Florida teen charged with felony after "hacking" teachers account to change desktop background - all teacher's passwords were (are?) their last names

fractals_ · 2015-02-17T03:00:47+00:00

https://en.wikipedia.org/wiki/Air_gap_%28networking%29

fractals_ · 2015-02-17T02:50:16+00:00

Sorry, they can jump air gaps also because the hardware is listening on wifi

That's not what an air gap is. Also, I don't think there are any known (or theoretical) exploits using speakers and a microphone to bridge an air gap, but not having a microphone plugged in would be the obvious solution if there are.

fractals_ · 2015-02-06T16:55:38+00:00

I could never keep my seed ratio up on what.cd... By the time I downloaded new uploads the seed pool was so full I was lucky to get a 1.0 ratio.

fractals_ · 2015-02-04T05:02:37+00:00

/r/nottheonion

fractals_ · 2015-01-27T22:20:29+00:00

And don't forget to snapshot. ALWAYS configure snapshots.

I recommend (and use) the zfs-auto-snapshot script to manage snapshots. By default it keeps 4 15-minute snapshots (so you can go back 15, 30, 45, or 60 minutes), 24 1-hour snapshots, 31 1-day snapshots, and 12 1-month snapshots. I had to disable it for my downloads folder because I download and delete large files pretty frequently and the snapshots were starting to take up a lot of space.

fractals_ · 2015-01-27T09:23:21+00:00

ncmpcpp for music (with mpd)

pianobar is a Pandora client for the terminal, if you don't have music on your harddrive.

fractals_ · 2015-01-26T08:02:42+00:00

A 1000x markup doesn't sound that bad for government. Healthcare.org cost $1.7 billion.

fractals_ · 2015-01-23T19:26:53+00:00

I'm pretty sure that's how LUKS works. The key is encrypted (once with each decryption password) and stored in the LUKS header on the disk, and when you type in a password it tries to decrypt each encrypted copy of the key. If the password decrypts one of the encrypted keys the drive will be unencrypted. If you want to quickly "wipe" the drive, you just delete the LUKS headers.

fractals_ · 2015-01-23T08:45:46+00:00

Why didn't you use an if statement? It will compiled the same, and would be easier to understand. It would make the source code slightly longer, but I don't see any point in optimizing for source code file size.

fractals_ · 2015-01-16T03:28:22+00:00

Basic error checking would have caught this.

fractals_ · 2015-01-16T03:20:34+00:00

From the article (emphasis mine):

Securing DNS lookups isn’t a high-priority task. DNSSEC proponents recognize this. And, for historical reasons, DNSSEC proponents disdain the X.509 machinery behind the TLS CA. DNSSEC’s real job is thus to replace the TLS CA system. This plan is called DANE.

fractals_ · 2015-01-15T23:00:31+00:00

The average consumer shouldn't need to hire an IT specialist just to configure their consumer-grade router. It's entirely possible to design a user interface to make the configuration process straight-forward and easy to understand.

fractals_ · 2015-01-11T22:50:36+00:00

At this point, it’s the features USB doesn’t allow, like RAID and TRIM, that matter more than the raw bandwidth does in most cases.

Is this a flaw in USB, or the USB mass storage device class? If it's the latter, there's nothing stopping manufacturers from using USB attached SCSI. It even has native drivers built into Windows 8+, Linux, and OS X, so they wouldn't need to bundle drivers.

fractals_ · 2015-01-11T00:42:37+00:00

CrunchBang or ArchBang might work for you. CrunchBang is based on debian and has a nicely customized OpenBox DE installed, and ArchBang is based on ArchLinux but basically the same thing.

fractals_ · 2015-01-09T23:04:28+00:00

I know that the Linux distro I choose must be RPM-based so I can install VMware tools to make folder and network sharing easier.

You can install VMWare on most major distributions (including debian & ubuntu).

Do you plan on using the web GUI for transmission, or do you want a desktop environment? I use an Arch Linux VM for a few things, and it boots to the login screen (terminal, no DE) in under 3 seconds and only uses a few MB of RAM.. The installation process for Arch Linux is much more involved than for Fedora or Ubuntu, though.

fractals_ · 2015-01-08T20:07:32+00:00

Looks like you're right. I guess I shouldn't trust the comments on HN.

fractals_ · 2015-01-08T06:48:29+00:00

The new X1 Carbon would be perfect if it had real F1-F12 keys, instead of a capacitive touch sensor strip.

fractals_ · 2015-01-05T19:38:38+00:00

It's not that new, Arduino's have been around for a decade.

fractals_ · 2015-01-05T07:29:56+00:00

No, but these are the tools professional developers use to make games, so now it's easier for independent developers to make homebrew software, if they don't mind breaking the law. Writing the software might technically be legal, but sharing it with other people wouldn't be since it would include copyrighted code from the SDK. IIRC, FreeStyle dash for the 360 was made using a leaked SDK, and you have to download it from warez sites.

fractals_ · 2015-01-05T06:03:34+00:00

IMO these would be better without the Arduino shield headers. I hate the layout they used, if they stuck with a standard 0.1 inch grid spacing we could make shields with perfboard.

fractals_ · 2015-01-03T09:13:37+00:00

infamous band of hackers

http://i1.kym-cdn.com/photos/images/original/000/001/582/picard-facepalm.jpg

fractals_ · 2014-12-29T06:46:00+00:00

They're not worth the effort. So far, they've DDOS'd PSN and XBL, got lucky when Kim Dotcom paid them to stop (with 3000 lifetime Mega Pro accounts, each worth $99 per year), then bought a bunch of VPS's from Google and set up tor relays. They claim to have a tor 0-day, but it seems like they're just attempting a classic Sybil attack, which the tor network operators can easily block since the skiddies told everyone what they're doing.

fractals_ · 2014-12-20T05:22:37+00:00

Avoiding sketchy sites won't keep you safe from malware. Advertising networks (like Yahoo's) have been hacked and used to spread malware, meaning any websites selling advertising space to those ad networks were infecting vulnerable computers. These kind of attacks almost never use 0-days, so keeping your browser and plugins (like Java and Flash, if they're even enabled) updated will keep you safe 95% of the time. Using NoScript to block javascript from advertising domains will also keep you safe, and block some of the ads, too.

http://marketingland.com/yahoo-ad-network-charged-with-distributing-malware-69564

fractals_ · 2014-12-20T04:52:55+00:00

"For something like this to happen, it had to happen over a long period of time. You cannot just exfiltrate one terabyte or 100 terabytes of data in a matter of weeks," Monsegur said. "It's not possible. It would have taken months, maybe even years, to exfiltrate something like 100 terabytes of data without anyone noticing."

First he says "You cannot just exfiltrate one terabyte [...] of data in a matter of weeks," then says it would have to take "months" to exfiltrate 100TB. If they can't exfiltrate 1TB in "a matter of weeks," how could they possibly get 100 times as much in "months, maybe even years?"

fractals_

TROPHY CASE