@ryanc @Edent @retr0id It's been demonstrated to be possible, mainly because when people compare hashes (visually), they usually only look at the first and last few characters.
Notices by Jernej Simončič � (jernej__s@infosec.exchange)
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 08-Mar-2024 23:02:42 JST Jernej Simončič �
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Monday, 05-Feb-2024 08:20:11 JST Jernej Simončič �
@thomasfuchs Hah, what's that from?
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Sunday, 04-Feb-2024 02:17:33 JST Jernej Simončič �
@thomasfuchs I remember Office 97 being an unstable piece of crap.
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Tuesday, 16-Jan-2024 19:30:09 JST Jernej Simončič �
@joshuaelliott @mcc But they're smart!
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 22-Dec-2023 06:48:42 JST Jernej Simončič �
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 22-Dec-2023 01:24:21 JST Jernej Simončič �
@ryanc @jima As of 0.80 (latest release, addresses the Terrapin vulnerability), PuTTY supports:
Key exchange algorithms:- NTRU Prime / Curve25519 hybrid
- ECDH
- Diffie-Hellman (no group specified)
- Diffie-Hellman groups 16, 17, 18, 15, 14, 1
- RSACiphers:
- AES
- ChaCha20
- AES-GCM
- Blowfish
- 3DES
- DES
- Arcfour
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Monday, 11-Dec-2023 00:22:45 JST Jernej Simončič �
@freedosproject About 13 years ago a client bought a new high-end workstation (i7, 16 GB RAM, SSD). He also wanted to be able to still run his old QuattroPro for DOS on it, and to print from it. I set him up with DOSBox-X to do that.
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Wednesday, 06-Dec-2023 18:46:38 JST Jernej Simončič �
@emilygorcenski If you haven't seen it yet, you have to opt-out of arbitration: https://infosec.exchange/@thomasfuchs@hachyderm.io/111531294830031367
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 01-Dec-2023 04:37:40 JST Jernej Simončič �
@emilygorcenski I've got a .htaccess that redirects a bunch similar endpoints to a tarpit (short perl script that outputs around 9 bytes/second, limited to at most 20 simultaneous requests, to not DoS my own server).
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Thursday, 09-Nov-2023 03:49:30 JST Jernej Simončič �
@foone Sounds like the clipboard is in a weird state, and hitting print screen (which copies the screen content to clipboard) somehow fixes it?
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Monday, 06-Nov-2023 05:22:51 JST Jernej Simončič �
@aral What if you use Bаlkаn instead (using Cyrillic а instead of Latin a, assuming your last name is not normally written with a diactric)?
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Saturday, 21-Oct-2023 19:59:08 JST Jernej Simončič �
@hramrach @Polychrome And yet fansubs manage to be released within hours of the episode airing…
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Saturday, 21-Oct-2023 19:59:06 JST Jernej Simončič �
@hramrach @Polychrome Those hours include typesetting (including animating all the moving signs) and at least one QC pass (or at least they did back when I was doing this).
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 08-Sep-2023 12:55:29 JST Jernej Simončič �
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 16-Jun-2023 23:26:37 JST Jernej Simončič �
@Suiseiseki @niconiconi Doesn't that lose all the replies?
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Friday, 02-Jun-2023 09:28:25 JST Jernej Simončič �
@friend @shauna @oblomov Modern Microsoft Office uses GPU acceleration (with hilarious results when the drivers are having trouble).
In conversation from gnusocial.jp permalink Attachments
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Sunday, 28-May-2023 00:22:01 JST Jernej Simončič �
@inkling @kasdeya WinPE used during installation does not include WoW64, so only native executables are supported.
But why go with Solitaire, when you can play Space Cadet?
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Tuesday, 23-May-2023 02:29:47 JST Jernej Simončič �
@Migueldeicaza /[,\(\s]?#1(s)(\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?)(\s+-?\d+(?{}\.\d+)?\s+-?\d+(?{}\.\d+)?)+(\)?=|\s|$)/
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Sunday, 12-Mar-2023 13:22:32 JST Jernej Simončič �
@christian @Suiseiseki You have to do it within the program itself (according to the strict AGPL interpretation, you have to offer the source code as the very first thing when any user accesses the program running on your server). And no, NextCloud does not do this, and neither does any other AGPL program I've come across – it's a mess.
marcan had a great twitter thread on this (with a bunch of examples), but it's unfortunately gone.
In conversation from infosec.exchange permalink -
Embed this notice
Jernej Simončič � (jernej__s@infosec.exchange)'s status on Sunday, 12-Mar-2023 13:22:31 JST Jernej Simončič �
@christian @Suiseiseki That's the problem with AGPL – it hasn't been tried in a court.
In conversation from infosec.exchange permalink