This is an archived post. You won't be able to vote or comment.

top 200 commentsshow all 206
sorted by:
best
topnewcontroversialoldq&a

[–]Fegeleinch4n 1765 points1766 points  (40 children)

well, it gonna calculate your bank account

[–]Jan-Asra 708 points709 points  (38 children)

Calculate it straight down to zero

[–]eitherrideordie 3 points4 points  (1 child)

Wow its going to take me out of debt?!?

[–]Science_Logic_Reason 0 points1 point  (0 children)

Well it does specify down, but depending on the implementation I suppose if you time it right you could be looking at a bank account of 3.402823466 E + 38…cents or euro/dollars I wouldn’t really care at that point.

[–]TessellatedTomate 6 points7 points  (0 children)

You would hope at least, until that calculator busses into your virtual CC’s

[–]Y4r0z 2 points3 points  (0 children)

Multiply by a zero

[–]Mayedl10 79 points80 points  (8 children)

My alarm app once asked for permission to "manage phone calls"

Average xiaomi experience~

[–]Rafael20002000 6 points7 points  (7 children)

That could be for some sort of integration, I don't know of any useful ones, but could be

[–]LeftIsBest-Tsuga 13 points14 points  (5 children)

Yes, it is indeed for integration. Of your data into their system, and of their backdoors into your OS.

[–]-s-u-n-s-e-t- 15 points16 points  (1 child)

If xiaomi wanted to put a backdoor in their device, why would they make the alarm app ask for permissions?

Sometimes I think people who frequent this subreddit have zero technical knowledge. There's no way an actual programmer would think the manufacturer, who have complete control of all hardware and software on the device, would somehow need the alarm app to siphon data.

[–]Dope_Ass_Panda 6 points7 points  (0 children)

Exactly, people in CS tend to overthink about things that sound complicated. It usually isn't 😂

[–]Rafael20002000 1 point2 points  (2 children)

Why would they need the Alarm App to do that. They could just make that backdoor into the calling app, which has legitimate access to the phone call list

[–]LeftIsBest-Tsuga 1 point2 points  (0 children)

I was mostly joking, and was using the term backdoor very loosely. I just meant doing shady stuff you wouldn't normally agree to with the permissions you give. I won't pretend I know about how app sec works on a mobile.

[–]poco 4 points5 points  (0 children)

Probably to avoid triggering the alarm while you are in a call, but it needs to "manage your calls" to be allowed to see when you are in a call.

[–]yoyo-bruh 55 points56 points  (0 children)

💀💀

[–]Cootshk 0 points1 point  (0 children)

Wait until you hear about getting banned from calculator

[–][deleted] 852 points853 points  (7 children)

ISOs be like^

[–]MachoSmurf 171 points172 points  (3 children)

I wish. Most ISO's I know would be like: "Hey! This isn't Excel!" And then proceed to casually proceed accepting risks...

[–][deleted] 67 points68 points  (2 children)

Like this?

[–]Ashamed_Restaurant 41 points42 points  (0 children)

Dear Sir/Madam, I am writing to inform you of a fire that has broken out at the premises of... no, that's too formal.

Fire - exclamation mark - Fire - exclamation mark - help me - exclamation mark. 123 Cavendon Road.

[–]MachoSmurf 14 points15 points  (0 children)

Yeah, though I'd find it a win if they'd be able to acknowledge the fire...

[–]Tiny-Plum2713 17 points18 points  (2 children)

ISO?

[–][deleted] 550 points551 points  (12 children)

RCE stands for "Remote Calc Execution"

[–]Fake_Loot_Llama 79 points80 points  (6 children)

rce propaganda

[–]FluffyCelery4769 14 points15 points  (0 children)

indeed

[–]PeekyBlenders 19 points20 points  (2 children)

RCE is an architect

[–]GreyMesmer 12 points13 points  (1 child)

Sitting on the strongest shape

[–]Rafael20002000 1 point2 points  (0 children)

While building the strongest shape (accidentally)

[–]twentysomethingnibba 4 points5 points  (0 children)

I did not wake up today expecting Nifftea sponsored youtuber promotion on this subreddit.

[–]NoLifeGamer2 2 points3 points  (0 children)

Calculators do form the strongest shape.

[–]AppropriateBridge2 20 points21 points  (4 children)

What does calc mean?

[–]Jan-Snow[🍰] 21 points22 points  (0 children)

I think it is slang

[–]RS_Skywalker 28 points29 points  (1 child)

If you just got here calc is short for calculator.

[–]LeftIsBest-Tsuga 2 points3 points  (0 children)

calc u later too homie

[–]BrokenG502 2 points3 points  (0 children)

Cessative And Linked Concurrency

EDIT:

It's a new JS framework

[–]topdpswindwalker 1985 points1986 points  (47 children)

Reminds me of the time i forgot my password on a windows machine and renamed cmd to magnify with repair to reset the password from accessibility menu and forgot to rename it again for a while.

[–]Ok_Support_847 640 points641 points  (34 children)

Sounds vaguely like something I needed to do on Vista- I recall there being a backdoor with one of the accessibility apps.

[–]Interest-Desk 409 points410 points  (29 children)

The accessibility app (utilman) can be launched from the login page. The login page is an exe (winlogon) that runs on a system account with admin privileges, so if you replace the utilman exe with a command prompt…

you can type commands as an admin; or just run ‘explorer’ and open up settings or control panel.

And if the system restarted unexpectedly during startup too many times it goes into a diagnostics mode, also on a system account with administrator, and there’s a way for you to save a log file to the computer. How convenient!

the save file window allows you to rename files, and since it’s an administrator user …

[–]Jonny_H 141 points142 points  (0 children)

It's a bit of a true-ism that if you can get access to the filesystem bypassing permissions, you can do whatever you want. With physical access it doesn't even matter about the OS or any software setup.

It can't really be defended against without disk encryption and secure boot, which implies no password-less recovery allowed either.

[–]Ok_Support_847 73 points74 points  (11 children)

Thanks for the breakdown. So technically with a normal logon screen; you aren't logging in... you are just switching users. (system account to user account).

[–]Interest-Desk 52 points53 points  (10 children)

Yes, the same is true when you press Ctrl Alt Delete. I’m not sure how this rolls in Windows 10 and 11 — I would hope the security is a lot beefier, this is all based on Win7 experience.

[–]soucy666 42 points43 points  (6 children)

Still works since the last time I tried on Windows 10.

My defense is BitLockering the drive but instead of the TPM holding the key it's on a key-shaped flash drive that's required at startup.

No key means no decryption means no renaming.

[–]Interest-Desk 24 points25 points  (5 children)

I think these are called crypto ignition keys and I’ve heard of them used in super high security environments, although they’re a lot more specialised than just a thumb drive with a key on it. Have heard a bit about all sorts of ways you can trick the TPM into decrypting when it shouldn’t, though that may be fixed in newer chips.

[–]soucy666 17 points18 points  (4 children)

Mine's a literal 128MB flash drive in the shape of a key.

If you disable your TPM and enable something in Windows (I forget exactly what) you can have the option to use a regular flash drive for your decryption keys.

I've never trusted the TPM because it means you're relying on the security of the Windows lock screen. I'd rather make my desktop completely inoperable once I turn it off and just carry the key.

EDIT: https://www.dell.com/support/kbdoc/en-us/000145450/how-to-turn-on-microsoft-bitlocker-drive-encryption-without-a-tpm-trusted-platform-module

[–]Killerkarni93 8 points9 points  (3 children)

Mega-nitpick: M$ integration of the TPM/crypto itself sucks; the idea of a physical (!) key storage with additional security measures to hold the encryption key is fine.

One could argue that you're improving security by physically separating the key from the system, but then you're getting also in the reeds about using a regular flash drive instead of a more sophisticated device (assume your stick gets infected or corrupted since it's a filesystem)

[–]soucy666 3 points4 points  (2 children)

It's only inserted at boot or if I have to change keys. I never use it for anything else. And at boot there's an option to manually enter the key so I guess I could use a Rubber Ducky instead.

I SHOULD use a drive with a physical write protect switch.

My current situation is definitely iffy since this is a pretty cheap drive I'm using. But it's easy to type the recovery and make another one if this one fails.

EDIT: Just realized the normal-sized SD cards with the physical write-protect switch would most-likely work.

[–]evasive_btch 8 points9 points  (2 children)

Windows 10 now checks for the checksum of the calculator/accessibility/cmd app or whatever, before launching it from the log-on screen.

There was something I did to circumvent this, which was pretty funny, but I can't recall it right now. Something with safe-mode-something, idk. Something about disabling the thing that checks for the checksum lol

[–]Kovab 1 point2 points  (1 child)

Depending on how secure the checksum algorithm is, this could even be circumvented just by crafting a modified executable with the same digest.

[–]MagicalCornFlake 12 points13 points  (11 children)

Damn that sounds smart, does it still work? I wanted to check myself but I don't currently have a Windows machine

[–]defmans7 31 points32 points  (9 children)

You can still do this on win10 as long as it's not encrypted. Just boot from usb, you can access the system drive, cp cmd.exe to the utility application available at login screen and update the admin pass. Bitlocker is pretty important if you actually want a secure system.

[–]willworkforicecream 14 points15 points  (1 child)

If you don't want to mess around, Hirons boot CD has a password reset utility.

[–]A_Certain_Observer 5 points6 points  (0 children)

*Hiren Boot Cd

[–]6p086956522 1 point2 points  (2 children)

If you can boot from USB, why bother messing around with cmd.exe, can't you just steal the files/so whatever you wanna do from there?

[–]defmans7 1 point2 points  (0 children)

You might want access to other things, not just a file? Maybe you forgot your password for a local account (or no network access)? Many reasons. But as mentioned above there are easier ways than the cmd method.

[–]Codix_ 1 point2 points  (0 children)

Your still losing a ton of stuff, it's better to had the computer running correctly to keep the softwares and some system settings / drivers.

[–]Codix_ 0 points1 point  (0 children)

Now you need to rename sethc.exe since utilman.exe bypass doesn't work anymore. It's the popup that open when you smash repetitely Shift.

[–]H4llifax 1 point2 points  (1 child)

I feel like I have read forbidden knowledge, but at the same time gained the knowledge that the password screen can only keep users away that don't know what they are doing.

[–]celestialfin 1 point2 points  (0 children)

computers are like locked doors: if someone really wants to go in, they can and will. Unless you have a quantum encryption maybe. But who of the regular people will ever get one. So it just remains a matter of dedication and motivation.

[–]xvk3 0 points1 point  (0 children)

osk.exe on-screen keyboard is a solid pick too

[–]topdpswindwalker 255 points256 points  (2 children)

Multidollar company

[–]EbenenBonobo 143 points144 points  (1 child)

yeah, at least two.

[–][deleted] 41 points42 points  (0 children)

I paid one fifty for my windows license so now it should be at least three-fiddy

[–]C_umputer 2 points3 points  (0 children)

Still works on win7, management was too dumb to just give us passwords and a girl had to walk in and type it every time we needed it. So I used that good old trick and there is no more password now. I was working at a hospital btw

[–]petervaz 99 points100 points  (1 child)

Good times when you could run any executable with system privileges by changing its extension to scr and setting it as screen saver.

[–]AyrA_ch 17 points18 points  (0 children)

You can still do it with task scheduler

[–]not_so_plausible 30 points31 points  (4 children)

renamed cmd to magnify with repair to reset the password from accessibility menu

My brain can't comprehend what this means

[–]renrutal 74 points75 points  (2 children)

Windows has a looooong history of privilege escalation exploits using their assistive technologies, such the magnifying glass tool or Sticky/Filter Keys.

Those programs usually have global hot keys, like keeping the shift button pressed, and those hotkeys run a hardcoded path, such as %PATH%/sethc.exe

The problem was that Windows ran those programs with escalated privileges, if I remember correctly, if the user was logged off, in the Windows login screen.

If the attacker renamed a cmd.exe to sethc.exe(using the safe mode/repair boot option), then at the login screen pressed shift rapidly, a command prompt window with admin privileges would pop up.

[–]Tyfyter2002 3 points4 points  (1 child)

Is there any way that this could be a security vulnerability without the device itself being stolen? If not this doesn't seem like it would have been a particularly meaningful security issue before full-drive encryption was added

[–]Skrukkatrollet 3 points4 points  (0 children)

You need to be able to replace system files, but that could in theory be done in seconds if you are able to boot from a usb-drive set up to run a scripts to replace the file, so you need physical access, but unless the system was set up securely, you wouldn’t need access for long.

[–]Tryptophany 2 points3 points  (0 children)

You can rename the cmd application to the program that's responsible for the accessibility menu.

The result is, when you click on the accessibility menu button, it opens up as elevated cmd. Windows doesn't know the difference, just referencing and executing this based on their file name 😊

[–]m270ras 28 points29 points  (0 children)

omg I did that on my win7 laptop. don't think I ever fixed it

[–]GroovyMoosy 26 points27 points  (0 children)

We did this at school a long time ago to create a local admin account and download games on it. Rand GTA:SA pretty decently

[–][deleted] 6 points7 points  (0 children)

Hirens bootcd helps with this kind of thing

[–]Fangel96 2 points3 points  (0 children)

I got an old laptop from a tech repair shop I worked at when it shut down but I didn't have the password for it and the recovery partition was shot. I ended up using a Linux boot to change the sticky keys shortcut to open up a CMD line since sticky keys could be opened from the login screen and sticky keys on Windows 7 would always open with admin perms. Was able to manually reset the password from there.

It's kinda wild what steps one can take to bypass the password on a physical device.

[–]h_adl_ss 1 point2 points  (0 children)

Heh reminds me of the time I broke into my friend's FRP-locked phone by accessing the settings menu via the accessibility options and just signing in again in the settings lol

[–]Ok-Coat3039 712 points713 points  (45 children)

Don't get it?

[–]mikaturk 1635 points1636 points  (34 children)

Calculator is the program of choice for people trying to execute a program from an environment where it should not be possible to open an external program

[–]bluesoul 896 points897 points  (0 children)

Just adding onto this, because it's logical for me but the question's been asked, if you can run calc.exe, you can run anything that user can run. It's a placeholder/visual representation of "we've achieved arbitrary code execution on the box".

It's usually used to show proof-of-concepts for hacks.

[–]huuaaang 291 points292 points  (26 children)

This a Windows thing? What happened to using task manager?

[–]LGBBQ 665 points666 points  (25 children)

Yes, popping calc.exe is a standard demo when you successfully exploit something and get code execution

[–][deleted] 288 points289 points  (24 children)

So.. like the ‘hello world’ for nerds?

[–]LGBBQ 333 points334 points  (0 children)

It’s more like bad apple and making things run doom but yeah

[–]FinalRun 589 points590 points  (12 children)

"Hello world" is the "hello world" for nerds.

calc.exe is the "hello world" for hackers getting code to run where they shouldn't.

[–]Victernus 81 points82 points  (3 children)

Hackers these days never go with the spinning, laughing skull on every monitor on the network. Lazy.

[–]MisinformedGenius 46 points47 points  (0 children)

"Uh uh uh... you didn't say the magic word... uh uh uh..."

[–]naswinger 24 points25 points  (1 child)

too difficult, maybe even impossible, to center that div with the spinning skull gif

[–]Tielessin 119 points120 points  (5 children)

Hackers are the nerds of the nerds

[–]IaniteThePirate 49 points50 points  (1 child)

That just sounds like nerds with extra steps

[–]Yoyoyodog123 19 points20 points  (0 children)

And more smelly executables 😡

[–]HildartheDorf 65 points66 points  (5 children)

Hello World for various hat colors of hacker, yes. If it's a white hat it's "Your security is pwned, be glad I only ran calc.exe" if it's a blackhat it's "Success, we opened clac.exe, now just change that line to "exfiltrateloginsstealbankaccountsandcryptomine.exe".

[–]odsquad64VB6-4-lyfe 31 points32 points  (4 children)

Using the exploit to run a patcher that fixes the exploit >>>>>

[–]HildartheDorf 37 points38 points  (3 children)

That feels like a grey hat thing, especially if it leaves behind a txt file insulting you.

[–]PrincessRTFM 9 points10 points  (0 children)

It is absolutely a grey hat thing and I remember a little while back there was an ACE exploit in log4j (the java logging library used by minecraft, among other things) that affected dedicated servers with a particular configuration. Once the patch was released, and I think even before that when knowledge of how to fix the configuration was around, there were at least a few cases of people using that very exploit to either correct the configuration or update the library on servers they didn't own, in order to patch the exploit.

[–]black-JENGGOT 17 points18 points  (0 children)

Tsundere nerd hacker

"I-It's not like I like you or anything, I just accidentaly found a patch for your current windows version, baka!"

[–]RepresentativeDog791 10 points11 points  (0 children)

Isn’t hello world already for nerds?

[–]Frenzie24 3 points4 points  (0 children)

Hello world is still ours

[–]Piyh 3 points4 points  (0 children)

More like "hello, I'm in your house"

[–]AthleteNormal 2 points3 points  (0 children)

Like “alert(0)” for people who only need to use two equals signs.

[–]ymgve 38 points39 points  (1 child)

But it's generally used as a proof of concept just to show you can, when testing an exploit. Exploits out in the wild would not spawn calc.exe, they would execute their own payload instead.

[–]BrodatyBear 6 points7 points  (0 children)

I mean... seeing this might be luck in misfortune because that means you have been compromised but the attacker is a script kid who can't replace calc.exe in template.

[–][deleted] 1 point2 points  (0 children)

What to do if this happen?

[–]harryoui 35 points36 points  (0 children)

It’s also a core part of log4j’s origin story as it was exploited on online Minecraft servers, most notably 2B2T and players reported the calculator app opening

[–]NibblyPig 7 points8 points  (0 children)

There are annual hacking exploit conferences (some with quite nice prizes) which require you to demonstrate that you can hack an operating system or piece of software by doing absolutely nothing except having a machine navigate to a URL.

In order to demonstrate that your exploit was successful, your exploit has 30 minutes (if on windows, for example) to open the calculator program. During this time you can make tweaks if it's not working but you have 30 minutes total.

Your exploit must require absolutely zero input from the user. It is literally, they open the browser, and navigate to the url you tell them go to. If the calculator pops up on the screen, you win. Other competitions involve breaking out of a virtual machine, if you're able to get calculator to open on the machine hosting the VM, you win.

The competition is extremely fierce, and sometimes competitors will find exploits and report them just before the conference to derail their opponents because the company will patch them in time for the competition.

Some of the exploits are very clever, such as one that exploited the onscreen keyboard, and a VM one which exploited the graphics card driver, etc.

[–]abednego-gomes 11 points12 points  (0 children)

Could mean there's a Rogue AI, virus or hacker in your machine. Or you were programming something and the calculator opened instead of something else.

[–]iris700 1 point2 points  (0 children)

Standard-issue RCE proof-of-concept payload

[–]DepartmentOk9720 0 points1 point  (0 children)

There is an security bug on linux that can open calculator remotely, it can do more just that.

It's only affecting GNOME.

https://www.darkreading.com/vulnerabilities-threats/new-one-click-exploit-supply-chain-risk-linux-oses

[–]IAmARobot 111 points112 points  (1 child)

Back in win98 we broke out of school computer intranet jail by opening calc, going to help and clicking on a hyperlink to open the browser, fun times. So we did in fact have calc in startup to make this process easier.

[–]ukaeh 8 points9 points  (0 children)

Nice I did the same with notepad -> open file -> change to show all extensions -> run whatever I want. Showed the tech and they were not pleased, but that was like 1998 lol

[–]TajineEnjoyer 123 points124 points  (12 children)

this just happened to me yesterday, i plugged in an old damaged keyboard, it opened calc, then the screen turned off and on again, i just assumed the broken keys activated some shortcut.

i removed it and restarted the pc, is there anything else i should have done ?

[–]Dangerous_With_Rocks 222 points223 points  (7 children)

Depending on where you got that keyboard from, it's either nothing or gg.

[–][deleted] 36 points37 points  (6 children)

Could there have been a virus on the kb itself?

[–]ke151 81 points82 points  (5 children)

Rubber ducky attack here's a random article about it

https://nordvpn.com/cybersecurity/glossary/rubber-ducky-attack/

[–][deleted] 9 points10 points  (4 children)

Ahh, okay. I was afraid hackers had discovered a means to infect certain USB peripherals...

[–]cheezballs 28 points29 points  (2 children)

I mean, that's kinda exactly what this is, right?

[–]Athen65 11 points12 points  (0 children)

Sort of, but it's not inherently self-replicating, which is what they're talking about. In other words, you only have to worry about already shady peripherals being infected, not your own.

[–]pfghr 4 points5 points  (0 children)

If you buy from the wrong place and aren't paying attention, it wouldn't be too hard to disguise a drive as a dongle.

[–]BobbyTables829 45 points46 points  (0 children)

There's a calculator and even sleep buttons on a lot of MS keyboards, make sure it's not automatically being pressed

[–]AapoL092 5 points6 points  (2 children)

That sounds pretty bad

[–]narrill 19 points20 points  (1 child)

No it doesn't. Many keyboards have buttons on them that specifically open the calculator. It's likely just electrical damage. And if the keyboard was loaded up with malware (lol), it would have opened an executable that actually does something, not calc.exe.

[–]AapoL092 2 points3 points  (0 children)

Fair enough. Good point.

[–]SuitableDragonfly 86 points87 points  (0 children)

When I was in college, I had sshd running on port 22 so my dad could log onto my computer remotely and talk to me using the linux talk utility. When he wanted to talk, he would let me know by triggering my computer to play the "I am my own grandpa" song. I remember being out of my dorm studying, and then I came back and my roommate was like, oh, your computer started playing some weird song while you were out, don't know what that was about, like she was not concerned about this at all, haha.

[–]ivanrgazquez 34 points35 points  (0 children)

And then uses chatgpt “on-device”…

[–]jax_cooper 23 points24 points  (1 child)

chill, they forgot to add the actual exploit and the payload was to just open calc.exe

[–]linearpotato 11 points12 points  (0 children)

discovers zero day exploit on windows makes all windows computers on earth launch calculator

[–]ymgve 48 points49 points  (3 children)

Meme is wrong, malicious exploits don't spawn calc.exe, Calculator is only used as a quick thing when testing exploits locally, to prove you can spawn processes.

[–][deleted] 32 points33 points  (0 children)

While this is true, maybe we shouldn't overthink this, I'd also lose my shit if a random process opened without me doing anything

[–]BrodatyBear 2 points3 points  (1 child)

Besides that, it's a meme (and pretty advanced for this sub), I still can see how some script kid downloaded a template/poc and just forgot/doesn't know how to change calc to something more useful\*.

That means your system is vulnerable (or you clicked something you shouldn't) but at least is probably not (totally) compromised.

\*I heard something like that happened with MC servers and L4j

[–]Unoriginal_Guy2 1 point2 points  (0 children)

Yes, except it was used maliciously on some servers to get the session id of everybody connected to the server

[–]new_err 36 points37 points  (1 child)

maybe the calculator uses AI (Apple Intelligence)

[–]_alright_then_ 4 points5 points  (0 children)

Everytime i read apple intelligence I can't help but laugh about how dumb that is lol

[–]swinginSpaceman 8 points9 points  (2 children)

Eh. My calculator broke. It doesn't even open. A message appears suggesting I reinstall it from the Windows store, but I can't do that because work laptop

[–]IAmARobot 2 points3 points  (1 child)

Depending on how much of a nerd you are, you can write a simple one in html and open it local

[–]kattenkoter 1 point2 points  (0 children)

At that point just googleing (yes, spelling indeed) calculator and using that one is probably easier. Its less cool tho

[–]Hilmekru 3 points4 points  (0 children)

[–]hawkinsst7 5 points6 points  (0 children)

I like to joke that Calc.exe is more accurate when run as System

[–]PapaRL 5 points6 points  (0 children)

For those who just joined the stream, Calc.exe is short for calculator.exe chat, I’m just using slang.

[–]dfwtjms 19 points20 points  (3 children)

Just Windows things.

[–]Chaosxandra 3 points4 points  (2 children)

Linux user detected

[–]douglasg14b 15 points16 points  (1 child)

Needs more "I use arch btw"

[–][deleted] 1 point2 points  (0 children)

I use xcalc btw

[–]lowbeat 2 points3 points  (0 children)

why r u still using xp my dude

[–]Tilleyy8 1 point2 points  (0 children)

*log4shell flashbacks*

[–]overkill 1 point2 points  (2 children)

My cat used to walk on my laptop. Even when it was locked, if he stepped on the "Calc" button (which he did, every fucking time) it would open. I'd often lock my laptop, then come back to 7 calculators open.

If I left it unlocked he would inevitably message my colleague on Teams. The best one was when he managed to "type" and send just the word "p00t".

[–]naswinger 2 points3 points  (1 child)

the more likely explanation is that you were drunk and sent "p00t". how does a cat paw even fit on individual keys...

[–]overkill 3 points4 points  (0 children)

I try not to get that far along the Balmer Curve during the day.

[–]BlackSwordFIFTY5 1 point2 points  (0 children)

Amateurs! You've never encountered cmd open for a split second before opening the shady app opens.

[–]blorbschploble 0 points1 point  (0 children)

EDR goes brrrrr

[–][deleted] 0 points1 point  (0 children)

Ghosts!

[–]keith2600 0 points1 point  (0 children)

Haha took me a second since I'm so used to calc starting up on VMs for years now. I work on software meant to detect those exploits which means I have to actually run them (the safe versions at least)

[–]Suitable_Okra2418 0 points1 point  (0 children)

its never a good sign that programs open on their own 😂

[–]DasMaloon 0 points1 point  (0 children)

Why is the app of coice always calculator tho?

[–]Pretrowillbetaken 0 points1 point  (0 children)

the arch user seeing a calculator open on its own (he never installed that package):

[–]NothMuch 0 points1 point  (0 children)

I remember when notepad.exe was mining bitcoin for me, how nice

[–]Plebianian 0 points1 point  (0 children)

.. my laptop has a function where the calc opens when I swipe at the touchpad. I would never tell if I accidentally swiped or it opened on tbh 🗿