch of others), installing malware and exfiltrating data is pretty straightforward. Doesn’t require a lick of IT knowledge either.
Bit more challenging on a laptop without external keyboard, but there are hardware solutions as well, though they’d require tinkering with your device.
Phones are harder to gain access to. Honestly if I wanted to get into your phone, I’d probably try to set up hidden cameras in spots where you are likely to enter your PIN (bed, toilet) somewhere under the ceiling and angled straight down. I’d probably try to switch the phone off as well any chance I got (long press the start button) so that you’d be forced to boot up and enter the PIN at any given opportunity to max my chances.
Actually hacking secure boot / accessing data from encrypted drives is beyond casual hackers, unless you don’t regularly update your devices and there are some active exploits published.
But seriously, low effort password sniffing is still the biggest vulnerability out there.
- Comment on Even in android Microsoft is still trying to get you to use edge 2 weeks ago:
I’ve been using it for 12+ years, and still do to this day. The only thing that changed is that you have to use the Microsoft authenticator app to log on.
- Comment on Even in android Microsoft is still trying to get you to use edge 2 weeks ago:
Fuck outlook, the app is trash.
Nine works great for exchange servers, if you can’t escape the Microsoft infrastructure altogether.
- Comment on [deleted] 2 weeks ago:
Could be beneficial for your career, but your colleagues might hate you, really depends on the company dynamics (and maybe size). If you actually like hanging out with him, don’t kiss ass and expect any kind of reward and just be yourself, personally I don’t see any harm.
- Comment on Ads when you’re pumping gas 3 weeks ago:
There’s one near my house, and it has no mute button whatsoever. No buttons at all, in fact. You tap your card to the reader, then lift the pump of whichever variety you need, and that moment the ads start. With sound on full blast as well.
I’ve left a negative google review and make sure to update it monthly so that it stays on top, and drive to another station quite a bit further off just to avoid this crapshoot.
- Comment on [deleted] 5 weeks ago:
They are adults, let them figure it our for themselves.
- Comment on [deleted] 5 weeks ago:
Age is just a number. Who cares.
- Comment on The USA spends $15k/student annually which is 30% higher than the global median. Why do U.S. schools have "fundraisers" where kids are incentivized to sell stuff to people? 1 month ago:
If I don’t want something, I give nothing. Most fundraisers are pure extortion, and I can’t be bothered to check if something is legit or lining someone’s pocket. “No” is a full sentence.
- Comment on Fallout TV Show Could Run for Six Seasons Says Aaron Moten 1 month ago:
I didn’t really like the first season. There was some good action, decent characters etc, but the story just didn’t excite me.
Now I haven’t played the games, but neither did I play The Last of Us, and that series was excellent.
- Comment on Forced to lie on a questionnaire 1 month ago:
Why bother taking the survey then, or is it somehow mandatory?
- Comment on What is your favorite indie game? 1 month ago:
Yep, agree. Heat Signature was also fun, but getting rather repetitive.
- Comment on What is your favorite indie game? 2 months ago:
Tactical Breach Wizards
- Comment on Rian Johnson Says ‘I Don’t’ Agree With Netflix CEO Over Movie Theater Model Being ‘Outdated’: I Want ‘Knives Out 3’ in ‘Many Theaters For as Long as Possible’ 2 months ago:
I thought the setting is too absurd, didn’t like it at all.
- Comment on Rian Johnson Says ‘I Don’t’ Agree With Netflix CEO Over Movie Theater Model Being ‘Outdated’: I Want ‘Knives Out 3’ in ‘Many Theaters For as Long as Possible’ 2 months ago:
Let’s see how that’s going to fly. I watched the first one in cinema and it was great, the second one at home and it was pretty terrible.
- Comment on 'The Equalizer' Canceled After 5 Seasons at CBS 2 months ago:
I hope S05 ends with no loose cliffhangers, I actually quite enjoyed the series.
- Comment on German teens traveling to US jailed and deported after loosely planned vacation deemed ‘suspicious’ 2 months ago:
Some do, some don’t. The US however requires no such thing from EU citizens.
- Comment on What are some FOSS programs that are objectively better than their proprietary counterparts? 2 months ago:
Unfortunately they use some random font to display the temperature in the toolbar that is not the system font and can’t be changed. Whatever they are using is larger than the clock font and distorts the appearance.
Here it’s side by side with Today Weather.
The original app (geometric weather) as much better, but they stopped updating it, hence the breezy fork came to be. If only they didn’t mess with the fonts, I would have loved to use it.
- Comment on Are most people here left-wing? 2 months ago:
I’d consider myself liberal, but I embrace some traits considered leftist in some areas (universal healthcare, free education) and right in others (restrict immigration based on key economic and educational indicators, deport criminals).
- Comment on 6* months away now. If you're on 10, do you plan to upgrade? Make the jump to Linux? 2 months ago:
I can’t switch to Linux due to software requirements for work. On my personal computer I’m using Xubuntu for well over a decade, I didn’t like the unity window manager of Ubuntu. I heard they changed to something else by now, but I can’t be bothered to switch.
- Comment on 'Don't Buy a Swasticar': Tesla hit by UK boycott campaign over Elon Musk's far-right support 4 months ago:
France and UK have higher purchase powers than UK, thanks to Brexit, so I wouldn’t put that down to people being more sceptical.
- Comment on Are "Lifetime" Cloud Storage Plans scams? 4 months ago:
Yeah what I also saw in the terms was that they reserve the right to sell their company without informing users other than through an update in the terms & conditions, and based on play store reviews, they terminate lifetime accounts if they find that you upload copyright protected files, even if you don’t share them with anyone.
Indexing my stuff and comparing it against external databases is a big no no for me.
So far I’m quite happy with sync.com, been using them for well over a decade. Data is fully encrypted during upload, so no matter if the server is ever breached, they wouldn’t get anything useful out of it.
I also got my own nextcloud instance up and running, but it’s with a shared hosting provider where I don’t feel as secure.
- Comment on Are "Lifetime" Cloud Storage Plans scams? 4 months ago:
pCloud, under business terms fairly towards the end:
Term & Termination
This Agreement may be terminated by either party at any time, for any reason. This Agreement will remain in effect until Customer’s subscription to the Services expires or until the Agreement is terminated. In the event of termination by the Customer, the Customer will remain responsible for payment of all fees and charges applicable to the period during which the Agreement was in effect.
- Comment on [deleted] 4 months ago:
What exactly do you think happened with slaves too old to fulfill their duties?
- Comment on How can a US citizen invest outside the reach of the federal government? 4 months ago:
Anytime! You could also check some blogs like nomad capitalist and others, they offer solutions like incorporating a ltd. company in Georgia (the country) or Belize and stuff, but that also comes with a host of other requirements, reporting and otherwise.
Depending on your assets, there are also some countries like Grenada for example that come with a citizenship by investment program, where you get a passport if you invest either into government bonds or buy a property that you must hold for a certain number of years. If you’d be a citizen from there and casually forget to tick the box for US citizenship when opening your Hong Kong account, you might just get away with it. (Strictly not legal, though).
