@nazokiyoubinbou @Viss Exactly
Uncategorized
1.4k
Posts
383
Posters
0
Views
-
A g- g- g- ghost!
@DelilahTech @Viss @funnymonkey basically... I was friends with the security guard. It wasn't like you're in trouble more like oh thank God I'm not going insane.
-
Perhaps not, but you do need to make sure you don't pair with any potentially insecure devices.
Pairing a phone with a laptop is hopefully fine. They both get security updates. But gadgets like speakers and keyboards? Don't even think about it. Wired or bust.
-
@Viss @funnymonkey what is the approximate distance? Feet? Inches? I thought badge readers intentionally made it so it had to be close to prevent interference from other cards but with a appropriate reader the distance was farther...
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
-
Speaking of which, I wonder how long it'll be before some psycho hacks a bunch of people's earbuds to make a noise loud enough to destroy their hearing.
There's no fun or profit in it, but there must be some “watch the world burn” kind of character somewhere who thinks this is a good idea…
-
Perhaps not, but you do need to make sure you don't pair with any potentially insecure devices.
Pairing a phone with a laptop is hopefully fine. They both get security updates. But gadgets like speakers and keyboards? Don't even think about it. Wired or bust.
@argv_minus_one @funnymonkey this hack happens outside of pairing
-
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
@argv_minus_one @Viss @funnymonkey if only I was smarter this would be interesting to investigate... But alas I'm a idiot loser so it will end up being a mental experiment
-
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
@argv_minus_one @Viss @funnymonkey if only I was smarter this would be interesting to investigate... But alas I'm a idiot loser so it will end up being a mental experiment
-
@argv_minus_one @funnymonkey this hack happens outside of pairing
@Viss @argv_minus_one @funnymonkey this part involves pairing, no?
> Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).
-
@Viss @argv_minus_one @funnymonkey this part involves pairing, no?
> Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
-
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
@Viss @argv_minus_one @funnymonkey huh, til
-
@aburka @argv_minus_one @funnymonkey let me know when you soft brick your first thing. i like changing the names of peoples fitbits while on flights
-
@aburka @argv_minus_one @funnymonkey let me know when you soft brick your first thing. i like changing the names of peoples fitbits while on flights
@Viss @argv_minus_one @funnymonkey my Fitbit that's paired to the same phone doesn't even show 🤷♀️
-
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
Yes but they can't impersonate the headphone to the phone if the headphone isn't paired to the phone, can they?
-
@Viss still looking like Saturday to me :D
-
@Viss still looking like Saturday to me :D
@winterknight1337 i like your brain
-
@winterknight1337 i like your brain
@Viss helps that I was playing Rimworld till 0330 and I just got up lol
-
@Viss helps that I was playing Rimworld till 0330 and I just got up lol
@winterknight1337 that works too! i was in arc raiders for like. 7 hours yesterday
-
@da_667 @winterknight1337 i wish other folks were into arc raiders. cruising around in a team of 3 would be so rad
-
@da_667 @winterknight1337 its a sneakmode one tho
-
@Viss @da_667 @winterknight1337 I've been eyeing it for a while, especially since it appears to not be outright hostile to Linux.
But I'm also using an old enough NVIDIA card to be affected by the recent Arch kernel/driver shenanigans 😅
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@Otttoz il Giorno della Dimenticanza.
-
@nemeciii even if Trump wasn’t being an asshole towards the world, just his presence in the White House should be enough to divest oneself of US treasury assets.
-
La Ratelemelonitaliana ricorda il rastrellamento del Ghetto. Ma dalla fiction scompaiono i fascisti...
La mini serie in onda in occasione del Giorno della Memoria
-
@nemeciii Trump's response to this is, of course, going to be to threaten Denmark and demand that they not do it, which is just going to encourage others to follow Denmark's lead.
The U.S. economy crashing is in my opinion the only thing that has any chance of propelling Trump out of office, so the sooner it happens the better.
I've already pulled nearly all my money out of the stock market.
-
@evan @chad I absolutely believe Canada needs a healthy collection of stable Fediverse instances. I hope the sincerity of this call is heeded by some of your strongest members.
-
Cos'è balenaEtcher e come funziona l'utilità open source per la creazione di unità avviabili. Quali sono le sue principali caratteristiche e quali le differenze rispetto a Rufus.
#linux #FOSS
https://www.ilsoftware.it/focus/balenaetcher-come-funziona-e-quali-differenze-con-rufus/
-
PROVINCE
-
@nemeciii Hell yeah! Collapse the US please!
