viking
@viking@infosec.pub
- Comment on Bro wake up it's 1997. 2 days ago:
Especially the Hollywood map to could access with a code from the menu. That rocked so hard.
- Comment on [Video] Cops not sure whether to arrest man with "Plasticine Action" shirt for supporting terrorism 6 days ago:
That’s a British police uniform, standard issue.
- Comment on [deleted] 1 week ago:
Now we’re talking! 😁
I also quite like the Andechser Monk brew.
- Comment on [deleted] 1 week ago:
I’ll take Erdinger Dunkel over Augustiner every day, but else I fully agree.
- Comment on YouTube just quietly blocked Adblock Plus — the internet hasn't noticed yet, but I've found a workaround 1 week ago:
My thoughts exactly, what a heap of crap. Tom’s Guide used to be one of the good ones out there, real shame.
What I was wondering though is if they detect browser plugins through some public ID - how difficult is it to change those? In Firefox it’s absolutely trivial, you can simply download the extension, open it as a zip file, and then edit the files inside with a text editor and change the ID.
Haven’t used chrome for years, but extensions used to be javascript files just as well, so I doubt they are that hard to edit. Unless they found a way to block installations from local files and enforce their shop, no idea if that’s a thing.
- Comment on AOL will end dial-up internet service in September, 34 years after it's debut — AOL Shield Browser and AOL Dialer software will be shuttered on the same day 2 weeks ago:
Oh wow, dial-up in Germany died 20+ years ago. I’m surprised that’s still a thing. Well, was. But until now is really staggering. I wonder what you could even still do over such a connection, considering that even messenger services and email now use 3-5MB just completing the server handshake.
- Comment on European Commission launching #Wifi4EU initative, 93k high-speed private access points across the EU, free of charge. 2 weeks ago:
It’s still active as in, they maintain the hotspots. But I just had a look at the map, and it looks like there’s spotty service mostly clustered around tiny villages, rather than providing coverage to areas that actual get significant tourism or other visitors.
- Comment on Trump says he plans to put a 100% tariff on computer chips, likely pushing up cost of electronics 2 weeks ago:
I read those news in a way that she’s now in a low risk facility with plenty of other people around who might casually remove a witness, rather than stuck in isolation in a max security prison where every ‘suicide’ would be met with public outrage.
- Comment on Tesla loses Autopilot wrongful death case in $329 million verdict 3 weeks ago:
You’d have to prove that the salesman said exactly that, and without a record it’s at best a he said / she said situation.
I’d be happy to see Musk jailed though, he’s definitely taunted self driving as fully functional.
- Comment on EU age verification app to ban any Android system not licensed by Google 4 weeks ago:
So VPN on the router permanently set to Singapore it is.
- Comment on ‘If I switch it off, my girlfriend might think I’m cheating’: inside the rise of couples location sharing 4 weeks ago:
Yeah right, rather than stand your ground, lie in your partners face.
- Comment on Microsoft suddenly kills its movies and TV store on Xbox and Windows 5 weeks ago:
First time I hear about this store…
- Comment on 5 weeks ago:
I quite like it.
- Comment on I totally missed the point when PeerTube got so good 5 weeks ago:
Apparently the feature was added 5 years ago.
- Comment on YouTube's Latest Update Shows That Online Monoculture Is Dead 5 weeks ago:
SmartTube Next, installed directly on the TV. But when I’m in places where I can’t just install random apps on a TV, BubbleUPnP works nicely, as long as you use a chromium based browser. I keep Cromite around just for that, a degoogled chrome variant.
- Comment on YouTube's Latest Update Shows That Online Monoculture Is Dead 1 month ago:
People use the youtube app?
- Comment on Pop it in your calendars 1 month ago:
Never heard of it, probably never will once I forget about this post.
- Comment on Please settle a debate. A kid in the womb is better off listening to stuff like cat in the hat so it can be read to it at bedtime? Or history of the world during the womb and read it later? 1 month ago:
Not sure if this applies before birth.
Please demonstrate the prenatal eye contact, I dare you.
- Comment on Please settle a debate. A kid in the womb is better off listening to stuff like cat in the hat so it can be read to it at bedtime? Or history of the world during the womb and read it later? 1 month ago:
Heavy metal, obviously.
- Comment on [deleted] 1 month ago:
Have bow and arrows ready, and they just might.
- Comment on [deleted] 1 month ago:
They have been contacted and responded with aggression, so they are obviously aware that they are not alone, but want to be left alone. Free will is free will.
- Comment on Windows seemingly lost 400 million users in the past three years — official Microsoft statements show hints of a shrinking user base 1 month ago:
Are people really actively using tablets? I thought that was more of a hype and is now something that lies around and gets occasional use on the couch, but not really productive.
- Comment on Russian Internet users are unable to access the open Internet 1 month ago:
Sounds like it’s only affecting TCP and TLS, so VPN over UDP would be a quick fix.
- Comment on Facebook is asking to use Meta AI on photos in your camera roll you haven’t yet shared 1 month ago:
Works just fine if you put your phone in desktop mode.
- Comment on Facebook is asking to use Meta AI on photos in your camera roll you haven’t yet shared 1 month ago:
Facebook works perfectly fine in browser, there’s literally no need for that shit app.
- Comment on Zero-day: Bluetooth gap turns millions of headphones into listening stations 1 month ago:
Sounds like the attack scenario is very sophisticated and targeted, and only works within the range of Bluetooth low energy (BLE) connectivity, so 10-15 meters under best circumstances. At that point they might as well eavesdrop on my calls in person.
- Comment on Zero-day: Bluetooth gap turns millions of headphones into listening stations 1 month ago:
GDPR. First time opening a European website? German ones like this are particularly transparent (by law, not choice).
- Comment on Socialism is the actual teaching of Jesus 1 month ago:
Jesus was middle eastern. Don’t need to look further than that to find the hypocrisy.
- Comment on [deleted] 2 months ago:
Nah that was Windows XP, where the hard drive was not encrypted by default, and the password was stored in a hashed file on the computer itself, freely accessible via any boot stick. Actually cracking it still took some time (below 7 characters a few minutes, 7 about 1h, 8 chars up to 24h, longer… LONG). But if it was a common word, then a dictionary attack with a long enough word list (most word lists have like 400k words or so) would get it in seconds either.
The funny thing with Windows XP was that since none of the data was encrypted, you could simply delete the password hash and set a flag in the registry and you would boot right into Windows with no password at all, and were then prompted to set a new password. That didn’t work since Windows 7 anymore.
- Comment on [deleted] 2 months ago:
You can buy a hardware keystroke recorder for a few bucks. Just plug it between keyboard and computer and it logs all inputs. Once they have the boot password (and maybe a bunch of others), installing malware and exfiltrating data is pretty straightforward. Doesn’t require a lick of IT knowledge either.
Bit more challenging on a laptop without external keyboard, but there are hardware solutions as well, though they’d require tinkering with your device.
Phones are harder to gain access to. Honestly if I wanted to get into your phone, I’d probably try to set up hidden cameras in spots where you are likely to enter your PIN (bed, toilet) somewhere under the ceiling and angled straight down. I’d probably try to switch the phone off as well any chance I got (long press the start button) so that you’d be forced to boot up and enter the PIN at any given opportunity to max my chances.
Actually hacking secure boot / accessing data from encrypted drives is beyond casual hackers, unless you don’t regularly update your devices and there are some active exploits published.
But seriously, low effort password sniffing is still the biggest vulnerability out there.