Recent Posts

Pages: [1] 2 3 4 ... 10
1
Copied from previous Open Bar, didn't see this shiny new one:

I've been reading stories of complex social engineering schemes that pentesters and criminals have used to compromise entire corporate networks, and I've just been thinking about how no complexity or effort would even be required to compromise my company's entire network (And all the networks and companies we support). Literally no one would question a single person walking right into our building, and walking up to any computer left open and alone, and breaking into it using publicly available, no-hardware-required Windows 7 boot-time exploits, and installing whatever list of malware they desired.

It's disturbing, actually. Considering we support several of the largest Fortune 500 companies, you'd think we'd spend a little more effort on security.

Oh yeah, I forgot, we have these nice, security badges. Good thing no one can get one at the security desk just by asking for one and providing information that is publicly available. Nope, not at all...

My Google Fu is failing me, but I recall a story about a hacking challenge, where the IT security guy was boasting how strong their firewalls, etc were, and dared a certain hacker to try and get access to a particular server.  So, the hacker dressed up as maintenance, walked through the front door unquestioned, went to the server field, unplugged it, and walked out with it under his arm.

Like I said, I can't attest to its veracity because I can't find the link, but it sounds true.
2
Literate Chaotic / Re: ITT: Original Story Ideas
« Last post by Prelate Diogenes Shandor on Today at 08:58:22 am »
Some ideas:

*Comedy skit: A televangelist openly calls upon the power of mammon

*Character: A heart failure patient in ancient Greece is kept alive by a retro-futuristic life support device consisting of four copper tubes, two archimedes screws and a rotating team of slaves to turn the cranks (2 apparatuses, one goes tube from vena cava -> screwpump -> tube to pulmonary arteries, the other goes tube from pulmonary arteries -> screw pump -> aorta)

*Comedy skit: The Count from Sesame Street ruins Halloween by accusing everyone of cultural appropriation
3
Bring and Brag / Phoenish
« Last post by Bobby Campbell on Today at 05:51:00 am »
4
Someone broke a thing that affects many other things, but no one knows where first thing is.  I'm having an awesome day.

This has been my entire professional life.   :lulz:

They found the thing!  Also, they should have not let people that actually have a map of what things go together leave. Or at least leave angry, which I imagine they did because they took a whole bunch of knowledge with them.

We have people on my side going, some shit is broken. We have people on the other side that can say they can only fix shit if they know what particular shit it is.  Everyone gets their elbows into unknown shit before finding that one needed turd.  We're just lucky it was actually something that could be traced.
5
So my boss just assigned the engineer to my department. If you've ever been in the maintenance field, this is supposed to be a true Darth Vader moment. Or Jeremy Irons. Cue hideous laughter.

But the guy is fucking adorable. He is in over his head, technically, and has this bunny in the headlights look (he's been in the field for 25 years), and I just can't hold up the side with some institutional revenge.

First step: Cure him of that whole tie thing, because a) this is Tucson and we don't do ties, and b) he is now a PLANT ENGINEER (even if it's a test bed plant) and they get dirty. At least when they work with my crew.

Second step, tell him that I see his internet use, and I know he's frantically looking for another job (he is more of a draftsman, and he's scared shitless of this job, even though it's within his capabilities), and he just got here, FFS. He is staying.

We're gonna do great things. We're gonna do IMPROPER SCIENCE. He just doesn't know it yet.
6
Someone broke a thing that affects many other things, but no one knows where first thing is.  I'm having an awesome day.

This has been my entire professional life.   :lulz:
7
Someone broke a thing that affects many other things, but no one knows where first thing is.  I'm having an awesome day.
8
Aneristic Illusions / Re: OFFICIAL POLITICAL CARTOONS/PIC FREAD.
« Last post by Brother Mythos on Today at 01:02:11 am »
9
Generally speaking companies don't implement even the most basic security until somebody rubs their nose in it publicly.
10
Copied from previous Open Bar, didn't see this shiny new one:

I've been reading stories of complex social engineering schemes that pentesters and criminals have used to compromise entire corporate networks, and I've just been thinking about how no complexity or effort would even be required to compromise my company's entire network (And all the networks and companies we support). Literally no one would question a single person walking right into our building, and walking up to any computer left open and alone, and breaking into it using publicly available, no-hardware-required Windows 7 boot-time exploits, and installing whatever list of malware they desired.

It's disturbing, actually. Considering we support several of the largest Fortune 500 companies, you'd think we'd spend a little more effort on security.

Oh yeah, I forgot, we have these nice, security badges. Good thing no one can get one at the security desk just by asking for one and providing information that is publicly available. Nope, not at all...
Pages: [1] 2 3 4 ... 10