HackerTrans
TopNewTrendsCommentsPastAskShowJobs

RL_Quine

no profile record

comments

RL_Quine
·4 वर्ष पहले·discuss
Thanks for the response. I had misinterpreted the communication from Tailscale to be adversarial rather than just that it wasn't something that had engineering focus. It's good to hear that there will be some progress towards making the mobile app better.
RL_Quine
·4 वर्ष पहले·discuss
Yes, it's usable with every tailscale client (except for iOS). You provide an argument to make headscale your controller, and then it works much the same as the hosted Tailscale service, with some only minor differences in configuration.
RL_Quine
·4 वर्ष पहले·discuss
There's a kind of WIP control server implementation, it's not production ready in my opinion but it's definitely usable.

https://github.com/juanfont/headscale
RL_Quine
·4 वर्ष पहले·discuss
Unfortunately despite claiming that they would, they've never allowed their iOS application to allow configuration of the control server (every other client they have released does). Maybe some more funding will allow them to focus on the client quality.
RL_Quine
·4 वर्ष पहले·discuss
Which is the source of some dumb deanonymization exploits!
RL_Quine
·4 वर्ष पहले·discuss
If they're not checking everything, any sort of non-general modification of traffic will obviously go completely unnoticed. The bad exit flag really is only ever going to catch the most obvious, ham fisted bad behaviour.
RL_Quine
·4 वर्ष पहले·discuss
The behaviour of not always using the same exit means that you, over time, will almost assuredly use a malicious exit should more than zero exist. It's reckless to suggest that anybody should be using this system, your situation is almost always going to be worse than not.
RL_Quine
·5 वर्ष पहले·discuss
I mean, of all things this is pretty tame, the car otherwise includes a web browser which contains parser for every single file type you can imagine.

https://github.com/FalconChristmas/fpp/blob/master/docs/FSEQ...

This is the format being used by the system, which is not new and appears to be part of a maintained open source project.
RL_Quine
·5 वर्ष पहले·discuss
Some systems do have two parity bits but obviously there’s efficiency loss there.
RL_Quine
·6 वर्ष पहले·discuss
No? It’s not x86. Compatibility is emulated.
RL_Quine
·6 वर्ष पहले·discuss
Do you not consent to space existing? You have far more exposure to all sorts of interesting radio frequencies from space every day than you'll ever see from a small radio.
RL_Quine
·6 वर्ष पहले·discuss
When your device is trying to find networks its seen previously, it for some reason broadcasts the ESSID, the human readable name of the networks it knows about. A lot of these are globally unique, as many routers come with a default name which is based on their MAC address.

You walk past my house, I see you have connected to direct-roku-845-7e16d8. Great! I can go do a reverse lookup of that (say, based on information collected by SkyHooks or WiGLE), and I now know that you've at least authenticated to a network in downtown SF one time.

With a good sampling of these (many pieces of software send the last 4+ networks), I can get an idea of where you live, where you work, and where you've traveled. From your device details I can tell what brand of device you have, from the times of day I see you I can work out what your patterns and behaviors are, from your bluetooth connections I can get an idea of what sort of devices you own. I can even match this with real time video and directional antennas to match this with a picture of your face.

This is all things that an individual can do right now with off the shelf software, not something you need to be a company or a government agency to pull off. This is absolutely receive only, and does not interact with anybodies devices in any way. It is not illegal and you can not detect that someone is doing this sort of attack. Your only defense against this is to have as bland and as generic of a wifi point name as possible.
RL_Quine
·6 वर्ष पहले·discuss
There's still commercial products that will track your wifi/bluetooth MAC, and probably ISMI as well. You're not preventing this sort of thing with that sort of behavior and just making things awkward for yourself. If I can find the home addresses of people walking past my house using reverse lookups of ESSID probes, you can be damn sure that everybody else is doing it too.
RL_Quine
·6 वर्ष पहले·discuss
Put it in context, is it ever acceptable to have all your activity publicly logged? Keybase isn’t forward secure, so so disclosure of your keys later leads to complete availability of your cleartext.
RL_Quine
·6 वर्ष पहले·discuss
It doesn’t have any mode that’s not encrypted.
RL_Quine
·8 वर्ष पहले·discuss
For the models I was looking at a number of years ago, the options were through IPMI or via a USB Floppy Drive. Perhaps my memory is failing me here, but I seem to remember being quite enraged at the prospect and would have done a lot not to have to pay the license fee on principle.
RL_Quine
·8 वर्ष पहले·discuss
That's a crazy module, I had no idea anything of that scale existed for Bluetooth radios.
RL_Quine
·8 वर्ष पहले·discuss
This comment is specific to the parent talking about their experiences producing credit card terminals that ended up with PCBs implanted in them. Here it is appropriate.
RL_Quine
·8 वर्ष पहले·discuss
Get an x-ray machine? They are surprisingly cheap pieces of hardware if you are willing to deal with a small area, low penetration image. Low penetration means no lead, which makes for something that's about as cumbersome as a large bar fridge.
RL_Quine
·8 वर्ष पहले·discuss
SuperMicro hardware in particular always struck me as such. Asking users to pay a license fee to be able to update the BIOS on their devices (after paying tens of thousands for the hardware itself) is a kick in the teeth.

https://www.virtuallifestyle.nl/wp-content/uploads/2016/08/S...

http://www.supermicro.com/products/nfo/SMS_SUM.cfm