--- Log opened Tue Oct 03 00:00:09 2017
01:13 -!- cordless [~cordless@gateway/shell/insomnia247/x-wrpfiwrzkzwawbrg] has quit [Ping timeout: 240 seconds]
01:14 -!- cordless [cordless@gateway/shell/insomnia247/x-hnliphtmnmoafzii] has joined #se2600
--- Log closed Tue Oct 03 03:44:19 2017
--- Log opened Tue Oct 03 04:21:27 2017
04:21 -!- Evilpig [~wilpig@96-80-184-99-static.hfc.comcastbusiness.net] has joined #se2600
04:21 -!- Irssi: #se2600: Total of 41 nicks [16 ops, 0 halfops, 0 voices, 25 normal]
04:21 -!- mode/#se2600 [+o Evilpig] by ChanServ
04:21 -!- Irssi: Join to #se2600 was synced in 19 secs
06:54 <@Dolemite> mr0ning, be0tches and h0ez!
08:17 < k3ymkr> Hey Dolemite
08:28 <@Dolemite> Are you the gatekeeper?
08:28 <@Dolemite> There is no Dana, only ZUUL!
08:30 -!- Dagmar [dagmar@unaffiliated/dagmar] has quit [Ping timeout: 258 seconds]
08:31 -!- Dagmar [dagmar@c-69-247-147-64.hsd1.tn.comcast.net] has joined #se2600
08:31 -!- Dagmar [dagmar@c-69-247-147-64.hsd1.tn.comcast.net] has quit [Changing host]
08:31 -!- Dagmar [dagmar@unaffiliated/dagmar] has joined #se2600
08:31 -!- mode/#se2600 [+o Dagmar] by ChanServ
08:35 < xray> LoL
08:53 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:cc86:98e7:e507:5fa3] has joined #se2600
10:04  * aestetix hugs Dol	
10:04  * aestetix hugs Dolemite 
10:04 < aestetix> there we go
10:05 <@Dolemite> About fuckin' time
10:10 < aestetix> https://www.youtube.com/watch?v=G0CdVQZ5thA
10:10 < PigBot> Title: CAUGHT: University and News Lie About #UndercoverANTIFA. Confronted LIVE ON TAPE! - YouTube (at www.youtube.com) http://tinyurl.com/y88nluvm
10:11 < aestetix> followup to the video I posted before
10:57 <@Dagmar> ...and for those of us who don't want to listen to some yokel flap their lips?
11:07  * dc0de[m] passes out some candy
11:07 < dc0de[m]> Here, enjoy your day.
11:08  * Dolemite pulls the razor out of his candy bar and shaves with it
11:08 <@Dolemite> Thanks!
11:10 < dc0de[m]> You know me so well!.  You're welcome!
11:16 < TheDukh> legit question for everyone... to get into Reverse Engineering malware, what would you suggest the best route?
11:27 -!- scam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
11:28 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
11:47 -!- scam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
11:48 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
12:06 <@shapr> TheDukh: first you reverse engineer reverse engineering
12:06 <@shapr> TheDukh: or you buy some facedancer boards
12:06 <@shapr> TheDukh: read a large amount of docs
12:06 <@shapr> start fuzzing things
12:47 <@Corydon76> TheDukh: A dissassembler, perhaps?
12:48 <@Corydon76> I would start with conventional binaries, including binaries that you've compiled yourself, so you train yourself to see how the source code becomes the assembled code
12:48 <@Corydon76> And more specifically, so you can recognize patterns in the compiled binary that relate back to source code
12:49 <@Corydon76> From there, you can start abstracting out what bits of the binary do, perhaps making them either into pseudo code or actual C code.
12:50 <@Corydon76> Some malware is encrypted; some isn't.  There are tools for "watching" code run, like valgrind on Linux.
12:51 <@Corydon76> Once you know some of the structure, you can set breakpoints, which then allows you to view the state of memory
13:26 < TheDukh> awesome advise, thanks fellows
13:52 <@shapr> TheDukh: fuzz usb, it's fun
13:53 < aestetix> Dagmar: https://twitter.com/ThomasVLinge/status/915252321067634688
13:54 < PigBot> Title: Thomas van Linge on Twitter: "#Catalan: in the city of #Lleida the general strike also attracted thousands of people. All major cities in the region are striking https://t.co/vKZlH1xZJN" (at twitter.com) http://tinyurl.com/ycx477ls
14:03 -!- dc0de [4c4ff9d7@gateway/web/freenode/ip.76.79.249.215] has joined #se2600
14:43 -!- scam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
14:44 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
15:52 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has joined #se2600
16:36 <@Corydon76> Well, bravo, Yahoo, for managing to have their entire database of 3B records stolen.
16:41 <@brimstone> back in 2013
16:42 <@brimstone> i would think someone would have triggered my 2FA by now
16:44 -!- Imgur[m] [nebimgurma@gateway/shell/matrix.org/x-pzloamuvriajtoqp] has joined #se2600
16:45 < cyberanger> One more reason to use unique passwords and keepass or similar too
16:45 < cyberanger> I'm not sure I was back then however.
16:45 < dc0de[m]> and just to think, only three months ago, someone called me a "tinfoil hat old man"
16:46 < dc0de[m]> not anyone here... just sayin'.... OPSEC is important.
16:46 <@Corydon76> cyberanger: I'm absolutely certain that I was using unique passwords back in 2013.  It's one of the things we do at my current employer, and I was hired in early 2013.
16:47 < cyberanger> I do know if I wasn't completely off Yahoo by then, I was close. (I've had too many close calls as is)
16:47 <@Corydon76> I think we termed it paranoid at the time.  Today, looks a lot less paranoid and a lot more sensible
16:49 < cyberanger> I do going forward, curse is I don't know when I started going back and getting a lot of the old stuff. (I know out of high school in 08 I made an effort, but never sure I got it all)
16:52 < dc0de[m]> Corydon76: agreed, however, someone I work with told me three months ago, Prior to Equihax, Dumploitte, and the rest of it.
16:54 < dc0de[m]> the employers out here (in California) don't have control of their own networks...
17:22 <@Corydon76> And another Holy Fuck; Is Anybody In This Government Paying Attention? http://www.politico.com/story/2017/10/03/equifax-irs-fraud-protection-contract-243419
17:22 < PigBot> Corydon76: That URL appears to have no HTML title within the first 30480 bytes.
17:30 -!- scam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
17:31 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
17:53 <@Evilpig> dc0de[m]: to be fair you are a tinfoil hat old man too 
18:03 < skiboy> memes
18:20 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:cc86:98e7:e507:5fa3] has quit []
19:11 -!- dc0de [4c4ff9d7@gateway/web/freenode/ip.76.79.249.215] has quit [Ping timeout: 260 seconds]
19:14 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:5179:2ccb:8f0b:b689] has joined #se2600
19:56 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has quit [Ping timeout: 240 seconds]
20:08 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:5179:2ccb:8f0b:b689] has quit []
20:22 < dc0de[m]> Evilpig: tbf, I was raised that way.
20:22 < dc0de[m]> Corydon76: that IRS Contract award should be revoked immediately... IMHO.
20:23 < dc0de[m]> I've got to believe the contract language has to include data breach as breach of contract.
21:12 < K`Tetch> wwhy revoked? it was awarded AFTEr the breache
21:12 < K`Tetch> "The $7.25 million no-bid contract to Equifax was posted the last day of the fiscal year, Saturday, on the government's Federal Business Opportunities database. It was awarded Friday, three weeks after Equifax announced what Ars has described as "very possibly the worst leak of personal info ever." According to the posting, Equifax will "assist in ongoing identity verification and validations" for the IRS."
21:17 < K`Tetch> The contract was a "sole source order." That means the IRS has determined that Equifax was the only company deemed capable of performing the contract, according to Politico. The IRS, which did not immediately respond for comment, said in the contract posting that "this is considered a critical service that cannot lapse."
21:35 < dc0de[m]> I read that. Which means that the irs is now purchasing questionable data. With taxpayers money.
21:36 < dc0de[m]> Great. And I don't believe that another agency could not provide the data.
23:21 -!- sicsscam [~sicsscam@24.154.71.208] has joined #se2600
23:21 -!- scam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
--- Log closed Wed Oct 04 00:00:10 2017