626 posts • joined 1 Aug 2015
Meanwhile, the Russian/ Chinese/ Iranian/ N Korean (delete as/if necessary) state-employed Black Hats are spitting blood waiting to see if their little compromise software, sitting quietly in a dark corner of a server somewhere, will be uncovered by the security measures introduced following this mal(ware)arkey.
I see his website scores a "T" due to certificate mismatch here:
and, as you may have guessed, an "F" here:
Laughed? I almost opened that attachment...
"Have you found them to be refreshingly proactive, Olaf, and could this relatively anonymous communication channel be one of their creation and iteration?
You know, NCSC doing some Deep and Dark See Phishing for Blighty in the Almighty Strange Waters of a Cutting Edge Publication Hosting here. ..... for those more than just interested in taking and making a Walk on the Wild Side?"
Don't go solving the crypto-puzzle or, if you do, don't go phoning the no. given for the prize of 2 yrs. subscription to the magazine of your choice...
Quite, although TP-Link seem to recommend DD-WRT.
But, no warranty!
"To Use Third Party Firmware In TP-Link Products
Some official firmware of TP-Link products can be replaced by the third party firmware such as DD-WRT. TP-Link is not obligated to provide any maintenance or support for it, and does not guarantee the performance and stability of third party firmware. Damage to the product as a result of using third party firmware will void the product's warranty."
"I got a similar answer from EDF when I asked them why I needed to disable 'Auto remove overlays', 'uBlock Origin' and Safescript in order to access the site."
With noscript you have to enable google.com and gstatic.com and sometimes an amazonaws script in addition to the edf script in order to log in. The google and gstatic scripts seem to be there for supplying the captctha. The amazonaws is not always present but if it is you have to enable it. I've complained about this excessive use of 3rd party stuff but they seem not to understand, their ssl labs rating was a B until I told them about it, they've since improved it.
"The first cable modems they supplied were Surfboard modmes. They used a soft config file sucked off the server and stiored in EPROM. The config file set you up/down speed, otherwise all you had was 64k to the server and no other connectuion. It turned out to vbe suprisingly easy to sniff config files as they zoomed past, save them, read them, reset the mac address of the modem, then copy up the config file. You paid for 128k but got 10Mb"
You sure they weren't Surfboard mod-me's?
Collecting code books from adjoining areas so you could dial various exchanges to check for faulty ones ( dial remote exchange from local exchange then code for local exchange from remote location) to see if paybox gets bypassed. Rinse and repeat. Result : faulty exchange bypasses paybox- free phone calls.
Otherwise dial exchanges in a string to avoid long distance charges- gets noisier with more hops.
I've said too much...
Mines the one with all the little red books in it. ( No, not those little red books...)
That's the problem gents, by the time you've enabled (one at a time) the first few scripts, you find the check doesn't work. Of course you look again to see a whole new shitload of other scripts waiting for your permission. I'd be more trusting if I hadn't remembered that Todd Davis (Symantec co-founder) had his identity stolen 13 times!
Would you want to steal his identity?
Biting the hand that feeds IT © 1998–2022