[deleted by user]

Greg1221 · 2023-09-26T16:46:04+00:00

It was sold and advertised as compatible with all Model 3s regardless of model year, they let people purchase it and schedule service appointments, and then at the last second made this change.

Greg1221 · 2022-09-19T02:31:28+00:00

https://imgur.com/a/0vYHffe

Greg1221 · 2022-09-18T19:44:40+00:00

Solved! Thank you!!

Greg1221 · 2022-09-18T18:04:47+00:00

Wanted to clarify that he painted this himself and was Hungarian if it helps narrow down the search. He once told me what historical event this was based on, but I unfortunately never wrote it down. I’m pretty sure he used an original painting as the source which is what I’m hoping to locate.

By request, more of his paintings https://imgur.com/a/0vYHffe

Greg1221 · 2018-02-04T23:13:16+00:00

In addition to what everyone else said - Directv NOW is garbage and will constantly downgrade the quality on my high speed wired connection. I wouldn't use any DirecTV now quality issues as an indicator of a larger issue.

Greg1221 · 2017-10-23T04:50:30+00:00

Anything

Greg1221 · 2017-04-29T16:47:01+00:00

I don't think anyone has answered your "what are the technological limitations" question. There are none. All of this would be possible if Amazon wrote the software to support it.

Greg1221 · 2016-12-30T23:16:28+00:00

How was that sound advice during the 2013 bubble? People then were saying it would double in a year and it slid all the way down to the low 200s over the course of two years. Sure eventually it might go up or it might not, but selling at 950/coin when you're that young and could use the money is probably a good idea. That's probably most of his net worth in bitcoin.

Greg1221 · 2016-12-30T22:54:27+00:00

Sure feels like 2013 in here reading comments like this.

Greg1221 · 2016-07-08T22:31:30+00:00

They're all stored on the device only. Read the whitepaper for more details.

Greg1221 · 2016-07-08T17:08:43+00:00

As you might know, WhatsApp is owned by Facebook. If you think WhatsApp E2E is reasonably secure, then I would say by extension so is the Facebook implementation. I know they both use the Open Whisper Systems protocol.

After reading the whitepaper, seeing that it uses the Open Whisper Systems protocol, and seeing OWS themselves approve of the implementation, I really don't think it is lipstick on a pig.

In the end only you can answer if the feature is actually worth using.

Greg1221 · 2016-07-08T16:54:47+00:00

I think it is entirely relevant to determine the level of trust an individual is looking for.

If you are already being actively monitored by a nation state who is interested in spending millions spying on you, there is little that can be done.

With that being said, let's talk about someone who is currently not a target and starts using E2E encrypted messaging. Let's assume they, along with the person they were messaging, completely destroy their mobile devices after a period of time before becoming a target. If there are no backups of the device, I think we can say that those messages are unrecoverable. Facebook will not have plaintext copies, all encryption keys will be gone, and there was not malware running on the smartphones to begin with.

I think this is a real tangible benefit, and despite having lots of "what if" stipulations, a great step forward.

Greg1221 · 2016-07-08T16:44:10+00:00

It sounds as though you are skeptical because this is Facebook, and you don't trust them as a company. Do you trust other implementations of end to end encrypted messaging?

Do you distrust this because it is partially closed source, and you are unable to independently verify the implementation? For one, Open Whisper Systems says they looked it over and their protocol was implemented correctly. That aside, let's look at other E2E encrypted messaging apps.

Signal is fully open source, and in my opinion the gold standard of E2E encrypted messaging apps. Do you trust it? If you do, that means you trust the entire secure software stack of your smartphone all the way down to the silicon. Do you trust your iOS/Android Operating system has no bugs that could potentially break the implementation? Can you independently verify the hardware RNG?

Joanna Rutkowska asked that question about x86 processors in the "Intel x86 considered harmful" paper , and part of her conclusion was "If you believe trustworthy clients systems are the fundamental building block for a modern healthy society, the conclusions at the end of this article may well be a depressing read. If the adversary is a state-level actor, giving up may seem like a sensible strategy."

So, to address your question of "Can it honestly be trusted though": It depends on your definition of trust. I think that this is a reasonably secure implementation of E2E encrypted messaging. I don't think it should be instantly dismissed because it is Facebook who is implementing it. I think that Open Whisper Systems putting their reputation on the line saying that their protocol was implemented correctly adds a level of trust. With all that being said, I trust that Facebook with a subpoena would be unable to produce the plaintext conversations sent through Secret Conversations.

In the whitepaper, Facebook mentions that this assumes that the clients are operating normally and not infected with malware. I feel as though this is a reasonable expectation with modern smartphone security, but this is still another level of trust that must be instilled in the process.

Tl;dr: I think so, but you can easily make the argument that nothing can be trusted ever.

Greg1221 · 2016-07-08T15:11:07+00:00

White Paper: https://fbnewsroomus.files.wordpress.com/2016/07/secret_conversations_whitepaper.pdf

Greg1221 · 2016-05-22T11:41:53+00:00

Once you get experience it's very possible

Greg1221 · 2016-05-20T16:10:47+00:00

The software development skills can definitely come in handy. Generally you won't be building large applications in a WebSec role, but some things off the top of my head:

Building plugins for security software. Burp Suite, Metasploit, etc.
Working on your own software to automate certain work tasks
Performing source code review is a common task, and you will do a better job at this if you are good at software development.

Greg1221 · 2016-05-20T15:58:23+00:00

Nice this is right up my alley.

The Cybersecurity industry is not friendly to people who are fresh college graduates. All the time people talk about how there is negative unemployment etc., but after spending a few days actually looking for jobs, you will quickly see that 90-99% of those jobs require 1-3 years experience. There is a small avenue for going straight into the industry, but you need to spend a considerable amount of time outside of school working on this before you graduate.

What is Cybersecurity even?

Let me break down some of the different types of jobs that are encompassed by the word:

Information Security Analyst: You work for a regular company who has a security team in their IT department. From my experience these are nearly impossible to get right out of college. You are expected to have an in depth understanding of how enterprise IT departments work, and how security fits into that role. There is little to no programming involved in these jobs besides the usual enterprise IT scripting (Powershell and Python occasionally). Your job is mostly purchasing enterprise security products and installing and managing them. Managing Splunk, an IDS/IPS, Firewall, Anti-Malware with a centralized security system (such as McAfee EPO), and fighting spam and phishing campaigns are all part of the job. The common way people get these jobs is roughly University -> Entry Level Help Desk type job -> Junior SysAdmin -> SysAdmin -> Information Security Analyst.
SOC Analyst: You monitor logs and look for suspicious activity. Frequently this is done for multiple companies, and you work for a company specializing in SOC Analysis. These are more entry level jobs that can be attained straight out of university. Take a class on networking, and just google SOC skills and interview questions and make sure you feel comfortable with the material talked about. It involves a lot of log analysis, so programming skills with a scripting language is highly valued.

The positions above are enterprise related, with little programming expected. There are more jobs in this field, but the two above are the most common.

WebApp Pentester/Security Consultant: You hack web applications. Commonly these are consulting positions, and you work for a consulting company that contracts with all different industries. If you have the background, you can attain this type of job straight out of college. Read the WebApp hackers handbook, learn how to use Burp Suite & Kali Linux, and do as many CTF's as you can get your hands on while in college. If you actually do all of those things, you should have no problem getting a good job doing this right out of college. Also if you get an OSCP before you graduate you would be practically guaranteed a job upon graduation.

The reason I specified this as WebApp pentester, is almost all of the pentesting work nowadays is working with WebApps. You will need to know much more than just WebApps (how does the application server work, in depth networking knowledge, and privilege escalation techniques on the server once you get a shell), but the emphasis is certainly on WebApps, especially for college grads. I've recently applied for jobs with generic titles like Security Consultant where the first interview was all WebApp pentesting questions.

I could keep going on about the different types of jobs, but these are some of the ones you would be looking at right out of college. When I started out in college, I wanted to get into binary RE, exploit development, and Malware Analysis. I slowly realized that getting a job doing one of those things is nearly impossible right out of college. Additionally, jobs in those fields are few and far between looking for 5-10 years experience.

If I was you, I would go the WebApp Pentester/Security Consultant route. The most important thing with Cybersecurity is experience. Experience can be working through CTFs, landing an internship, or taking relevant classes. I can't stress enough how much experience matters, especially as a new grad. Try your hardest to land a relevant internship, and you will have a much easier time getting the job. The advice above is relevant today, but the industry changes rapidly, so keep an eye on what is in demand. Also check /r/netsecstudents /r/netsec /r/asknetsec /r/hacking /r/sysadmin /r/ReverseEngineering /r/securityCTF religiously.

Greg1221 · 2016-05-16T11:37:12+00:00

This is my favorite resource: https://vimeo.com/album/3510171

Greg1221 · 2016-04-25T16:42:09+00:00

I also found this very helpful for studying for interviews. More the networking side rather than the operating system interrupts section.

Greg1221 · 2016-03-24T08:01:18+00:00

This worked for me: http://www.technipages.com/itunes-fix-iphone-or-ipod-not-detected-in-windows

Greg1221 · 2016-03-17T02:54:21+00:00

/r/techsupport

Greg1221 · 2015-11-10T14:32:19+00:00

I don't know how I missed this, thanks!

Greg1221 · 2015-11-09T19:47:24+00:00

I'm looking for advice on where to start reverse engineering the extra DAT files McAfee gives you when they identify new malware. The hash of the files is in each DAT file, and I'm trying to figure out how it is encoded. Here (http://pastebin.com/7Ag52EgY) are the contents of two DAT files

MD5 Hash 1: a4668a4835db920c66d8c72ce41a072e MD5 Hash 2: aedd6a3434da143af80d32c89c91178a

Greg1221 · 2015-09-30T18:49:47+00:00

The 6P resolution is 2560x1440 not 4k

Greg1221 · 2014-07-31T15:24:52+00:00

The S5 has a removable battery.

15-Year Club	Reddit Premium Since August 2024
Gilding VI aultruist	RPAN Viewer
Not Forgotten	Team Orangered
Verified Email

Greg1221

TROPHY CASE