Awesome stuff you see on the internet

Nepia

<blockquote class="ipsBlockquote" data-author="red terror" data-cid="448860" data-time="1409627973">
<div>
<p>Type "actress name" + "nude" into the google images. Shitloads of these images and expanding by the hour.</p>
</div>
</blockquote>
<p>I just tried that and all it came up with was fakes. WTF, I can't work the internet!!!! :)</p>

Virgil

<blockquote class="ipsBlockquote" data-author="Nepia" data-cid="448896" data-time="1409635284">
<div>
<p>I just tried that and all it came up with was fakes. WTF, I can't work the internet!!!! :)</p>
</div>
</blockquote>
<p>I sent..er i mean someone else sent you a couple links didnt they..er I?</p>

taniwharugby

<blockquote class="ipsBlockquote" data-author="Virgil" data-cid="448890" data-time="1409634102"><p>
I call Bullshit on that!<br>
I know for a fact some dodgy bastard sent you a big link...</p></blockquote>
And I told the seedy fluffybunny was on my phone and the link wasn't working, then they got removed didnt they so never used it at home...so you know the dirty fluffybunny and he told you the link still works?

jegga

<p>

</p>

NTA

<p>Just remember to use Incognito mode so the wife doesn't go through your search history later!</p>
<p> </p>
<p>Back OT - the stupidity of people never ceases to amaze. This was from a fire drill briefing at work:</p>
<p> </p>
<p>[media]

</p>

NTA

<blockquote class="ipsBlockquote" data-author="jegga" data-cid="448906" data-time="1409637266">
<div>
<p>

</p>
</div>
</blockquote>
<p> </p>
<p>Just more reasons to stay the fuck out of the ocean.</p>

jegga

<blockquote class="ipsBlockquote" data-author="NTA" data-cid="448910" data-time="1409637522">
<div>
<p>Just more reasons to stay the fuck out of the ocean.</p>
</div>
</blockquote>
<p> </p>
<p>You are such a landblubber.</p>
<p> </p>
<p>Regarding that link you posted, I'd quite to slap in no particular order.</p>
<p>The stupid cow running the shop, points the extinguisher at her face</p>
<p>The clown that walks in sees the fire and casually mentions it after a few minutes</p>
<p>The dullard who brings in her kids and crowds the only exit</p>
<p>The little scrotes who lit the fire.</p>

NTA

<blockquote class='ipsBlockquote' data-author="jegga" data-cid="448912" data-time="1409638963"><p>You are such a landblubber.<br />
<br /></p></blockquote>
<br />
They're having a shark cull off the coast of WA right now, because sharks attack and kill people.<br />
<br />
If people start walking into my house I'm not going to be happy. <br />
<br />
Moral: leave the sharks alone, they'll leave you alone. Going to the beach is not a right

Tim

<a data-ipb='nomediaparse' href='https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/'>https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/</a><br><br>
5. In reviewing months worth of forum posts, image board posts, private emails, replies for requests for services, etc. nowhere was the FindMyPhone API brute force technique (revealed publicly and exploited in iBrute) mentioned. This doesnâ€t mean that it wasnâ€t used privately by the hackers – but judging by the skill levels involved, the mentions and tutorials around other techniques and some of the bragged about success rates with social engineering, recovery, resets, rats and phishing – it appears that such techniques were not necessary or never discovered.<br><br>
6. iCloud is the most popular target because Picture Roll backups are enabled by default and iPhone is a popular platform. Windows Phone backups are available on all devices but are disabled by default (it is frequently enabled, although I couldnâ€t find a statistic) while Android backup is provided by third party applications (some of which are targets).<br><br>
7. Apple accounts seem particularly vulnerable because of the recovery process, password requirements and ability to detect if an email address has an associated iCloud account. The recovery process is broken up into steps and will fail at each point. While Apple do not reveal if an email address is a valid iCloud address as part of the recover process, they do reveal if it is valid or not if you attempt to sign up a new account using the same email – so verification (or brute force attempts) are simple. The second step is verifying the date of birth and it will pass or fail based on that data alone so can be guessed, while the last step are the two security questions. It would be a good idea for Apple to kill the interface on signup that shows new users if their email account is available to use as an iCloud account or not. It would also be a good idea to make the recovery process one big step where all data is validated at once and the user is not given a specific error message. It would also be wise to attach rate limits and strict lockout on this process on a per-account basis.<br><br>
Being able to POST an email address to <a data-ipb='nomediaparse' href='https://appleid.apple.com/account/validation/appleid'>https://appleid.apple.com/account/validation/appleid</a> and getting back a response indicating if it is a valid account or not, with little to no rate limiting, is a bug.<br><br>
7. a) edit To reiterate what the main bugs are that are being exploited here, roughly in order of popularity / effectiveness:<br><br>
Password reset (secret questions / answers)<br>
Phishing email<br>
Password recovery (email account hacked)<br>
Social engineering / RAT install / authentication keys<br>
8. Authentication tokens can be stolen by a trojan (or social engineered) from a computer with iTunes installed easily. Elcomsoft provide a tool called atex which does this. On OS X the token is installed in the keychain. The authentication token is as good as a password.<br><br>
9. Two-factor authentication for iCloud is useless in preventing passwords or authentication tokens being used to extract online backups. 2fa is used to protect account details and updates.

Baxymoron

<blockquote class="ipsBlockquote" data-author="Virgil" data-cid="448877" data-time="1409629808">
<div>
<p>Yup the pussies, I remember 'back in the day' when you liked a girl you had no choice but to ring her. I'm talking about as shit scared 16 year old you only had 1 phone in the house, normally in the kitchen or lounge so the rest if your annoying family could listen in to you making a fucking fool out of yourself<br>
Now punks can lie in bed gripping themselves while chatting away via some shit app.<br><br>
fluffybunnys</p>
</div>
</blockquote>
<p> </p>
<p>And then her Dad, who just finished a 14 hour shift at the salt mines, answers and threatens to remove some of your beloved body parts if you even think about sullying his daughter's innocence.</p>
<p> </p>
<p>Best case scenario, he just asks if you are the dead man walking who keeps calling and then hanging up when he answers the phone.</p>
<p> </p>
<p>"Well I got news for you Mr Jacobs: your daughter is a whore of biblical proprotions - that's why I am calling. Now put her on." - what every teenage boy wishes he had the stones to say.</p>

Kirwan

<blockquote class="ipsBlockquote" data-author="Tim" data-cid="449005" data-time="1409701798">
<div>
<p><a data-ipb='nomediaparse' href='https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/'>https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/</a><br><br>
5. In reviewing months worth of forum posts, image board posts, private emails, replies for requests for services, etc. nowhere was the FindMyPhone API brute force technique (revealed publicly and exploited in iBrute) mentioned. This doesnâ€t mean that it wasnâ€t used privately by the hackers – but judging by the skill levels involved, the mentions and tutorials around other techniques and some of the bragged about success rates with social engineering, recovery, resets, rats and phishing – it appears that such techniques were not necessary or never discovered.<br><br>
6. iCloud is the most popular target because Picture Roll backups are enabled by default and iPhone is a popular platform. Windows Phone backups are available on all devices but are disabled by default (it is frequently enabled, although I couldnâ€t find a statistic) while Android backup is provided by third party applications (some of which are targets).<br><br>
7. Apple accounts seem particularly vulnerable because of the recovery process, password requirements and ability to detect if an email address has an associated iCloud account. The recovery process is broken up into steps and will fail at each point. While Apple do not reveal if an email address is a valid iCloud address as part of the recover process, they do reveal if it is valid or not if you attempt to sign up a new account using the same email – so verification (or brute force attempts) are simple. The second step is verifying the date of birth and it will pass or fail based on that data alone so can be guessed, while the last step are the two security questions. It would be a good idea for Apple to kill the interface on signup that shows new users if their email account is available to use as an iCloud account or not. It would also be a good idea to make the recovery process one big step where all data is validated at once and the user is not given a specific error message. It would also be wise to attach rate limits and strict lockout on this process on a per-account basis.<br><br>
Being able to POST an email address to <a data-ipb='nomediaparse' href='https://appleid.apple.com/account/validation/appleid'>https://appleid.apple.com/account/validation/appleid</a> and getting back a response indicating if it is a valid account or not, with little to no rate limiting, is a bug.<br><br>
7. a) edit To reiterate what the main bugs are that are being exploited here, roughly in order of popularity / effectiveness:<br><br>
Password reset (secret questions / answers)<br>
Phishing email<br>
Password recovery (email account hacked)<br>
Social engineering / RAT install / authentication keys<br>
8. Authentication tokens can be stolen by a trojan (or social engineered) from a computer with iTunes installed easily. Elcomsoft provide a tool called atex which does this. On OS X the token is installed in the keychain. The authentication token is as good as a password.<br><br>
9. Two-factor authentication for iCloud is useless in preventing passwords or authentication tokens being used to extract online backups. 2fa is used to protect account details and updates.</p>
</div>
</blockquote>
<p> </p>
<p>Yeah, it's been interesting reading. At least they have fixed the rate limiting part (inexplicable why it's not always been that way). I think they will have to consider making the photo stream backup opt in like with Microsoft, Facebook and Google, it seems many users aren't even aware that backup is occurring with their photos.</p>
<p> </p>
<p>Been a helluva an ad for two factor authentication, and understanding backups (you can also choose to not include the camera roll in your iCloud backup)</p>

Crucial

<p>Their are two setting for photo backups to iCloud. One is if you have 'My Photo Stream' turned on - this automatically sends all new photos to the cloud when connected to Wifi. Even if you have that turned off, their is still the iCloud backup service which will update your cloud backup with all docs, photos, settings etc when plugged in, locked and connected to wifi (ie when charging it at the end of the day).</p>
<p> </p>
<p>People that are complaining should actually take the time to learn how their device works. It's not hidden and is very easy to understand and change.</p>
<p> </p>
<p>I would prefer to not have to turn things off rather than turn things on, but then I also understand why it's done that way so the the same dumb people that don't read instructions get the benefits they have paid for (backups, syncing between all devices on one account) automatically.</p>

jegga

<blockquote class="ipsBlockquote" data-author="Virgil" data-cid="449031" data-time="1409717390">
<div>
<p>If someone stupidly hacker my iCloud all they will find waiting for them are pics of food (the mrs) and probably hundreds of blank or blurred and unrecognisable pictures due to our 2 & 4 year olds playing with the phones and taking pics of nothing in particular.<br>
In fact my phone is no longer linked to iCloud for that reason!</p>
</div>
</blockquote>
<p> </p>
<p>Mines similarly boring photos of kingfish and snapper and foundation details for the engineer. No photos of naked chicks let alone videos, Mrs Jegga got very cross when I suggested she could use a body double for a sex tape if that would make it easier for her. Women, I'll never understand them.</p>

Virgil

<p>3 days of 'research' later and i think im going blind.</p>
<p> </p>
<p>But wait there are more!..</p>
<p> </p>
<p><a data-ipb='nomediaparse' href='http://www.nzherald.co.nz/entertainment/news/article.cfm?c_id=1501119&objectid=11318309'>http://www.nzherald.co.nz/entertainment/news/article.cfm?c_id=1501119&objectid=11318309</a></p>

taniwharugby

<p>Even when I was drunk I didnt think I was this good! </p>
<p> </p>
<p>Sad thing is the amount of people that walk past with barely a second glance! </p>
<p> </p>
<p>

</p>

NTA

<p>That's the song that plays on Far Cry 3 when you use a Flamethrower to burn a stack of Marijuana crops. And slowly get stoned...</p>
<p> </p>
<p>That pigeon certainly decided to fuck off when it couldn't decide what the hell was going on. How does he not break joints?</p>
<p> </p>
<blockquote class="ipsBlockquote" data-author="Crucial" data-cid="449027" data-time="1409716107">
<div>
<p>People that are complaining should actually take the time to learn how their device works. It's not hidden and is very easy to understand and change.</p>
<p> </p>
<p>I would prefer to not have to turn things off rather than turn things on, but then I also understand why it's done that way so the the same dumb people that don't read instructions get the benefits they have paid for (backups, syncing between all devices on one account) automatically.</p>
</div>
</blockquote>
<p> </p>
<p>Can't please everyone.</p>
<p> </p>
<p>1 Idiot: "My photos are all gone!"</p>
<p>2 Apple: "You should have opted into our backup to cloud scheme"</p>
<p>3 Idiot: "Well I didn't KNOW THAT!!!"</p>
<p>4 Apple: "We gave you the option during setup"</p>
<p>5 Idiot: "But you asked me like a <em>million</em> questions <fades into random whining>"</p>
<p> </p>
<p>OR</p>
<p> </p>
<p>1 Idiot: "My naked photos are on the internet!"</p>
<p>2 Apple: "You should have opted out of auto-backup"</p>
<p>Copy line 3-5 above.</p>
<p> </p>
<p>These celebs are probably just telling their "people" to go get the latest phone, or having it given to them by agents etc.</p>

taniwharugby

<blockquote class="ipsBlockquote" data-author="NTA" data-cid="449061" data-time="1409731318">
<div>
<p>That pigeon certainly decided to fuck off when it couldn't decide what the hell was going on. <strong>How does he not break joints?</strong></p>
<p> </p>
</div>
</blockquote>
<p> </p>
<p>I assumed he didnt have any, along with no bones! </p>

Tim

<img src="http://i.imgur.com/neGfUkF.jpg" alt="neGfUkF.jpg">

antipodean

<p><a data-ipb='nomediaparse' href='http://www.hackertyper.com/'>http://www.hackertyper.com/</a></p>
<p> </p>
<p>[edit] This bloke recreates profile pics he finds on tinder <a data-ipb='nomediaparse' href='http://rodddles.tumblr.com/'>http://rodddles.tumblr.com/</a></p>
<p> </p>
<p>Examples:</p>
<p> </p>
<p><img src="http://i.imgur.com/TOJaoTG.jpg" alt="TOJaoTG.jpg"></p>
<p> </p>
<p><img src="http://i.imgur.com/4XX03Zg.jpg" alt="4XX03Zg.jpg"></p>
<p> </p>
<p><img src="http://i.imgur.com/VyRbRoY.jpg" alt="VyRbRoY.jpg"></p>

Tim

<p><img src="http://i.imgur.com/vTblzJp.jpg" alt="vTblzJp.jpg"></p>
<p> </p>
<p>The babes are back.</p>