@nazokiyoubinbou @Viss Exactly
Uncategorized
1.4k
Posts
383
Posters
0
Views
-
@Viss if my phone's configured to _not_ use the headset for calls, all's good, though?
-
Wow, I had no idea....
Testing next time I go to a restaraunt lol -
Wow, I had no idea....
Testing next time I go to a restaraunt lol@maddad bring your rf kit, cuz this ones not just git clone skid hax
-
@Viss confirmed
-
@Viss you don't wear battery-powered radio-addressable firmware in your ears due to a comprehensive threat model, I don't wear battery-powered radio-addressable firmware in my ears because I can't be arsed to charge it constantly; we're not the same.
(But this is awesome.)
-
@Viss @funnymonkey what is the approximate distance? Feet? Inches? I thought badge readers intentionally made it so it had to be close to prevent interference from other cards but with a appropriate reader the distance was farther...
@vrek
As a person who uses those cards on a daily basis, the badge has to be no more than 3mm or so away from the reader to registerYou, as the black hat, would have to literally snatch the card and tap your fancy tech to get the code
With that said, a lot of people do not have positive control of their cards all the time
For a while, our RFID cards were also smart cards, for logging in to our corporate network, and people would forget their cards in their computers all the time, which opens up even more holes, particularly with internal threat actors
We switched to other methods, but the same risks apply—maintain positive control of your 2FA, smart and dumb keys at all times
Bluetooth is a much bigger issue, to be sure, particularly for tracking people
@Viss @funnymonkey -
@vrek
As a person who uses those cards on a daily basis, the badge has to be no more than 3mm or so away from the reader to registerYou, as the black hat, would have to literally snatch the card and tap your fancy tech to get the code
With that said, a lot of people do not have positive control of their cards all the time
For a while, our RFID cards were also smart cards, for logging in to our corporate network, and people would forget their cards in their computers all the time, which opens up even more holes, particularly with internal threat actors
We switched to other methods, but the same risks apply—maintain positive control of your 2FA, smart and dumb keys at all times
Bluetooth is a much bigger issue, to be sure, particularly for tracking people
@Viss @funnymonkey@DelilahTech @Viss @funnymonkey interesting. Yeah people are always the weak link. About 15 years ago there was an incident at an old office I worked in. Every door was locked and you needed a badge to the rfid reader to unlock, but somebody came up right at starting time when everyone was walking through the front doors, somebody held the door open being nice, this person then walked through the cubicles and any wallets he saw people left on their desk he took, then just walked out a side door
-
@DelilahTech @Viss @funnymonkey interesting. Yeah people are always the weak link. About 15 years ago there was an incident at an old office I worked in. Every door was locked and you needed a badge to the rfid reader to unlock, but somebody came up right at starting time when everyone was walking through the front doors, somebody held the door open being nice, this person then walked through the cubicles and any wallets he saw people left on their desk he took, then just walked out a side door
@vrek
Yeah, security at my job really leans on the "don't let people in" thing, and occasionally we'll get a 'where's your badge' troll to see who's paying attentionWith that said, we did have a thief who would regularly come through the office and steal shit off people's desks, particularly iPhone chargers
... and food from the fridges, which really upset one of our second shift people, with dietary restrictions
So, yeah, the thief was called the hamburger, 😂
We suspected a security guard on 2nd shift, but as far as I know, no one was caught, and thievery stopped after about eight months
@Viss @funnymonkey -
@vrek
Yeah, security at my job really leans on the "don't let people in" thing, and occasionally we'll get a 'where's your badge' troll to see who's paying attentionWith that said, we did have a thief who would regularly come through the office and steal shit off people's desks, particularly iPhone chargers
... and food from the fridges, which really upset one of our second shift people, with dietary restrictions
So, yeah, the thief was called the hamburger, 😂
We suspected a security guard on 2nd shift, but as far as I know, no one was caught, and thievery stopped after about eight months
@Viss @funnymonkey@DelilahTech @Viss @funnymonkey yeah, they started enforcing that after the incident. When I was with same company but different location we hired somebody like 3 days before 2 weeks off for Christmas. Due to the calendar that year Jan 2nd was Friday so they gave us that day off. Everyone forgot to tell the new guy. He showed up, his badge works since it was a valid work day. He didn't know there was a security system... He put his stuff in lockers, made a coffee, about to start working, police!
-
@vrek
Yeah, security at my job really leans on the "don't let people in" thing, and occasionally we'll get a 'where's your badge' troll to see who's paying attentionWith that said, we did have a thief who would regularly come through the office and steal shit off people's desks, particularly iPhone chargers
... and food from the fridges, which really upset one of our second shift people, with dietary restrictions
So, yeah, the thief was called the hamburger, 😂
We suspected a security guard on 2nd shift, but as far as I know, no one was caught, and thievery stopped after about eight months
@Viss @funnymonkey@DelilahTech @Viss @funnymonkey oh and I should say that was a 1 time incident, he took about 15 wallets(don't know total count of money) and was never seen again. My wallet is always in my pocket, if you're close enough to put a hand in there and I don't react with a elbow or fist... You could probably just ask me to lend you some money
-
@DelilahTech @Viss @funnymonkey yeah, they started enforcing that after the incident. When I was with same company but different location we hired somebody like 3 days before 2 weeks off for Christmas. Due to the calendar that year Jan 2nd was Friday so they gave us that day off. Everyone forgot to tell the new guy. He showed up, his badge works since it was a valid work day. He didn't know there was a security system... He put his stuff in lockers, made a coffee, about to start working, police!
@vrek
LOL, I've accidentally gone to work on... Memorial day?Whichever the one is in May
Anyway, I was on 2nd shift back then, and I did it twice! 😅
You'd think the gate guard would have said something, you'd be wrong 🤦
@Viss @funnymonkey -
@vrek
LOL, I've accidentally gone to work on... Memorial day?Whichever the one is in May
Anyway, I was on 2nd shift back then, and I did it twice! 😅
You'd think the gate guard would have said something, you'd be wrong 🤦
@Viss @funnymonkey@DelilahTech @Viss @funnymonkey we didn't have a front gaurd at that site, just badges and a security system.
He ended up a good employee, no punishment.
One time I went to work on a Sunday for reasons, needed to go to clean room and turned on the lights in gowning. Later security walked by and saw lights on, turned them off. I needed to pee so I leave clean room, pee, turn lights back on to gown. Security sees lights, turns them off. I take lunch, security sees me in cafeteria... "it was you!" -
@DelilahTech @Viss @funnymonkey we didn't have a front gaurd at that site, just badges and a security system.
He ended up a good employee, no punishment.
One time I went to work on a Sunday for reasons, needed to go to clean room and turned on the lights in gowning. Later security walked by and saw lights on, turned them off. I needed to pee so I leave clean room, pee, turn lights back on to gown. Security sees lights, turns them off. I take lunch, security sees me in cafeteria... "it was you!"@DelilahTech @Viss @funnymonkey to be clear, my story was at second location with security guard.
-
@DelilahTech @Viss @funnymonkey we didn't have a front gaurd at that site, just badges and a security system.
He ended up a good employee, no punishment.
One time I went to work on a Sunday for reasons, needed to go to clean room and turned on the lights in gowning. Later security walked by and saw lights on, turned them off. I needed to pee so I leave clean room, pee, turn lights back on to gown. Security sees lights, turns them off. I take lunch, security sees me in cafeteria... "it was you!"A g- g- g- ghost!
-
A g- g- g- ghost!
@DelilahTech @Viss @funnymonkey basically... I was friends with the security guard. It wasn't like you're in trouble more like oh thank God I'm not going insane.
-
Perhaps not, but you do need to make sure you don't pair with any potentially insecure devices.
Pairing a phone with a laptop is hopefully fine. They both get security updates. But gadgets like speakers and keyboards? Don't even think about it. Wired or bust.
-
@Viss @funnymonkey what is the approximate distance? Feet? Inches? I thought badge readers intentionally made it so it had to be close to prevent interference from other cards but with a appropriate reader the distance was farther...
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
-
Speaking of which, I wonder how long it'll be before some psycho hacks a bunch of people's earbuds to make a noise loud enough to destroy their hearing.
There's no fun or profit in it, but there must be some “watch the world burn” kind of character somewhere who thinks this is a good idea…
-
Perhaps not, but you do need to make sure you don't pair with any potentially insecure devices.
Pairing a phone with a laptop is hopefully fine. They both get security updates. But gadgets like speakers and keyboards? Don't even think about it. Wired or bust.
@argv_minus_one @funnymonkey this hack happens outside of pairing
-
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
@argv_minus_one @Viss @funnymonkey if only I was smarter this would be interesting to investigate... But alas I'm a idiot loser so it will end up being a mental experiment
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
This is absolutely awesome! The @leavex campaign now has their website up an running, so we can see exactly which members of the EU parliament still support Musk's disinformation platform X, and avoid voting for them.
I hope @leavex expands to add every national parliament — the disinformation has to end.
Se their excellent overview here:
https://leavex.eu/politicians/Please boost this to support the campaign.
-
This is the epitome of disco boats.
-
Non so se hai ascoltato la puntata del podcast in cui parlavo di mio papà ma la situazione non era troppo diversa
-
Pixelated selfie
-
This post did not contain any content.
-
@simonperry @Dunpiteog
In quel di Novara si usava dire fin verso gli '80 "teròn magna savòn" per riferirsi ai meridionali che non si lavavano e che preferivano mangiarselo il sapone invece di utilizzarlo. Quindi, sporchi e ignoranti.
Mio padre opponeva a questi epiteti il fatto che lui al suo paese del sud aveva il bagno in casa, mentre gli appartamenti che davano in affitto ai terroni non ce l'avevano e lui i primi tempi era costretto ad andare ai bagni pubblici per lavarsi... 🤷
-
@cwebber christine can have little a feral on main, as a treat
-
@fucinafibonacci @attualita tutte misure inutili, ricordo che Hobsbawm trattò nel Secolo breve l'argomento. Da quello che ricordo quando c'erano cali di natalità nessuna misura era in grado di cambiare le cose.
Sembra quasi che le popolazioni si autoregolino in base alla popolazione.
