Readit News logoReadit News

Deleted Comment

oil25 commented on Hidden Cam Above Bluetooth Pump Skimmer   krebsonsecurity.com/2019/... · Posted by u/fortran77
reaperducer · 6 years ago
This was found in Las Vegas. It's worth noting that the head of Las Vegas Metro (the regional police force) was on TV last year telling people that card skimming is so rampant in Nevada that nobody should use a card at any gas station — they should always use cash.
oil25 · 6 years ago
That's the best solution - improved privacy and sometimes even reduced gas prices when using cash.
oil25 commented on She Texted About Dinner While Driving. Then a Pedestrian Was Dead   nytimes.com/2019/11/22/ny... · Posted by u/tysone
ne0flex · 6 years ago
>New York, in 2001, became the first state to outlaw driver cellphone use.

I live in Manhattan and walk to work. The amount of drivers I see using their cellphones while driving on during my daily commute is ridiculous. Sometimes the drivers are in plain sight of officers whom are standing on the crossing an at intersection. It's ridiculous.

Sometimes I feel like some sort of program should be introduced where if a pedestrian can obtain evidence of a driver on the phone or something, it can be submitted and the driver receives a fine while the person that submitted the evidence gets rewarded.

oil25 · 6 years ago
What's the penalty? It ought to be equivalent to a DUI, given the impairment is similar if not worse from phone distraction at the wheel.
oil25 commented on Fastmail – 20 Years Old   fastmail.blog/2019/11/21/... · Posted by u/vinw
brongondwana · 6 years ago
You can use IMAP to access Fastmail without running Javascript (or I guess your own JMAP client if you wanted to write one - there isn't one that doesn't use Javascript yet) - but no, you can't use our interface without running Javascript - the client is written entirely in Javascript.
oil25 · 6 years ago
That's too bad, looks like I'll have to stick with GSuite Gmail to have browser-based, non-Javascript access to my email.
oil25 commented on Fastmail – 20 Years Old   fastmail.blog/2019/11/21/... · Posted by u/vinw
oil25 · 6 years ago
Sincere question - why is JavaScript required to sign up for Fastmail? Is it for browser fingerprinting? If so, what data is collected, how is it used and how long is it retained? No specific mention of it in the privacy policy. If I sign up in a virtual machine, can I later use Fastmail without running scripts?
oil25 commented on Ask HN: What do you use to backup your personal files in 2019?    · Posted by u/BadassFractal
ColinWright · 6 years ago
I use four external multi-TB drives, swap them around every couple of days, and run rsync to copy existing files into a directory with name of the current date and time, with hard links to the previous backup. This gives a live current copy of the existing files, but reduces storage requirements by not duplicating files every time I backup.

Those drives get carried around haphazardly, are often in different physical locations, and usually only differ in content by at most a week of data.

But I'm odd, happy to write my own scripts, and don't want to trust cloud-based solutions for my personal data.

By the way, I regularly pull randomly selected files from the backups to test that they exist and are readable. Backups aren't backups unless you can restore from them, a lesson I learned the hard way three decades ago.

Also:

* What has changed since you asked this 6 years ago[0]?

* What have you already tried?

* What are you using now?

* What is your experience?

* Why don't the solutions offered there work for you?

* Will you share your experience with us?

[0]https://news.ycombinator.com/item?id=6708474

oil25 · 6 years ago
Curious how you are managing disk encryption for all those devices, if you are at all.
oil25 commented on OpenBSD: Why and How (2016)   sivers.org/openbsd... · Posted by u/kick
Datenstrom · 6 years ago
I have been running OpenBSD and PF on a PC Engines APU[1] for my gateway router/firewall at home for about 5 years now and the thing is rock solid. I just love the minimalism and simplicity which is likely the source of the incredible stability of the platform. Besides updates or modifying PF rules I have never had to touch the box.

[1] https://pcengines.ch/apu2.htm

oil25 · 6 years ago
Same here, but I have found wireless performance to be subpar. Ended up double-NAT'ing a second APU with Debian to use 802.11. Still plenty happy with OpenBSD though.
oil25 commented on Show HN: GPG on macOS and YubiKey   github.com/DataDog/yubike... · Posted by u/trishankdatadog
oil25 · 6 years ago
> For usability while balancing security, cache PIN for at most a day.

https://github.com/DataDog/yubikey/blob/master/gpg.sh#147

This statement has no effect when using Yubikey - the PIN is cached by the key itself and it will remain unlocked indefinitely until it's physically unplugged. See https://dev.gnupg.org/T3362

oil25 commented on Privacy: Is That iPhone?   foundation.mozilla.org/en... · Posted by u/vladivstok
oil25 · 6 years ago
Anyone disillusioned by the thought that Apple values privacy would be well served by reading iOS, The Future Of macOS, Freedom, Security And Privacy In An Increasingly Hostile Global Environment - https://gist.github.com/iosecure/357e724811fe04167332ef54e73...

There is so much more to privacy than is made apparent to the user as a few OS knobs to "limit" ad tracking.

oil25 commented on Bypassing Authentication on SSH Bastion Hosts   nccgroup.trust/us/about-u... · Posted by u/aberoham
pmoriarty · 6 years ago
If I curl the article's URL, all I get is:

  <html>
  <head>
  <META NAME="robots" CONTENT="noindex,nofollow">
  <script src="/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3">
  </script>
  <body>
  </body></html>
And then if I curl:

https://www.nccgroup.trust/_Incapsula_Resource?SWJIYLWA=5074...

Then I get an obfuscated Javascript blob:

http://dpaste.com/2H519EP

I can't understand how this page could work on any browser that doesn't enable Javascript.

The only possible explanation I can think of is that it must be sending different content based on user agent, or something, though messing around with sending different user agents via "wget -U" gets me more or less the same thing.

oil25 · 6 years ago
I tried again and now get the Incapsula crap - maybe related to IP address (which changes often on Tor)?

Edit: the page loads for the first time after assigning a new IP in Tor, but subsequent loads throw the captcha. Odd system.

o

u/oil25

KarmaCake day507November 23, 2018View Original