Readit News logoReadit News
Posted by u/yq a year ago
Save 100% on Half-Life 2 on Steamstore.steampowered.com/ap...
yq commented on SEC Discloses Edgar Corporate Filing System Was Hacked in 2016   wsj.com/articles/sec-disc... · Posted by u/k2enemy
yq · 8 years ago
paywall workaround:

https://www.facebook.com/l.php?u=https://www.wsj.com/article...

Posted by u/yq 8 years ago
Steam Inventory Helper Now Requesting EVERY SINGLE HTTP Requestreddit.com/r/GlobalOffens...
Posted by u/yq 8 years ago
Android Oreo Rollback Protection won't allow you downgrade OSandroidpolice.com/2017/09...
yq commented on Amazon major accounts breach    · Posted by u/yq
graystevens · 8 years ago
Rather than a direct breach of Amazon, I suspect this has been a successfully credential stuffing attack.

Credential stuffing/washing is taking a dump from a previous breach, such as those listed on 'haveibeenpwned.com', and trying them against a whole host of websites. This often works wonders as people re-use the same password elsewhere.

This is different to what people refer to as 'brute forcing' an account, where they would target one specific account and try multiple passwords. This is easy to pick up and block. However credential stuffing on an individual user level is less obvious. You could look at login attempts per IP, but they often utilise open proxies or Tor to help being detected.

Was your password unique to your Amazon account? And by unique I mean no re-used terms and tweaking just the numbers at the end etc. e.g. hunter2, hunter2017

yq · 8 years ago
There are more post on social media about the breach now. There was no interaction with Amazon.com at all, I tried to login Amazon.com minutes after receiving these two emails. The result shows the account does not exist on Amazon.com anymore. Again, didn't click any link, it just happened.

>This often works wonders as people re-use the same password elsewhere. Was your password unique to your Amazon account?

I really doubt it. The way password managed and password used on this Amazon account is HackerNews approved.

Posted by u/yq 8 years ago
Amazon major accounts breach
Posted by u/yq 8 years ago
DJI Spark owners must update firmware by First September 2017suasnews.com/2017/08/dji-...
yq commented on Firefox tracks users with Google Analytics in the add-on settings   github.com/mozilla/addons... · Posted by u/kuschku
yq · 8 years ago

  As I mentioned in #1107: we will not be 
  removing analytics support entirely. It 
  is extremely useful to us and we have 
  already weighed the cost/benefit of 
  using tracking.
“The Party seeks power entirely for its own sake. We are not interested in the good of others; we are interested solely in power, pure power.”

Mozilla Developer also mentioned:

  Actually, @muffinresearch pointed out we could probably just observe Do Not Track here, 
  because this pane is actually a web page loaded in an iFrame inside the browser page. 
  That might be faster to ship. Just thinking aloud :smile:

  I'm definitely for giving users the option to disable this.
“Power is in tearing human minds to pieces and putting them together again in new shapes of your own choosing.”

- 1984, George Orwell.

yq commented on Malicious Subtitles Threaten Kodi, VLC and Popcorn Time Users   blog.checkpoint.com/2017/... · Posted by u/seycombi
yq · 9 years ago
here is how it looks in real time:

https://www.youtube.com/watch?v=vYT_EGty_6A

Posted by u/yq 9 years ago
Copyright Troll Attorney John Steele Disbarred by Illinois Supreme Courttorrentfreak.com/copyrigh...
y

u/yq

KarmaCake day212December 14, 2014
About
Founder & Hacker
View Original