former33t

  • former33t,

    I think sadly you may be wrong. A person is smart, people are stupid.
    Users really dont seem to understand the risks, and this is why these forms of attacks, no matter how obvious they appear work time and time again. If it didnt people just wouldnt bother.
    We need to take control and keep on with user awareness and education. I dont…[Read more]

  • @former33t wrote:

    When doing network recon in penetration testing, I often come across devices on the network with embedded web servers listening on 80, 443, or other well known ports (8088, 8080, etc).  Most of the time when I go a GET of ‘/’ I just get a login page.  Often however it doesn’t tell me what I should be logging in to.  Has anyone go…

    [Read more]

  • @former33t wrote:

    How true.  I was hoping to avoid the discussion of the paper trail, but I do believe that it is a VERY important (yet sadly missing) part of the eVoting system.

    I think this is one system in which a paper system is better than electronic. There is just too much that can go wrong. If it starts going wrong millions could die.…[Read more]

  • @former33t wrote:

    My personal opinion is that trying not to get caught while committing a crime should have no bearing on the sentencing.  This is akin to tacking on extra sentencing to a bank robber for wearing a ski mask.

    While a ski mask may not get you an increased sentence, in most juristidtions a bullet proof vest will.

    Here is New…[Read more]

  • @former33t wrote:

    My personal opinion is that trying not to get caught while committing a crime should have no bearing on the sentencing.  This is akin to tacking on extra sentencing to a bank robber for wearing a ski mask.

    I’d agree with this, personally I can’t see any reason behind it other than a lame attempt make the authorities lives…[Read more]

  • jason replied to the topic NSA article on TEMPEST in the forum Hardware 12 years ago

    @former33t wrote:

    or you could enclose the whole office in a faraday cage

    I was shooting for countermeasures that didn’t require major construction, but true enough.

  • jason replied to the topic NSA article on TEMPEST in the forum Hardware 12 years ago

    @former33t wrote:

    No IDS can protect you from a passive attack.

    True, but in this case there are countermeasures. You, would have to be in a very hostile environment or incredibly paranoid to implement such a system, but you can get noise generators that broadcast into the proper portions of the spectrum to mask emissions that the bad guys (or…[Read more]

  • @former33t wrote:

    I can’t really think of anything else here that would be of any value when discussing from an exploit perspective.  The only thing I could add is that I might want to know what sites a user frequents so I could re-infect his machine (if it were rebuilt/restored from pre-implant backup) with some cache poisoning attack.  Other t…

    [Read more]

  • @former33t wrote:

    Without condoning the actions of this group in any way, I can’t fault them too much.  The AV companies should be grateful that a relatively benign hacker group only looking for publicity caused the compromise and not some malicious group looking to truly compromise client information.

    Bottom line, the vulnerabilities shouldn’t…

    [Read more]

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?