WingNews logo WingNews GitHub [2]

g45y45's comments

g45y45 | 7 years ago | on: How Big Tech Built the Iron Cage

and what i see is a billion serf's getting exploited by a small minority of tech feudal lords. There is no alternative, except opting out of the game entirely. That is the point I wish to make here. There is no making a safe social media. Facebook is irredeemable. Social media is destructive to society by design.

g45y45 | 7 years ago | on: How Big Tech Built the Iron Cage

I agree -- we are doomed. I have no cause. I stopped believing in democracy a long time ago. I have zero interest in helping others to understand my perspective, best we can hope for is to slow down the tech parasites from harvesting their digital souls.

g45y45 | 7 years ago | on: How Big Tech Built the Iron Cage

Of course I am in the minority. The majority of people on this planet have neither the education, interest or intelligence to understand the cage that is being constructed around them. Are you in the blissful, ignorant majority that cannot see what is actually going on here?

g45y45 | 7 years ago | on: Exercise as a treatment for depression: a meta-analysis (2016)

climbing walls or being stuck in the wilderness with a bike don't sound like fun at all. pointless. I don't think your suggestion is helpful for people that have depression. The metal working suggestion from parent is far more helpful, as you are actually making something.

g45y45 | 7 years ago | on: Microsoft says encryption laws make companies wary of storing data in Australia

Any australian working in the US that is able to obtain PR or citizenship likely has a well paid job that provides health insurance. While I feel for the folks in the US without coverage, lack of access to affordable health care does not really apply to employed, skilled immigrants. In my experience US health care is the best on the planet, its also the most expensive.

From my perspective, US health care is way above the quality of healthcare in Australia. Price, not so much...

g45y45 | 7 years ago | on: Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years

Its pretty easy, you configure your logging library NOT to log the attribute, key/value pair, whatever containing the credential. If you can't modify it on the server side (which you can lazy bones), you tell your central logging system to mask it out before it is written to disk.

This isn't difficult or non-standard. If you are logging all client request/responses full take including auth creds, credit cards, SSN, etc, you are likely doing it wrong, and possibly violating some industry regulations.

g45y45 | 7 years ago | on: How to take back control of /etc/resolv.conf on Linux (2018)

You really want to do this if you use Spectrum Cable. You are locked out of configuring the DNS settings via their cable modems (even if you supply your own). These force a DNS search suffix that leaks all DNS requests to their server, even if you are using another public DNS. I noticed network manager kept forcing the DNS search suffix, even after I manually disabled it. I did the config change to disable it messing with the resolv.conf

g45y45 | 7 years ago | on: Is porn making young men impotent?

Downvoted. If you live in the UK, you will need to buy a 'perverts card' in order to prove your age. This will of course lead building of biggest Blackmail database outside of the Intelligence Community. Nothing could possibly go wrong.

g45y45 | 7 years ago | on: Is porn making young men impotent?

Nope, and this is part of the building case against Porn in the UK. Please ignore the lies coming from the UK, this will only ramp up as the Porn Ban is rolled out - that is correct, porn will be blocked by default in the UK.

g45y45 | 7 years ago | on: Experts cracked laptop of crypto CEO who died with $137M, but the money was gone

1. correct; 2. correct; 3. Kinda but Not quite the only way -- you can convert the values in the coins into another chain, ideally something like monero in which 1. applies, but 2. does not. (Monero uses a different transaction format called RingCT, it hides the true inputs/outputs among decoys and signs the set with a ring sig. It also hides the true amount transacted via Confidential Transaction encoding using a commitment and a range proof). Its much easier to tumble the value when the source/destination and magnitude is obscured.

How feasible to do this with $130 million? Yesterdays trade volume for monero was 75 million (thus actual on chain tx's are much less). So it would take a while to do this without drawing attention. I don't have a lot of faith in pure bitcoin tumblers. Possibly scams or fraud. Im yet to see one that works as expected.

g45y45 | 7 years ago | on: Experts cracked laptop of crypto CEO who died with $137M, but the money was gone

Yeah, I will 'change' my position on this. Satoshis in a single UTXO that are split are fungible - in your scenario you cannot identify the specific sat: either a1->a3, or a1->a4. This is kind of like 'forward fungibility'. You can however trace the value in satoshi's back from A4 to their coinbase at birth. At best, we introduce a UTXO taint percentage from previous inputs. Its this taint from other, external inputs that break backwards fungibility (due to taint).

g45y45 | 7 years ago | on: Notepad++ drops code signing for its releases

Kinda. You can use mimikatz to override the checks that the private key is isolated, you can even override 'no export' flag. Timestamping relies on external trusted timestamp providers implementing RFC 3161. There are many out there, maybe you could get a false timestamp out of them. I agree could be stronger than PGP, however it suffers a design flaw in that it considers the geometry of the PE file. PGP signs the whole blob. CVE-2017-0215 is an example of bypass by copying a previously signed header. It is more fragile and has been bypassed historically.
page 1
more