--- Log opened Wed Jan 04 00:00:29 2017
02:26 < aestetix> http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html
02:26 < PigBot`> Title: Errata Security: Dear Obama, From Infosec (at blog.erratasec.com) http://tinyurl.com/zjaeefd
02:33 -!- Guest44523 [~brimstone@noranti.in.the.narro.ws] has quit [Changing host]
02:33 -!- Guest44523 [~brimstone@unaffiliated/brimstone] has joined #se2600
02:33 -!- mode/#se2600 [+o Guest44523] by ChanServ
02:33 -!- Guest44523 is now known as brimstone
06:18 <@Dolemite> mr0ning, be0tches and h0ez!
06:32 < xray> mornin
06:48 <@Dolemite> What's happenin'?
06:52 < xray> Not much. Just combing through infosec news
06:52 < xray> Then I'm off to hack our MOPIERs (oh joy)
06:53 < xray> Whenever we mess with the MOPIERs It always goes FUBAR
06:53 <@Dolemite> MOPIER?  Managed Copier?
06:53 < xray> I'm hoping to day will be the exception
06:54 < xray> I guess it can mean that
06:54 <@Dolemite> Multifunction Copier?
06:54 <@Dolemite> Does-Everything-But-Happy-Ending Copier
06:54 < xray> Yeah I think that's it
06:55 < xray> No there is a happy ending just not for the operator. The MOPIER does all the screwing.
06:55 < xray> These are high end, do everything devices.
06:56 < xray> The hard part is the control software.
06:56 <@Dolemite> Yeah, we've got them all over the place here
06:56 < xray> Has more moving parts than the space shuttle.
06:56 <@Dolemite> copies, scans, faxes, prints, collates, staples, folds paper airplanes, etc
06:57 < aestetix> https://twitter.com/realDonaldTrump/status/816620855958601730
06:57 < PigBot`> Title: Donald J. Trump on Twitter: "Julian Assange said "a 14 year old could have hacked Podesta" - why was DNC so careless? Also said Russians did not give him the info!" (at twitter.com) http://tinyurl.com/hwvvqjb
06:57 < xray> The LDAP integration function was broke and I got tired of the vendor not being able to fix it so I wrote my own function. Now it works.
06:57 < xray> http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html
06:57 < PigBot`> Title: Errata Security: Dear Obama, From Infosec (at blog.erratasec.com) http://tinyurl.com/zjaeefd
06:58 < xray> The blog has a point
06:58 <@Dolemite> If you use Gmail, turn on 2-factor authentication.  Period.
06:58 <@Dolemite> Actually, if you have 2-factor authentication as an option for anything, turn it on.
06:59 < xray> I use 2fa wherever I can enable it.
06:59 < xray> I even have it for my irc client
06:59 < xray> Which I built 2 days ago.
06:59 < aestetix> Dolemite: you can't do that if you don't have a cell phone
07:00 < xray> on a Raspberry Pi
07:00 <@Dolemite> aestetix: That would fall under the "not an option" category
07:00  * aestetix has no cell phone
07:00 < aestetix> Then again I also don't use gmail
07:00 <@Dolemite> But you can also use 2-factor Gmail auth with a tablet
07:01 < aestetix> So basically you need to create a vm that's running android?
07:01 < xray> I think you can with U2F
07:01 < _NSAKEY> aestetix: SMS isn't considered legitimate 2 factor auth these days.
07:02 < aestetix> _NSAKEY: and yet it's used everywhere for it
07:02 < xray> or a Yubikey
07:02 < _NSAKEY> aestetix: It is, but people who take that shit seriously don't consider it an option. It's even being deprecated in that NIST standard I was talking about yesterday.
07:02 < aestetix> well I mean
07:02 < _NSAKEY> If some utterly compromised standards body like NIST says that SMS as 2FA needs to die in a dumpster fire, then you know it's broken.
07:03 < aestetix> I had trouble buying a plane ticket a month ago because I don't have a cell phone
07:03 < _NSAKEY> I get what you're saying, sites are stupid and use SMS for 2FA, and they shouldn't.
07:03 < aestetix> Because the company had some bullshit 2FA thing where it would SMS you a code
07:03 < aestetix> I had to call in and explain everything to them. It was horrible
07:04 < _NSAKEY> Yeah, and that's total horse shit. Any teenager can hijack your number and point it to their phone, and from an arbitrary website's standpoint, they're you after that.
08:13 -!- TheDukh [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has joined #se2600
10:37 -!- TheDukh [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has quit []
11:00 < dasunt> Podesta fell for a fishing attack on his gmail account, didn't he?
11:01  * dasunt shrugs.
11:30 < aestetix> dasunt: of course
11:31 < dasunt> It's not really that elite of an attack, just social engineering.
11:32 < dasunt> Of course, I understand it sounds better to call the DNC dumb, but other than educating the powers that be, it's hard to prevent that sort of attack.  And it's hard to educate the powers that be in any organization.
11:33 < oddball> but... but... it was a highly sophisticated attack by the Russian government!  The media tells me so!
11:34 < aestetix> oddball: but the government put out a technical document explaining everything
11:35 < dasunt> Idiots on the left want to misdirect attention away from Podesta and his emails, idiots on the right want to misdirect attention away from Russia and Trump's own brand of idiocy.
11:35  * dasunt rants.
11:36 < aestetix> If you're saying the left is just as bad as the right, I'll agee
11:36 < aestetix> agree
11:37 < dasunt> I think you have individuals on both sides that are decent enough, or at least can be counted on not to screw things up too severely.
11:37 < dasunt> At least, I keep telling myself that.
11:38 < dasunt> On the other hand, just locking the doors to congress and letting loose a few lions does have a certain appeal.  We can start again with a new congress.
11:39 < dasunt> Plus, CSPAN's ratings will go throught the roof.
11:40 < oddball> Bring back the old school politics?  The kind where folks beat each other with canes?
11:56 < dasunt> That would work as well.
11:56 < dasunt> Also, congresscritters should be able to legally duel each other.
12:10 -!- TheDukh [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has joined #se2600
13:17 -!- mog [~mog@fsf/member/mog] has quit [Ping timeout: 248 seconds]
13:29 -!- rhia [~rhia@2601:601:4000:da79:82ee:73ff:fe64:1308] has quit [Ping timeout: 240 seconds]
13:36 -!- Netsplit *.net <-> *.split quits: ware, @Feltenix
13:36 -!- ware_ [ware@phneak.net] has joined #se2600
13:36 -!- Netsplit over, joins: Feltenix
13:36 -!- mode/#se2600 [+o Feltenix] by ChanServ
13:41 -!- rhia [~rhia@2601:601:4000:da79:82ee:73ff:fe64:1308] has joined #se2600
13:41 -!- mode/#se2600 [+o rhia] by ChanServ
13:59 -!- mog [~mog@fsf/member/mog] has joined #se2600
13:59 -!- mode/#se2600 [+o mog] by ChanServ
16:39 -!- klixa-cloud [uid861@gateway/web/irccloud.com/x-zlwuvjmjimilimpi] has joined #se2600
16:39 -!- mode/#se2600 [+o klixa-cloud] by ChanServ
19:18 -!- TheDukh [~thedukh@cpe-74-141-205-192.kya.res.rr.com] has quit [Ping timeout: 248 seconds]
20:27 -!- klixa-cloud [uid861@gateway/web/irccloud.com/x-zlwuvjmjimilimpi] has quit [Quit: Connection closed for inactivity]
23:50 -!- rpifan [~rpi@73.106.73.121] has joined #se2600
--- Log closed Thu Jan 05 00:00:31 2017