2013-11-09 00:20 valhalla has quit [Ping timeout: 246 seconds] 2013-11-09 00:23 lekernel has quit [Quit: Leaving] 2013-11-09 00:25 wej has quit [Ping timeout: 260 seconds] 2013-11-09 00:27 wej has joined #qi-hardware 2013-11-09 00:28 valhalla has joined #qi-hardware 2013-11-09 00:38 valhalla has quit [Ping timeout: 272 seconds] 2013-11-09 00:38 valhalla has joined #qi-hardware 2013-11-09 01:20 valhalla has quit [Ping timeout: 264 seconds] 2013-11-09 01:22 valhalla has joined #qi-hardware 2013-11-09 01:35 FDCX has quit [Read error: Operation timed out] 2013-11-09 01:38 bwahaha: http://mobile.reuters.com/article/idUSBRE9A703020131108?irpc=932 2013-11-09 01:39 but let's rewrite this as "identified, questioned and ... terminated with extreme prejudice" ;-) 2013-11-09 01:52 FDCX has joined #qi-hardware 2013-11-09 02:01 pcercuei has quit [Ping timeout: 252 seconds] 2013-11-09 02:02 kristianpaul has quit [Ping timeout: 246 seconds] 2013-11-09 02:31 wej has quit [Ping timeout: 264 seconds] 2013-11-09 02:55 dos1 has quit [Ping timeout: 252 seconds] 2013-11-09 03:34 porchaso0 has joined #qi-hardware 2013-11-09 03:35 porchao has quit [Ping timeout: 248 seconds] 2013-11-09 04:06 bzb_ has joined #qi-hardware 2013-11-09 04:09 bzb has quit [Ping timeout: 252 seconds] 2013-11-09 05:10 lilvinz- has joined #qi-hardware 2013-11-09 05:11 lilvinz has quit [Ping timeout: 248 seconds] 2013-11-09 05:11 wpwrak has quit [Ping timeout: 248 seconds] 2013-11-09 05:11 wpwrak has joined #qi-hardware 2013-11-09 05:16 bzb__ has joined #qi-hardware 2013-11-09 05:18 bzb_ has quit [Ping timeout: 245 seconds] 2013-11-09 05:21 bzb__ has quit [Ping timeout: 245 seconds] 2013-11-09 05:31 bzb has joined #qi-hardware 2013-11-09 06:39 viric has quit [Remote host closed the connection] 2013-11-09 06:40 viric has joined #qi-hardware 2013-11-09 06:46 porchaso0 has quit [Read error: Connection reset by peer] 2013-11-09 06:46 porchao has joined #qi-hardware 2013-11-09 07:11 bzb has quit [Ping timeout: 245 seconds] 2013-11-09 07:14 bzb has joined #qi-hardware 2013-11-09 07:20 bzb has quit [Quit: I hate to quit but my bladder's full. :-(] 2013-11-09 07:55 wolfspraul has joined #qi-hardware 2013-11-09 08:41 > If you've been cleared and especially if you've been polygraphed, you're an insider and you are presumed to be trustworthy 2013-11-09 08:42 polygraphed. yeah. because that means something. :/ 2013-11-09 08:45 jekhor has joined #qi-hardware 2013-11-09 08:46 perhaps a security clearance shouldn't only involve background checks, polygraph, and all that, but also an IQ test ... 2013-11-09 08:46 or maybe it is that their internal bureaucracy is so horrible that sharing passwords is part of the daily routine just to get things done 2013-11-09 08:50 (IQ test) not higher than X? :) 2013-11-09 09:03 yeah, finding the right range may be tricky :) make them too smart and you get a lot more snowdens :) 2013-11-09 09:08 lekernel has joined #qi-hardware 2013-11-09 09:08 "They have emphatically denied that he provided any classified material to countries such as China or Russia." 2013-11-09 09:09 oh, that's really important! 2013-11-09 09:09 like, yeah, we fucked up, but not that bad! 2013-11-09 09:12 i wonder, how many of these 25 employees were women? 2013-11-09 09:12 24.5 2013-11-09 09:12 he good! 2013-11-09 09:15 well, the trick to get passwords is to not just outright ask for them, but let the person come to you with a problem (which you might have created), and then say in order to fix the problem you need to password 2013-11-09 09:17 or something like, 'It will at least take two weeks to restore your E-Mail access' 'Isn't there a way to speed this up' 'Yea, but it's not exactly by the book' ... 2013-11-09 09:18 you sound like an experienced social engineer :) 2013-11-09 09:19 I think that's elementary stuff 2013-11-09 09:21 wej has joined #qi-hardware 2013-11-09 09:22 for an experienced social engineer, yes ^) but not for those 25 employees 2013-11-09 09:32 we worked as an admin, so people may have come to him with problems on a regular basis 2013-11-09 09:32 but still, you'd expect that proper password procedures would be about the first thing they teach people at this sort of places 2013-11-09 09:34 s/we /he / # oops, now i'm on their list :) 2013-11-09 09:35 wej has quit [Ping timeout: 260 seconds] 2013-11-09 09:48 wej has joined #qi-hardware 2013-11-09 10:02 but not giving him the password would be like saying 'I think you are up to something.' 2013-11-09 10:03 and that would be rude since he offered to help them 2013-11-09 10:03 well, isn't that *why* you should not give people passwords? 2013-11-09 10:03 because they well may be up to something. 2013-11-09 10:03 and the help he provides is his job 2013-11-09 10:04 nah, but if you say something like I can restore your email account in two hours instead of two weeks 2013-11-09 10:09 well, there's a difference between rude and inconvenient to you 2013-11-09 10:11 well the incovenience is another factor in that situation as well 2013-11-09 10:14 but the basic situation you want to engineer is a situation where the person would feel unconmfortable not to give you their password 2013-11-09 10:25 wej has quit [Ping timeout: 245 seconds] 2013-11-09 10:28 wej has joined #qi-hardware 2013-11-09 10:31 mth has quit [] 2013-11-09 10:35 bzb has joined #qi-hardware 2013-11-09 10:39 wej has quit [Ping timeout: 260 seconds] 2013-11-09 10:40 wolfspraul has quit [Ping timeout: 245 seconds] 2013-11-09 10:41 jekhor has quit [Quit: Leaving] 2013-11-09 10:42 wolfspraul has joined #qi-hardware 2013-11-09 10:49 jekhor has joined #qi-hardware 2013-11-09 11:00 bzb has quit [Quit: I hate to quit but my bladder's full. :-(] 2013-11-09 11:18 wej has joined #qi-hardware 2013-11-09 11:25 social engineering for noobs 2013-11-09 11:25 :-) 2013-11-09 11:25 that's really the 101 they teach you even in company wide security audits 2013-11-09 11:25 or rather in preparation for... 2013-11-09 11:27 the standard user has no idea why (s)he needs passwords at all, after all it's already HIM/HER who's sitting at the terminal and typing it, so why the additional hassle ;-P 2013-11-09 11:28 and admins considered almighty (which usually they actually are), so all a user might wonder is "why he even needs my password? I'd hope for him to tell *me* my password once I forgot" 2013-11-09 11:29 ~bofh 2013-11-09 11:29 err 2013-11-09 11:30 tried to suggest a good read, but you don't like the bot, so google for it! 2013-11-09 11:36 wej has quit [Ping timeout: 260 seconds] 2013-11-09 11:44 wej has joined #qi-hardware 2013-11-09 11:45 pcercuei has joined #qi-hardware 2013-11-09 11:48 wej has quit [Ping timeout: 245 seconds] 2013-11-09 11:49 wej has joined #qi-hardware 2013-11-09 11:54 wej has quit [Ping timeout: 260 seconds] 2013-11-09 11:57 wolfspraul has quit [Ping timeout: 248 seconds] 2013-11-09 11:59 wolfspraul has joined #qi-hardware 2013-11-09 12:01 jekhor has quit [Read error: Operation timed out] 2013-11-09 12:29 larsc: all very well, but don't forget that this is an area where people have all sorts of security clearances, operate on a need to know basis, where access is compartmentalized, and so on. being paranoid is their foremost obligation. 2013-11-09 12:30 DocScrutinizer05: bofh, the great classic ;-) 2013-11-09 12:31 sure ;-) 2013-11-09 12:31 you can learn a lot about social engineering from it 2013-11-09 12:32 larsc: that doesn't mean that there can't be a few gullible victims. but that he can go through "20-25" people, who all have elevated access privileges, and that doesn't even raise any suspicion is more than surprising. 2013-11-09 12:34 their default attitude should be "you don't need to know my password and i'll inform your superior". now, he may be able to worm his way around the latter "oh, sorry, i'm new here, we always did that at my old job" etc. but the odds should be heavily stacked against this sort of stunt. 2013-11-09 12:36 of course, if it turns out that some did inform on him and his (NSA) supervisor didn't pay attention, then i wouldn't want to be in his skin :) 2013-11-09 12:37 now you got to the fun aspects of my daily duty as maemo admin superviser ;-P 2013-11-09 12:39 are the maemo admins leaking lots of dirty laundry labeled "top secret" ? :) 2013-11-09 12:40 or should I say senior admin and coordinator? 2013-11-09 12:40 nah, only handling a database with ~90k valuable user data 2013-11-09 12:41 and all that without any paperwork that would establish any form of liability 2013-11-09 12:41 since, you know... community 2013-11-09 12:41 you can't even dream of the flames I receive sometimes 2013-11-09 12:42 the more informal, the better the flames ;-) 2013-11-09 12:43 indeed 2013-11-09 12:43 you can't fire volunteers 2013-11-09 12:44 and some you can't even kick since otherwise community will kick you 2013-11-09 12:44 dos1 has joined #qi-hardware 2013-11-09 12:45 one dude already asked Hildon Foundation to expel me from maemo admin since I dared to overrule him on a security issue 2013-11-09 12:46 where my decision was to the safe side 2013-11-09 12:47 while the dude was rushing all over our infra, abusing his privileges and not communicating what he does, and opened up security bandaid blocks we established when we found a massive vulnerability 2013-11-09 12:48 particularly he re-enabled login to maemo midgard when all users had admin permissions on midgard due to a config fsckup 2013-11-09 12:48 well, let him run wild for a while, let him build up a reputation of being an asshole. wait until he makes a big mistake. then pounce :) 2013-11-09 12:50 he DID make a big mistake, I blamed him in closed channel and when another honorable guy asked him to chill a bit he ragequit and never been seen again 2013-11-09 12:50 jekhor has joined #qi-hardware 2013-11-09 12:50 and always remember, there is the common sociopath, there are big sociopath, and there are efficient sociopaths. you want to be the latter :) 2013-11-09 12:50 hi dos1 2013-11-09 12:51 DocScrutinizer05: (ragequit) perfect. so it worked as planned :) 2013-11-09 12:51 basically yes 2013-11-09 12:52 for sure I'd rather see him adjust his attitude and behavior 2013-11-09 12:52 particularly since he been partially quite knowledgeable 2013-11-09 12:52 but he been unable to grok the principle of limited permissions 2013-11-09 12:53 some people are just looking for a fight. better to be rid of them. 2013-11-09 12:53 he was looking for proving own awesomeness 2013-11-09 12:53 by doing everything on root permissions without peer review or any feedback or permission 2013-11-09 12:54 solitaire 2013-11-09 12:54 no team player 2013-11-09 12:54 DocScrutinizer05: hello! 2013-11-09 12:54 :) 2013-11-09 12:55 wpwrak: basically he maintained a 12VM server infra with 90k users and 10 admins like his own PC at home 2013-11-09 12:56 nobody had (or has) a friggin clue what he did, or why 2013-11-09 12:56 ah, now i see why you'd have liked to keep him. someone who single-handedly juggles 12 servers is hard to find. 2013-11-09 12:56 yeah 2013-11-09 12:56 yeah, that's the normal case with those guru admins 2013-11-09 12:56 :-P 2013-11-09 12:57 so in the end we are better off without him 2013-11-09 13:00 I told him "you're not supposed to do this. It's an abuse of your privileges, and it's a mega security breach opening up a huge (and known) vulnerability. Please INSTANTLY revert what you did - whaever it been - then reboot the machines where you did changes! INSTANTLY, NOW! THEN we discuss the issue" - he answered by calling me names 2013-11-09 13:01 when *I* did what I asked HIM to do, he asked for my expel 2013-11-09 13:01 somebody who takes user data privacy not serious should be sued, not hired. 2013-11-09 13:01 roh: the problem is: we don't hire in community, we don't have funds to hire 2013-11-09 13:01 DocScrutinizer05: doesnt matter. 2013-11-09 13:02 sure 2013-11-09 13:02 the law doesnt differenciate if you get money or not for doing the work. either do it properly or gtfo 2013-11-09 13:02 well, he's gone and his accounts blocked 2013-11-09 13:03 my mistake - I thought the dude was susceptible to good reasoning and policies to agree upon 2013-11-09 13:03 it turned out he wasn't 2013-11-09 13:04 he received root permissions under the policy to NOT abuse them for ANY editing 2013-11-09 13:05 since our infra been fsckdup in that regard back when 2013-11-09 13:05 (no ACL for example) 2013-11-09 13:06 he abused those permissions in best intent to "fix stuff", but the way he did been causing more havoc than good 2013-11-09 13:20 bzb has joined #qi-hardware 2013-11-09 13:33 jekhor has quit [Ping timeout: 252 seconds] 2013-11-09 14:07 jekhor has joined #qi-hardware 2013-11-09 15:02 viric has quit [Ping timeout: 240 seconds] 2013-11-09 15:04 jekhor has quit [Ping timeout: 248 seconds] 2013-11-09 15:06 viric has joined #qi-hardware 2013-11-09 16:32 jekhor has joined #qi-hardware 2013-11-09 17:02 rz2k has joined #qi-hardware 2013-11-09 17:48 kristianpaul has joined #qi-hardware 2013-11-09 19:24 lekernel has quit [Quit: Leaving] 2013-11-09 19:27 Chuck174 has joined #qi-hardware 2013-11-09 19:28 if i have 2x4gb ram , should i add my older ram(2x2gb) in the other slot? 2013-11-09 19:32 Chuck174 has quit [Quit: irc2go] 2013-11-09 19:41 rz2k has quit [] 2013-11-09 19:48 wolfspraul has quit [Ping timeout: 272 seconds] 2013-11-09 19:49 wolfspraul has joined #qi-hardware 2013-11-09 20:46 kilae has joined #qi-hardware 2013-11-09 21:55 jekhor has quit [Read error: Connection reset by peer] 2013-11-09 22:28 kilae has quit [Quit: ChatZilla 0.9.90.1 [Firefox 25.0/20131025151332]] 2013-11-09 23:19 wolfspraul has quit [Ping timeout: 245 seconds] 2013-11-09 23:52 qwebirc65159 has joined #qi-hardware 2013-11-09 23:53 qwebirc65159 has quit [Client Quit]