--- Log opened Thu Oct 26 00:00:17 2023
05:29 <@Dolemite> mr0ning, be0tches and h0ez!
05:58  * aestetix hugs Dolemite 
05:59 <@Dolemite> Sweet.  There's a SpaceX launch scheduled for the day that I cruise out of Port Canaveral.   It's at 10 PM, so we'll already be gone from port, but should be a nice view from the ocean.
06:26 <@Dolemite> aestetix: So what do the European bookies have for odds on how far the new US Speaker of the House will last?
06:26 < aestetix> To be honest nobody is paying attention to that
06:27 < aestetix> All eyes right now are on the israel/gaza crisis
06:27 <@Dolemite> So Europe pretty much expects USA to be ineffective and disengaged in that?
06:27 < aestetix> Well, the real question is whether it will stay contained to israel and gaza
06:28 < aestetix> A lot of european countries are seeing a massive spike in riots
06:28 <@Dolemite> If Israel doesn't temper it's assault on Hamas so that the civilians can be protected, I see it escalating pretty badly
06:29 < aestetix> There are a ton of ways it can escalate :(
06:29 <@Dolemite> That's the problem with the modern age - it's no longer the military that engage in fighting, so it's tough to follow the Geneva Convention rules when the enemy doesn't
06:29 < aestetix> well I'm also thinking of Iran
06:30 <@Dolemite> I fully think Russia made a deal with Iran to poke this bear and take attention away from Ukraine
06:31 < Evilpig> not a bad strategy
06:32 <@Dolemite> It would be ironic if the Democrats in the house refused to acknowledge Mike Johnson as having won the speakership.
07:01 < aestetix> Dolemite: I mean if you read the article I posted the other day
07:01 < aestetix> Berlin has become a bit of a center for protests about the israel war
07:01 < aestetix> Both pro-palestine and pro-israel riots are happening
07:01 < aestetix> And I use the term riot because they do include violence
08:34 <@Dagmar> Holy shit
08:35 <@Dagmar> This company we've been working with called "PayActiv" apparently sets up electronic draft stuff by _asking the user to give them their bank account username and password_
08:37 <@Dagmar> That is some amateur hour shit
08:38 <@Dagmar> We're going to have a "showdown" with accounting because the head of that department just requested no one say anything bad about it outside of IT
08:39 <@Dagmar> ...and I'm like "No.  THat violates several security principles, the TOS of the user's banking site, and good fucking sense."
08:40 <@Dagmar> Absolutely the fuck not will I tell people "yeah go ahead and ignore rational thought and give this place your fucking banking account credentials instead of entering your routing numbers yourself"
08:47 <@Dagmar> You can't really tell me that Wells Fargo and Bank of America, should PayActiv get compromised and someone's account details stolen, and their accounts subsequently drained, would NOT find out about that and tell the user "Oh well, we told you not to do that, and now you're broke"
08:48 <@Dolemite> So are they actually asking for the username and password, or is the app passing off an OAuth login request to the bank and asking for specific consent?
08:48 <@Dagmar> They're actually asking for the username and password
08:48 <@Dolemite> Fuckin' A
08:49 <@Dagmar> I'm half tempted to drop a note to Bank of America and suggest they might want to get ahead of that by suing PayActiv
08:53 < Evilpig> wow.  that's special
08:54 < Evilpig> I was figuring it was like this thing google uses that does some oauth magic in the background that looks like them asking for user and password
08:54 < Evilpig> plaid.com ?
08:55 <@Dolemite> well if they are asking for your username/password directly they could be doing Client Credential Flow with OAuth, but that has been highly discouraged from pretty much everybody and is dropped in the newest spec since it's basic auth disguised as modern auth
08:56 <@Dolemite> Either way, my answer would be NFW
08:56 <@Dagmar> They're not doing OAuth
08:57 <@Dolemite> It's a new protocol called GFY
09:00 <@Dagmar> ...which cannot possibly mitigate the issue of some other site's credentials being sent to this site
09:00 <@Dolemite> GFY = Go Fuck Yourself protocol
09:01 < Evilpig> filed another complaint with the fire marshall.  https://photos.app.goo.gl/4yMetLmR83x3zWbx8
09:01 < PigBot> No Title (at photos.app.goo.gl) 
10:07 <@Dagmar> Is that part of the asphalt marked as prohibited from parking?
10:08 <@Dagmar> Firemen typically don't fuck around with that kind of thing.  If they need to use that hydrant, they're not above using the truck to push the thing out of the way, no matter what happens to it
10:13 <@Dolemite> They also have no qualms about busting the windows out of a car and routing the hose through it.
10:41 <@Dagmar> That's fun to watch them do
10:46 < Evilpig> yeah it's clearly marked.  you can't bust windows out a closed trailer though
10:46 < Evilpig> what you can do is get the fire marshall to come out and fine them, and the property as well for not enforcing the zone
10:47 < Evilpig> and since this is the second complaint i've filed and both have pictures to go with them there is no arguing that it isn't intentional
10:48 < Evilpig> it's also one thing to render a hydrant unusable for a new construction when there aren't people around, it's shitty but loss of property alone who gives a fuck.
10:48 <@Dolemite> Evilpig: You do realize that with your bear-poking the apartment complex will now instruct the construction crews to park all of their trailers in the parking spots closest to your apartment, right?
10:48 <@Dolemite> I mean, that's exactly what you'd do.  LOL
10:48 < Evilpig> this isn't that.  there are people directly next to that site and that hydrant may be needed.  it's bad enough these fuckers have that road so horked up with fences and other building supplies that you would have trouble getting an emergency vehicle in here in the first place
10:49 < Evilpig> Dolemite: THEY ALREADY ARE PARKING IN MY SPOT!
10:49 < Evilpig> the fuks
10:49 < Evilpig> I know they've heard me scream about it more than once
10:49 <@Dagmar> Are spaces assigned and have a monthly cost?
10:50 < Evilpig> get back from dropping the kid off at school and i'm sure it's audible outside my truck cab.  "GET THE FUCK OUT OF MY SPOT YOU SON OF A BITCH! ARRRRHHHHHHHHG"
10:50 < Evilpig> they are not.  however, the spaces next to the building are supposed to be for residents only and the spaces on the backline for for guests
10:50 <@Dagmar> No stickers for this I take it
10:50 < Evilpig> so the construction fucks should be free to park in the backline but clearly that trailer is in the front and in the firelane
10:50 < Evilpig> no stickers anymore either
10:51 < Evilpig> it has a whole other level of wtf
10:51 < Evilpig> some of these construction guys are living here
10:52 < Evilpig> when they aren't working on that building they have been "remodeling" some of the other units around here which entails new lights, faucets, maybe appliances.  nothing of use.  but they will stay in that unit until it is done
10:53 < Evilpig> so during the day they work on the fire rebuild, afternoon / night on the remodels and they are living in the units.  two of the trucks in front of my building have moved into the unit next door to me and aren't doing anything in it. 
10:54 < Evilpig> one thing for working from home is I have plenty of time to watch what's going on.
10:54 <@Dagmar> Sounds like maybe that might be a "gettng paid under hte table" issue
10:54 < Evilpig> the video I posted of the forklift incident.  here's the car.  https://photos.app.goo.gl/mGecPhuj7kdJtVmy7
10:54 < PigBot> No Title (at photos.app.goo.gl) 
10:55 <@Dagmar> All I saw in the video was the forklift by itself.  I take it they sideswiped the vehicle?
10:55 < Evilpig> not really sure.  I think the 13/14yr old was driving and either tried to get by the forklift or the forklift was moving and didn't see the car.  either way it fucked it good
10:56 < Evilpig> I need to pop over there and see how old harold actually is.  I was sure he isn't 15 and is definitely a year behind sabrina in school
11:50 < Evilpig> damn!  chucky is brutal today
12:08 -!- eryc [~eric@user/eryc] has quit [Ping timeout: 255 seconds]
12:08 -!- eryc [~eric@user/eryc] has joined #se2600
12:08 -!- mode/#se2600 [+o eryc] by ChanServ
15:08 < Evilpig> w00t w00t!  fire marshall just called to let me know they took care of the problem
15:09 < Evilpig> yet he wasn't aware of the OTHER complaint I made so I told him that's twice in a month and these people don't care about codes or safety i'd appreciate if you'd randomly stop by and check sometime next week and I bet you can give them a nice citation
15:09 < Evilpig> he said to let him know if it happens again and he'll be right out
15:25 <@Mirage> Got him on speed-dial now?
15:26 < Evilpig> you know it
16:43 <@Dagmar> Hm.... I guess I'm definitely calling Fortinet TAC now
16:44 <@Dagmar> Something weird happened to the switch that the firewalls are connected to Tuesday night and it looks like it lost power (somehow) for a moment
16:44 <@Dagmar> So... despite being HA units, both of them lost all their links at the exact same time, and apparently just locked right up
16:44 <@Dagmar> I would have figured it would go ahead and use the heartbeat cable for sync but perhaps not
22:21 <@xray> DEF CON Groups VR Village
22:21 <@xray> Our Halloween themed event is tomorrow – Friday, October 27 @ 7:00pm PDT. To kick things off, @yo_yo_yo_jbo will present spooky story about a 33-year-old buffer overflow – “A very dangerous Dave”. Meet and hang out with other hackers! @defcon @defcongroups #hackers @DCGVR@defcon.social https://dcgvr.org/join
22:21 < PigBot> Frame (at dcgvr.org) https://tinyurl.com/yrugdazf
--- Log closed Fri Oct 27 00:00:19 2023