HackerTrans
トップ新着トレンドコメント過去質問紹介求人

aryan14

no profile record

投稿

Bitcoin Surpasses $123,000 USD

reuters.com
6 ポイント·投稿者 aryan14·昨年·0 コメント

Trump Is Losing Patience with Musk's Outbursts over Megabill

wsj.com
13 ポイント·投稿者 aryan14·昨年·1 コメント

[untitled]

1 ポイント·投稿者 aryan14·昨年·0 コメント

uBlock Origin Has Been Disabled

ublockorigin.com
31 ポイント·投稿者 aryan14·昨年·40 コメント

Federal appeals court upholds law requiring sale or ban of TikTok in the US

thv11.com
4 ポイント·投稿者 aryan14·2 年前·0 コメント

Bitcoin reaches all time high, and its correlation with the US election

morningstar.com
3 ポイント·投稿者 aryan14·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 aryan14·2 年前·0 コメント

Ask HN: Where's your go-to spot to hire web developers?

2 ポイント·投稿者 aryan14·2 年前·2 コメント

コメント

aryan14
·先月·議論
You can view the recent activity on your Microsoft account @ account(dot)live(dot)com/Activity

Would show any logins or security info updates etc
aryan14
·先月·議論
It’s just incorrect

It’s true that existing sessions are revoked; because the password was reset

The reason the target wouldn’t get any notifications at all would be in the case they never setup any additional verification methods to receive these notifications to, since this only worked on accounts w/o 2FA

You can test this on your own account, if you have 2FA enabled and reset your password, you’ll receive notifications to whatever option you have enabled

Also, if you reset the password, it doesn’t remove all 2FA methods on the account (you can test this)

So assuming a threat actor reset the password, they would attempt to login with the correct password but would still need the 2FA code or approval
aryan14
·先月·議論
> “In case you're wondering, because the system treats this high-privilege recovery flow as a total account reset by the "true" owner, the original 2FA gets thoroughly bypassed in the process.“

This is false.

Important to note this did not work if your account had 2FA of any kind

e.g if you had a time based authenticator enabled, after the AI gave you the code to reset the password, it had no notable privileges beyond that

Tldr; if you had 2FA this wouldn’t work on you
aryan14
·先月·議論
This is actually what microsoft does for microsoft accounts

If you recover a microsoft account / submit a ticket to recover it and provide correct information, the active email gets an email letting them know about the request

You can deny it, or if you ignore it for 30 days the request goes through

Seems to be the best system IMO
aryan14
·2 か月前·議論
You can host your keepass db file anywhere you like, whether that’s google drive or on a hard drive.
aryan14
·2 か月前·議論
How is this not bigger news?
aryan14
·6 か月前·議論
And he has been and continues to make fun of the investigators, publicly mocking investigators and sending small amounts from the fraudulent wallets to investigators.

Crazy world
aryan14
·10 か月前·議論
Was thinking about this the entire time, not sure why they’re saying it has to be govt sponsored threat actors for a bunch of SIM cards

Didn’t understand how it’d be used for espionage either, doesn’t even make sense
aryan14
·10 か月前·議論
You could run wireguard thru CLI directly instead of jumping through the mullvad app itself
aryan14
·昨年·議論
Doesn’t look good on mobile, difficult to use
aryan14
·昨年·議論
Cross checked known malicious mail list with applicants, found a match and made a blog about it lol
aryan14
·昨年·議論
[flagged]
aryan14
·昨年·議論
Are the typos on purpose for opsec reasons?
aryan14
·昨年·議論
This has probably been happening since the beginning of modern media.

The only reason this is an article is because of “AI” and Russia VS The US
aryan14
·昨年·議論
This isn’t fair to say.

Any platform that’s popular will have its share of undesirable users, out of the company’s control.

Discord has very good moderation in contrast to other platforms (Constant banwaves on illegal/shady servers, terminating accounts frequently, etc)
aryan14
·昨年·議論
How well it’ll do in court is debatable, could go for either side, but regardless of the outcome it’s always good to see resistance and pushback
aryan14
·昨年·議論
As they should. You can’t throw an ultimatum for something that benefits nobody but the govt. and kick everyone around.

Would like to see other companies who were affected by similar situations also take this to court
aryan14
·昨年·議論
Absolutely mental the kind of people that have power. Dealing with this like immature children.

“We don’t get what we want? We ruin it for everyone.”

Trying to backdoor a privacy feature for no real reason, just for the sake of having a backdoor. Pathetic
aryan14
·2 年前·議論
A very easy anonymous way is to simply use a self custody wallet like Exodus.

You can buy ETH, then you can use a TOR crypto exchange to swap it from ETH -> BTC into your wallet.

Just an idea though
aryan14
·2 年前·議論
How did it fail at being P2P e-cash?

You can use bitcoin completely/as anonymously as cash if you wanted to, the same way you’d have to put in a bit of effort to have a completely anonymous cash transaction.

Monero (XMR) which is a fork of bitcoin, is much closer to actual cash