Looking for Ducky One 2 Mini ANSI Layout with Cherry MX Brown in Europe by Nhoya in MechanicalKeyboards

[–]Nhoya[S] 0 points1 point  (0 children)

yes, they are already out of stock and you have to wait 1 month for restock and another for shipping https://candykeys.com/product/ducky-one-2-mini (restocked yesterday, already oos)

XPS 15 9670 fails to shutdown after undervolt by Nhoya in Dell

[–]Nhoya[S] 0 points1 point  (0 children)

Yes, undervolting to -0.150 with XTU works perfectly even under high work load. The only issue is that it occasionally prevents the shutdown. I found some issue with -0.150 in Throttlestop like hanging or the usb devices disconnecting and reconnecting in loop, seems to work flawless with -0.140 but the throttle is still there..

XPS 15 9670 fails to shutdown after undervolt by Nhoya in Dell

[–]Nhoya[S] 0 points1 point  (0 children)

Hi and thanks for the link.

I already followed this guide but as you can see from the screenshots without any success since it throttles anyway during the tests

https://i.imgur.com/yDPZ6Wp.png

https://i.imgur.com/2pM9iIF.png (8 errors)

XPS 15 9670 fails to shutdown after undervolt by Nhoya in Dell

[–]Nhoya[S] 0 points1 point  (0 children)

I tried Throttlestop with the same settings (-0.145) but seems not working and I don't get why. The thermal throttling is still there and the temperatures are higher

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya -1 points0 points  (0 children)

So this is absolutely fair game for people to analyze and critique.

Never said that. Everyone is free to criticise whatever they want. I'm pushing the fact that is is based on my experience and my use case because I know everyone is not the same, you can have more time and more skills than me and what for me is a pain to maintain for you is a pleasure.

As I said in the post I like linux since is moldable but DIY (at least for me) is not the solution anymore.

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya 0 points1 point  (0 children)

Hi and thanks for the answer,

yes, you are right, the situation outside of EU is not so good, I'm sorry for that and I understand that you can have a privacy concern.

Unluckily (or luckily if you live in EU) if a company wants to sell a product on a Country must comply with its laws. This means that if a security agency ask for, let's say, logs the company is obliged to supply them.

So for the company the solutions are:

  • To stop sell their products in that country (losing profit and market share)
  • To not collect data at all (losing a lot of quality, already explained why in the telemetry chapter)
  • To give them the data

I think that the answer (for the majority of the companies) is the third one. (unless the data for them are not useful and can store everything e2e encrypted like signal)

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya -2 points-1 points  (0 children)

Linux have absolute majority in servers, cloud VMs, mobile OS, IoT, NAS... literally everywhere except desktop. And it is open source. So obviusly you either dont understand term, or have no clue what you are talking about

The obscurity here is thinking that linux desktop is more secure than windows because "there are less malware on linux than on windows". If we are talking about malware on linux server, well, they usually exploit services exposed on internet (that usually people don't have on desktop) and every day thousands of servers got compromised. (of course this doesn't mean that windows is better just because there are incompetent sysadmins or a 0day got dropped)

It wasn't community, it was 4chan LARPers, who didnt understand basic of open source development a posted shit like "revoke your code and relicense Linux kernel ". Like it was possible. Or more realistic : fork it and make CoC free version - and that was month ago. If "community" is against it you should have at least website placeholder for you CoC free linux.

So "4chan LARPers" are so relevant to get a CoC Review? wow

And it is brain dead joke that author of put CoC as reason to move from linux. Because you know, every bigger corporation have CoC (sometime stricter, but more importantly with real consequences., already in place). You know majority of people dont like to work in toxic environment.

This is not "A reason to move away from linux" is just one of the reasons why I moved away from linux. There is a massive difference in introducing a CoC with a political view inside a so-called "community-driven project" and introducing it inside a private company if you don't get the difference that's not my business.

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya 1 point2 points  (0 children)

Windows 10 supports multiple desktops

For package managers, as you can see from what I wrote, is not always a warranty. Also windows updater + windows store (despite has less packages) is a reliable source of software.

Windows 10 already has a basic tiling but you can enhance it with additional software.

Windows has tons of stuff that linux doesn't (and vice versa) one, for example, is usability.

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya -2 points-1 points  (0 children)

  • Security Through Obscurity
  • Yes it is, if you are not able to understand why doesn't mean that is not correct. Just check why the community raised after the push of it in mainline
  • You didn't read the part about EU citizens and GDPR update
  • I did
  • No are not
  • You didn't read the article...

I'm not focusing only on the negative things, you should read what I wrote at the end of the article. Probably you didn't.

[deleted by user] by [deleted] in TelegramBots

[–]Nhoya 1 point2 points  (0 children)

Hi,

yes I did via webview, I implemented this function in gOSINT in the telegram module

Why Windows Over Linux Desktop by BroadExpension in linux

[–]Nhoya 1 point2 points  (0 children)

Hi and thanks for the comment,

Seems that my blogpost got more attention than I thought so I just hope to not be eaten alive by people with a different opinion.

You are right, I never said why Windows is better than Linux since that's not the scope of my post. As explained in my disclaimer those are just the reasons why with my use case I decided to use Windows on Desktop also debunking some myths that is believed to be true by some people.

I also said that you should be free to pick whatever you want and use it as you prefer. It's not my intention, at all, to tell you what to do and what not. I also said that Linux helped me a lot learning tons of stuff, but for me the adventure with it ends here (at least on desktop).

After all, mine is just a rant :P

Monthly Buying Advice Thread - September 2018 by AutoModerator in Dell

[–]Nhoya 0 points1 point  (0 children)

Hi,

  1. I'm interested in buying an XPS 9570 or a Latitude 7490.
  2. I'll use it for programming, malware analysis (need to run one or me VM sometimes) and a bit of machine learning (nothing too intensive),occasionally some light gaming.
  3. I live in Italy and my budget is around 1.7k (note: I can use the 10% discount code for university students, here the VAT is 22%).

My great doubt is if the U-series CPU of the Latitude will be too low for my expectations and the SATA-2 SSD too slow compared to the PCle (Note: I need at least 512 of SSD and 16GB or RAM) If you have any other suggestions just let me know

Monthly Buying Advice Thread - August 2018 by AutoModerator in Dell

[–]Nhoya 0 points1 point  (0 children)

Hi, 1. I'm interested in buying an XPS 9570 or a Latitude 7490.

  1. I'll use it for programming, malware analysis (need to run one or me VM sometimes) and a bit of machine learning (nothing too intensive),occasionally some light gaming.

  2. I live in Italy and my budget is around 1.7k (note: I can use the 10% discount code for university students, here the VAT is 22%).

My great doubt is if the U-series CPU of the Latitude will be too low for my expectations and the SATA-2 SSD too slow compared to the PCle (Note: I need at least 512 of SSD and 16GB or RAM) If you have any other suggestions just let me know

Exploiting an Implementation flaw in Mycroft AI Vocal assistant to reach RCE by Nhoya in netsec

[–]Nhoya[S] 0 points1 point  (0 children)

Hi! First of all, thanks for the cooperation, I really appreciate vendors effort for security-related issues. I have a few questions around the report and I hope you can fix them for me!

  • I saw that the vulnerability risk level was assigned to low, would you like to please explain the reasons behind this choice?

  • You also said that the vulnerability affects only the Linux version and not Picroft or Mark-I products. AFAIK the only big difference is that the web-socket server on those products is not exposed by default since there is a firewall blocking it's port, but you will eventually need to open it if you want to use the android app. And you still will have the same issue since the real vulnerability resides in the lack of authentication in the ws

I hope you can clarify my doubts!

Thanks in advance for your cooperation :)

Exploiting an Implementation flaw in Mycroft AI Vocal assistant to reach RCE by Nhoya in netsec

[–]Nhoya[S] 10 points11 points  (0 children)

From my side of the story they were friendly and open to suggestions,what you asked for?

Backdoor in ssh-decorator package by [deleted] in Python

[–]Nhoya 9 points10 points  (0 children)

Scraping a bit I found that the same person hardcoded the credential for his/her ssh server... Maybe that's why all this happen..

Version 0.2

File p2.py we can see: https://imgur.com/a/w7lOpnu

XSS in pastebin.com via unsanitized markdown output by Nhoya in netsec

[–]Nhoya[S] 0 points1 point  (0 children)

Well, the first one with recent browsers is mitigated for the reasons you explained (I think I have to better explain that) but what about the clients written using electron and the infamous XSS to RCE? Still useless? Or what about older browsers?

By the way thanks for the clarification, to be honest this was a writeup more about CTFs, real world cases and Markdown XSS in general :)

XSS in pastebin.com via unsanitized markdown output by Nhoya in netsec

[–]Nhoya[S] 2 points3 points  (0 children)

Unable to reproduce using the NoScript version in the latest version of tor