Miscellaneous Tech News
-
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
McAfee thinks his wallet product is unhackable. If there is one thing thing guy knows nothing about, it's security.
Nobody was able to get the coins... which was the whole point.
No one knows that that is the case. No one GOT the coins, so he claims. His claim that no one took coins is in no way suggestive that no one COULD have taken them.
I've left cash by the register at the gas station and had the person chase my down the road to give it back to me. According to John McAfee, that guy could not have kept the money, because he didn't.
That's not how "could have" works.
Nobody took the coins.
How could you possibly know that no one has taken the coins? How are you auditing that? All we know is that one guy that we know is lying for self benefit about this specific thing claims no one has. That's not much to go on, it's roughly nothing to go on. That he even needs to claim it suggests to some degree, that he's covering.
-
They why post an article that has absolutely zero credit in every aspect? One that is just completely unknown? Troll post?
-
@obsolesce said in Miscellaneous Tech News:
All we have to go by is that the coins were not touched. Going by that, it's leaning towards it wasn't possible to take them. That's what we DO know. I haven't seen anything showing it was possible to take the coins.
I sure dont' know that.
What I know is that we have one guy lying and other people that produced some evidence that they could have stolen money and just chose to be good guys. They, at least, supposedly have produced some documentation.
Things we know for sure...
- The only person making claims about nothing be taken is a known liar and lunatic.
- That that same person has a financial interest in making the product seem more secure than it is.
- That having taken or not taken coins would tell us nothing.
- That the contest was set up in such a way that the people who would report, won't likely do it.
- That anyone who could take the money has more to gain by not reporting that they did it than in claiming that they did.
-
@obsolesce said in Miscellaneous Tech News:
They why post an article that has absolutely zero credit in every aspect? One that is just completely unknown? Troll post?
There is a lot of credit in it, you are just reading it backwards. You are looking for the credit to be with McAfee, but he isn't the kind of guy to get credit. The point is that the journalist uncovered him trying to scam people.
-
@scottalanmiller said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
They why post an article that has absolutely zero credit in every aspect? One that is just completely unknown? Troll post?
There is a lot of credit in it, you are just reading it backwards. You are looking for the credit to be with McAfee, but he isn't the kind of guy to get credit. The point is that the journalist uncovered him trying to scam people.
I thought the point was to hack in and take the coins. Not provide a theory that it's possible.
I still don't see anything solid on either side. The coins are still there, so we're told, and we have nothing solid showing PoC, except someone saying there may be evidence someone could have. -
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
They why post an article that has absolutely zero credit in every aspect? One that is just completely unknown? Troll post?
There is a lot of credit in it, you are just reading it backwards. You are looking for the credit to be with McAfee, but he isn't the kind of guy to get credit. The point is that the journalist uncovered him trying to scam people.
I thought the point was to hack in and take the coins.
That's what John's trying to sell, yes. But that's smoke and mirrors. He can't define what the point of proving a vulnerability is. The point of security research is protection, not to take money. He made some contest so that he could make crazy claims and have some seemingly plausible excuse for the crazy things that he says. That he made up some potentially fake contest and uses it to discredit normal vulnerability reports in no way negates those reports.
Imagine if every vulnerability report from Microsoft or Linux that was found was discredited because they made up some requirement of their own for it to be real. "It's not a REAL hack if you don't put poetry on my outgoing emails and send it to my mom." As the person being hacked, making up a requirement doesn't change that you were hacked. That is what Mcafee is trying to do, make normal vulnerability reports be discredited under false pretenses.
-
@obsolesce said in Miscellaneous Tech News:
The coins are still there, so we're told...
Right. And? That there are coins there or not is totally irrelevant. No one is trying to claim John's prize. They are vulnerability researchers releasing vulnerability reports. They are white hats, not black hats. John's trying to claim that since they didn't act as black hats, there is no vulnerability. His "you have to TAKE the coins, not just break in" claim is attempting to make it that true white hats can't report him as vulnerable. And obviously, true black hats, won't.
No amount of the coins being there or not is meaningful. The things he's trying to discredit have nothing to do with the coins.
-
Think of it like a house.
I make a house. I claim that it is impossible to break into. Some security researchers come into my house and show that it's vulnerable. I then claim that clearly they can't have broken into my house because if they had, they would have murdered me in my sleep. Since I'm alive, they didn't demonstrate that my house is vulnerable.
Not solid logic. Not even loose logic. Just, insanity.
-
In case it wasn't obvious, don't use random things not meant to be secure as identifiers.
-
@scottalanmiller said in Miscellaneous Tech News:
McAfee thinks his wallet product is unhackable. If there is one thing thing guy knows nothing about, it's security.
Am I the only one seeing another LifeAlert CEO parallel here?
-
@travisdh1 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
McAfee thinks his wallet product is unhackable. If there is one thing thing guy knows nothing about, it's security.
Am I the only one seeing another LifeAlert CEO parallel here?
I had thought of exactly that.
-
LifeLock.
-
-
-
Bitfi turns to threats to try to silence demonstrations of the devices being hacked.
https://securityaffairs.co/wordpress/75821/hacking/bitfi-wallet-hacked.html
Pretty serious when they are talking about a company fronted by a man in the news constantly, suspected of murder, drug trafficking, and illegal arms possession. Things never seem to stick, but his constant run from the authorities and continuous run ins with the law suggest something pretty nefarious. When Bitfi threatens people, they mean it to be scary.
-
This article really shows why I don't like Intel and how Intel treats their customers, and highlights why closed source vendors, like Intel, are extremely dangerous - because they can force people who know about vulnerabilities to not talk about them, or worse, intentionally block fixes! Intel chips weren't just vulnerable, they were vulnerable intentionally.
https://www.fudzilla.com/news/47098-intel-blocked-kernel-fixes-on-meltdown-and-spectre
-
-
Canonical has no problem holding back features but has no hesitation about giving there software center a facelift.
-
@black3dynamite said in Miscellaneous Tech News:
Canonical has no problem holding back features but has no hesitation about giving there software center a facelift.
Yeah, they also have a LivePatch thing going on too...
-
@dbeato said in Miscellaneous Tech News:
@black3dynamite said in Miscellaneous Tech News:
Canonical has no problem holding back features but has no hesitation about giving there software center a facelift.
Yeah, they also have a LivePatch thing going on too...
Have you used the LivePatch? Isn't it only useful when it comes updating the kernel and not needing to reboot?
