Jump to content

QuoVadis

Active Members
  • Posts

    2713
  • Joined

  • Days Won

    192

Everything posted by QuoVadis

  1. http://www.hotnews.ro/stiri-alegeri_locale_2016_bucuresti-21042902-video-cum-functioneaza-sistemul-informatic-care-monitoriza-votul-alegerile-locale-duminica-18-616-tablete-care-vor-scana-cnp-urile-alegatorilor.htm Sistemul informatic de monitorizare a prezentei la vot si de prevenire a votului ilegal, un sistem care va conecta toate sectiile de vot din tara la o baza de date comuna, va permite un schimb de informatii in timp real si va functiona si la centrul de comanda al MAI pentru a depista tentativele de vot ilegal. - si pe MAI cine-i verifica sa nu bage voturi ilegale? Şo' pe ei h4x0rilor si decideti-va singuri viitorul
  2. There’s an oft-repeated adage in the world of cybersecurity: There are two types of companies, those that have been hacked, and those that don’t yet know they have been hacked. MySpace, the social media behemoth that was, is apparently in the second category. The same hacker who was selling the data of more than 164 million LinkedIn users last week now claims to have 360 million emails and passwords of MySpace users, which would be one of the largest leaks of passwords ever. And it looks like the data is being circulated in the underground by other hackers as well. It’s unclear when the data was stolen from MySpace, but both the hacker, who’s known as Peace, and one of the operators of LeakedSource, a paid hacked data search engine that also claims to have the credentials, said it’s from a past, unreported, breach. Neither Peace nor LeakedSource provided a sample of the hacked data. But Motherboard gave LeakedSource the email addresses of three staffers and two friends who had an account on the site to verify that the data was real. In all five cases, LeakedSource was able to send back their password. The database contains 427,484,128 passwords, but there are only 360,213,024 million emails, according to LeakedSource, which announced the leak on Friday in a blog post. Each record in the hacked dataset contains “an email address, a username, one password and in some cases a second password,” according to the site. “Of the 360 million, 111,341,258 accounts had a username attached to it and 68,493,651 had a secondary password (some did not have a primary password),” wrote LeakedSource, which provides subscribers, who pay between $2 a day to $265 a year, with access to what the site claims is a collection of more than 1.6 billion hacked or leaked records. LeakedSource wrote that the data was provided by someone who goes by the alias Tessa88, but in an interview with Motherboard, an operator for the site said they were unaware of the real origins of the data breach, such as who originally breached MySpace, nor who has had the data “this whole time” or when the company was hacked. But this data was bound to leak eventually, they said. “It's the nature of information. ‘Three can keep a secret, if two of them are dead,’” the operator told me in an online chat. “Once data gets traded a few times, eventually it will make its way to somebody who is not trustworthy to keep it a secret, and then it will spread like branches of a tree.” Source and full article: http://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breach
  3. 1. Felicitari! 2. Nu baga in seama rautatile/frustrarile care de multe ori vin involuntar din diferite motive. Cainii latra, ursul trece Am cunoscut "episoade" in privat, de cand sunt pe RST, de persoane care gasesc vulnerabilitati majore in companii mari, cel mai recent fiind aseara. Dar pentru ca au bunul simt necesar si au fost crescuti cum trebuie de parinti nu ii vezi facand galagie ci se ambitioneaza si mai mult. Ceea ce ma duce la punctul urmator: 3. Keep it up si la mai mare! Vorbind strict in nume propriu, daca crezi ca te pot ajuta cu ceva in viitor, in limita posibilitatilor o voi face cu placere.
  4. Pretul este foarte mic, mizer chiar, deci sa nu astepti munca de calitate la un astfel de buget, doar daca nimeresti pe cineva strans cu usa si avand nevoie urgenta de bani sau amatori. Preturile standard pentru asa ceva variaza (in functie de mai multe criterii gen terminologie, experienta, volum, deadline, etc.) intre 0.05 - 0.15 usd / cuvant. Daca iei marginea de sus, sa zicem 12 centi / cuvant si aproximezi cam la 200 cuvinte / pagina, ajungi la 24 usd / pagina. Sau daca sunt 250 cuvinte / pagina atunci 30 usd / pagina. Inmultit cu 25 pagini... socoteste rezultatul. Incearca pe upwork.com si freelancer.com caci acolo am vazut ceva translatori romani si poate ca e vreunul care vrea sa-si faca rating/feedback pozitiv si e dispus sa-ti munceasca de pomana. LE: http://www.traduceritehnice.net/ Ei fac la 20 lei / pagina. Tot te ajunge la 125 usd.
  5. Varsati-va frustrarile in alta parte. Daca nu aveti familie/prieteni corespunzatoare/-tori exista persoane abilitate ce ofera un mediu propice si discret pentru asa ceva.
  6. Stiam ca suferi dar nici chiar asa. Nu eu ti-am editat semnatura. Bafta!
  7. Daca nu ai observat, la telefoanele actuale ai "emergency calls only" unde poti suna la 999 / 112 fara sa fie nevoie de vreo parola. Iar in tarile civilizate, cand te inregistrezi cu medicul de familie si sistemul de sanatate, completezi un formular cu "next of kin" sa stie pe cine sa contacteze in caz de urgenta. Problema din punctul meu de vedere e alta si anume faptul ca din punct de vedere al securitatii, cineva cu putin talent, spirit de observatie si rabdare, poate sa imite astfel de lucruri si sa-l deblocheze. Depinde de cat de bun e algoritmul ce calculeaza toate aceste lucruri si daca poate fi manipulat. Iar unii care sunt mai paranoia se pot gandi ca pe langa pattern-urile deja colectate, vor cunoaste absolut tot despre tine. Daca dai la buci cu telefonul in buzunar, vor stii cat de viril esti si probabil iti vor da reclame la Viagra. Si toate acestea se vor traduce mai tarziu in produse, reclame, etc. - caz in care omul devine o simpla unealta. Iar pentru cei si mai paranoia, in 50-60 ani se pot gandi la predictive behavioral profiling si ceva gen Minority Report === LE: Un scenariu din viata reala, de anul trecut cand eram pe Android - am luat autobuzul sa ajung pana intr-o locatie si de acolo am mai mers ceva sa ajung la un prieten acasa. Era sambata. Seara, pe la 11.30, imi vibreaza telefonul cu notificare de la Google care stia adresa mea de "home" si stia unde sunt. Pe langa asta stia si ca am venit cu autobuzul si mi-a spus ca daca vreau sa ajung acasa sa plec sa ajung la stop la 11.47 ca sa prind ultimul si singurul autobuz pe acea ruta. Daca colecteaza si mai multe pattern-uri de comportament sa zicem ca trecea in cazul de fata 11.47 si eu tot in acelasi loc eram. De acolo nu mai e mult sa adauge la algoritm sa vada daca sunt hoteluri prin zona si de cate ori am ramas acolo peste noapte. Iar daca e prima oara sa dea un scan peste mail-uri si mesaje (la fel cum da momentan peste gmail si apoi iti afiseaza reclame "relevante") si daca detecteaza ceva keyword-uri mai "suspicioase" sa dea un ping la politie sa trimita o patrula. In viitorul apropiat poate ca nu dar in 15-20 ani cu atatia "teroristi" si pentru "binele populatiei" ar fi o posibilitate.
  8. Daca nu stii de ethereum... de ce arunci cu noroi? Doar din frustrare? Topicul discutiei este Ethereum P.S. - nu zice nimeni ca va creste in valoare insa te-ai obosit macar sa te uiti peste postarea lui M2G?
  9. Google wants to kill passwords. And the weapon it wants to use is called Project Abacus, which Google said will become available on Android devices by the end of 2016. The way Project Abacus works is that instead of relying on passwords or two-factor authentication to open your Android phone, your device will instead authenticate you based on how you used your device. According to Daniel Kaufman, head of Google’s Advanced Technology and Projects, the way Project Abacus works is it monitors how individuals use their phone from keystroke speed, pattern of speech, location, rhythm of your walk, facial features, the way you swipe open your phone and anything else your phone can sense that can be used to create what’s called a Trust Score to prove your identity. If a stranger steals your phone, the idea is, the phone’s sensors would identify unusual user behavior. Next, the dynamic Trust Score for your phone would suddenly plunge and the phone would log out of any open accounts on the phone or just remained locked. “We have these phones and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password?” Kaufman said at last week’s 2016 Google I/O conference. He said that over the past year Google has created a Trust API that will be rolled out in June to beta customers and if all goes well will be rolled out for all Android users before 2017. Of course the quid quo pro is that Google gets to snarf-up even more data about you. But Google has said the sensor data used to generate the Trust Score would be locally processed and not sent to the Google cloud to be added to your digital dossier it has of you. The project was originally introduced at last year’s Google I/O conference. At that time Regina Dugan, a Google senior executive, said the Trust API would be used for locking and unlocking your phone as well as opening apps. She claimed the system is tenfold more secure then fingerprint sensors and 100x safer than 4 digit PIN codes. The idea is not novel. Apple has its own password-killing tech with its TouchID and Microsoft has its Windows Hello biometric system introduced with the Windows 10 operating system. This is also not Google’s first time at the password rodeo either. Google officially launched Smart Lock at last year’s Google I/O conference. Smart Lock is a password manager for Android and Chrome users that saves credentials on one devices for later use on all other supported devices and services. According to Google, 70 percent of users forget their passwords once a month. Add that to another Google stat that estimates that on average it takes 2.4 attempts to guess a correct a password before we get it right. SOURCE
  10. Tot merge deblocat. Daca vorbesti cu cei de la O2 customer support. Te costa £15
  11. http://www.o2.co.uk/help/phones-sims-and-devices/unlocking-an-o2-mobile-to-use-on-a-different-network
  12. QuoVadis

    XXS

    OFF - E un proverb: prostul daca nu-i fudul.. nu-i prost destul.. (cine are urechi de auzit sa auda). ON - Iti recomand mai intai sa pui mana pe un abecedar. Apoi sa te uiti si sa cauti cu rabdare in aceasta parte a forumului: https://rstforums.com/forum/forum/41-tutoriale/. Apoi daca nu iti este lene, te poti uita si lua aminte la acest thread: https://rstforums.com/forum/topic/15799-cum-se-pun-%C3%AEntreb%C4%83ri-%C3%AEn-mod-inteligent/ si pe final sa revii cu intrebari inteligente, care demonstreaza ca ti-ai facut temele de acasa si nu astepti lucruri pe tava si sunt sigur ca ti se va raspunde pe masura. O fufa din America, acum ceva ani, a spus un lucru care iti poate da de gandit: "No one can make you feel inferior without your consent." Bafta!
  13. Daca tu te-ai fi aflat la celalalt capat al tranzactiei acum ai fi tipat pe aici ca din gura de sarpe ca ai fost tepuit si sa iti dam sfaturi cum sa nu ramai pagubit. Nu e vina cumparatorului ca nu primeste exact ce a comandat (dintr-un motiv sau altul) ci doar a ta. So.. ce ar fi daca ai sparge stereotipul roman de a da tepe si odata in viata iti asumi rensposabilitatea pentru faptele comise de tine? Faptul ca i-ai cheltuit deja e doar problema ta. Grow a fucking pair! Closed
  14. Incearca la terminalele Qiwi sa vezi daca accepta asa ceva insa nu sunt sigur, nu le-am folosit. Tine cont de urmatoarele: - Majoritatea operatorilor de telefonie iti vor limita platile prin sms din motive de securitate pentru ca e foarte usor sa trimiti sms de pe un telefon care nu iti apartine si apoi sa le umfle factura altora. De exemplu nu stiu daca vreun operator te va lasa sa efectuezi mai mult de 20eur / tranzactie si daca faci mai multe in mod repetat (de pe abonament) e posibil sa te limiteze. - Operatorul isi asuma un anumit risc pentru ca in caz de frauda, bitcoinul e de nerecuperat si daca e dat si prin mixer nici nu-i mai da de urma. - Comisioanele de procesare a platilor prin sms sunt uriase pentru ca operatorii de telefonie mobila sunt fomisti. Nu stiu cat de rentabil e sa faci astfel de tranzactii. Mai de mult vroiam sa introduc plati prin sms pentru o chestie si in Ro gasisem cel mai ieftin cu comision de 40%
  15. E mai rentabil atunci sa-ti iei un VPS si sa le tii toate acolo. Vezi Digital Ocean.
  16. Depinde de tara unde vrei hostingul, necesitati, optiuni pe termen lung, scalability, etc. Descrie putin contextul.
  17. Nu ar trebui sa ai probleme, stiu unele platforme LMS/CMS care necesita curl enabled ca sa ruleze si sunt puse in Softaculous si de obicei e dat allow. Cei care ofera free hosting cateodata ii dau disable din motive de securitate insa in rest nu vei intampina probleme. P.S. - hostgator in 2016? 'dafuq.. printre cei mai expirati/penibili provideri
  18. Vad ca nu suntem singurul forum pe unde cersesti si bagi scam.. Jet in crucea ma-tii de milog si pune mana pe un abecedar! Ban permanent.
  19. This ProtonMail? http://www.bbc.co.uk/news/technology-34744126 No, thank you!
  20. @redcoder e deajuns sa dai un report si il mutam la gunoi caci mizeria asta de topic de gunoi apartine. E tragi-comic ca vine un asemenea individ si posteaza astfel de lucruri (mai ales cu avatarul pe care il are) si daca nu ar fi fost la prima postare ar fi luat ban permanent. Insa.. se acorda benefit of the doubt. Omul invata cel mai bine din greseli. Cretini si naivi vor exista tot timpul si e plina lumea de ei. Insa nu toti sunt asa. Se merita sa faci ceva bun pentru acei putini care vor sa invete, care in timp isi baga mintile in cap. Daca o singura persoana ajunge sa invete ceva bun si mai apoi sa-si aleaga o cariera in domeniu, tot se merita lopetile de rahat ce trebuiesc vanturate sa ajungi acolo Spor!
  21. Microsoft is pleased to announce the launch of a vulnerability bounty program for the latest technical preview versions of the Nano Server installation option of Windows Server 2016. The program begins 29th April 2016, and ends on 29th July 2016. For the duration of the program, individuals across the globe have the opportunity to submit vulnerabilities found in the technical preview versions of Nano Server. Qualified submissions are eligible for payment from a minimum of $500 USD to $15,000 USD, and bounties will be paid out at Microsoft’s discretion based on the quality and complexity of the vulnerability. Microsoft may pay more than $15,000 USD, depending on the entry quality and complexity. Pentru mai multe detalii, termeni si conditii si eligibilitate: https://technet.microsoft.com/en-us/library/mt489845.aspx
  22. In surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few weeks, an analyst for ESET had noticed that the developers of TeslaCrypt have been slowly closing their doors, while their previous distributors have been switching over to distributing the CryptXXX ransomware. When the ESET researcher realized what was happening, he took a shot in the dark and used the support chat on the Tesla payment site to ask if they would release the master TeslaCrypt decryption key. To his surprise and pleasure, they agreed to do so and posted it on their now defunct payment site. Payment site showing Master Decryption Key Now that the decryption key has been made publicly available, this allowed TeslaCrypt expert BloodDolly to update TeslaDecoder to version 1.0 so that it can decrypt version 3.0 and version 4.0 of TeslaCrypt encrypted files. This means that anyone who has TeslasCrypt encrypted files with the .xxx, .ttt, .micro, .mp3, or encrypted files without an extension can now decrypt their files for free! How to use TeslaDecoder to decrypt Teslacrypt Encrypted Files With the release of the master decryption key for TeslaCrypt, victims can now download TeslaDecoder to decrypt files encrypted by TeslaCrypt. Simply use the download link below and save TeslaDecoder to your desktop. TeslaDecoder is downloaded as a zip file, so you need to extract it and then double-click on the TeslaDecoder.exe file. This will launch TeslaDecoder as shown below. TeslaDecoder Now click on the Set Key button and select the extension used for your encrypted files. Select Encrypted Extension If your encrypted files have the same name as the original files, select the option. Once you have selected your encrypted file extension, click on the Set Key button as shown in the image below. Press the Set Key Button You will now be at the main screen with the correct decryption key loaded into the decryptor as shown below. Decryption Key Set Now that the correct decryption key is loaded into the decryptor, you can either decrypt a certain folder or have it scan your entire drive. To decrypt only a specified folder, click on the Decrypt folder button. To decrypt the whole computer, click on the Decrypt all button. When you click on this button, TeslaDecoder will ask if you want to overwrite your files with the unencrypted version. To be safe, I always suggest that you do not do this in case something fails with the decryption. When TeslaDecoder is done decrypting your files, it will show a summary in the main window. TeslaDecoder Finisher All of your files should now be decrypted and if you did not choose to overwrite your files, there will be backups of the encrypted files with the .TeslaBackup extension added to them. A big thanks to ESET and especially BloodDolly who has monitored every version of TeslaCrypt that was released. He has done a tremendous amount for the fight against ransomware and for helping TeslaCrypt victims all over the world! SOURCE
      • 4
      • Upvote
  23. Ca tot veni vorba de lucrat cu Java http://www.reed.co.uk/jobs/java-developer/29655214 http://www.reed.co.uk/jobs/senior-java-developer-java-8-spring-4-hibernate-contract/29590803 etc. Se gasesc de genul si remote, part-time, flexibile. Doar sa stii sa cauti. Insa astea nu sunt pentru wannabes si timewasters ci pentru pui de James Gosling.
  24. Mai safe este sa nu umbli cu mizerii si sa iti vezi de treaba Vorbind strict tehnic, sunt vulnerabilitati de o parte si de alta. Daca vrei sa adaugi mai multe layere de protectie (fie ca e din paranoia sau motive intemeiate), poti incerca Tails - Tor - Telegram web client sau Tails - anon Win VPS (cumparat cu btc dat prin mixer) - Telegram ori alte variante de genul.
  25. MTProto (Telegram) nu-i tot una cu XMPP (Jabber).
×
×
  • Create New...