• CIPWTTKT&GC V44 - Vega Appreciation Station
    5,006 replies, posted
[QUOTE=FlakTheMighty;52784471]WPA2 isn't secure anymore, rip. [url]https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/[/url][/QUOTE] There's been a lot of updates to software recently regarding it Microsoft put out a patch almost a week ago debian and arch are relatively patched
[QUOTE=FlakTheMighty;52784471]WPA2 isn't secure anymore, rip. [url]https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/[/url][/QUOTE] [url]https://www.krackattacks.com/[/url] Just needs client updates, access points don't need changes, so it's not that bad. Old smartphones are fucked, that's about it.
[QUOTE=FlakTheMighty;52784471]WPA2 isn't secure anymore, rip. [URL]https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/[/URL][/QUOTE]Does that mean someone will get onto my wifi?
[QUOTE=nikomo;52784520][url]https://www.krackattacks.com/[/url] Just needs client updates, access points don't need changes, so it's not that bad. Old smartphones are fucked, that's about it.[/QUOTE] How old? Older than S4?
[QUOTE=cpt.armadillo;52784614]How old? Older than S4?[/QUOTE] It will require an Android update, and all versions of Android are vulnerable unless it has this patch.
[QUOTE=RoboChimp;52784607]Does that mean someone will get onto my wifi?[/QUOTE] No, it means that a man in the middle attack is now possible on WPA2 networks, a rogue access point can intercept your traffic between the router and the client.
[QUOTE=Demache;52784619]It will require an Android update, and all versions of Android are vulnerable unless it has this patch.[/QUOTE] I really hate how awful the Android architecture is, with a Linux distro the vulnerable package would be simply updated without any engineering cycles from the manufacturer being used for each device be patched
[QUOTE=Sam Za Nemesis;52784651]I really hate how awful the Android architecture is, with a Linux distro the vulnerable package would be simply updated without any engineering cycles from the manufacturer being used for each device be patched[/QUOTE] This is kind of why they implemented Project Treble with 8.0, will have to see how that plays out.
[QUOTE=nikomo;52784691]This is kind of why they implemented Project Treble with 8.0, will have to see how that plays out.[/QUOTE] Still needs the manufacturer and carrier to play a role, good luck playing along with them
[QUOTE=Sam Za Nemesis;52784729]Still needs the manufacturer and carrier to play a role, good luck playing along with them[/QUOTE] Isn't the point that the carrier [I]doesn't[/I] have to play a role in security updates, like changes to the base OS won't mess with carrier-related software, so the end user doesn't have to wait on slow-ass carriers to implement security patches? Maybe I just misunderstood Treble
Carriers still distribute the updates in America. The solution is to get a non-shit phone that the manufacturer hasn't fucked with, and you can get updates for from other sources than OTA. For example, Nexus and Pixels phones. You can buy one of those and sideload the official update on the day it becomes available. Only problem is that Pixels are bloody expensive, the Nexus 5X was the last well-priced good phone.
[QUOTE=nikomo;52784792]Carriers still distribute the updates in America. The solution is to get a non-shit phone that the manufacturer hasn't fucked with, and you can get updates for from other sources than OTA. For example, Nexus and Pixels phones. You can buy one of those and sideload the official update on the day it becomes available. Only problem is that Pixels are bloody expensive, the Nexus 5X was the last well-priced good phone.[/QUOTE] Unfortunately carriers can still slow down/block OTA updates even with an unlocked device. There's been several cases of this with the Nexus devices and other unlocked phones. It's a load of shit. At least, yeah, you can sideload but c'mon.
As far as Nexus devices go, I don't think I've heard of that happening other than with some Verizon-specific SKU that Google did at one point ages ago. At which point, it's kind of your fault for being stupid enough to use Verizon.
nvidia trashshare actually works on my computer now [t]https://tenryuu.blob.core.windows.net/astrid/2017/10/17-10-17_02-08-38-GeForce_Experience.png[/t]
[QUOTE=nikomo;52784868]As far as Nexus devices go, I don't think I've heard of that happening other than with some Verizon-specific SKU that Google did at one point ages ago. At which point, it's kind of your fault for being stupid enough to use Verizon.[/QUOTE] [url]http://www.androidpolice.com/2015/01/21/psa-if-your-nexus-6-has-an-att-sim-card-your-android-updates-are-being-withheld-but-it-doesnt-actually-matter/[/url]
[QUOTE=nikomo;52784868]As far as Nexus devices go, I don't think I've heard of that happening other than with some Verizon-specific SKU that Google did at one point ages ago. At which point, it's kind of your fault for being stupid enough to use Verizon.[/QUOTE] To be fair, there are decent sized portions of rural America that are basically Verizon-only, so if I drive through bum-fuck nowhere to get someplace, in order to have constant coverage I have to go Verizon. It sounds like the solution at that point is just buy your own damn phone and just use Verizon for the sim, which is what I already do. And it seems like I've been getting updates on my pixel in a timely manner. [editline]16th October 2017[/editline] [QUOTE=Lyokanthrope;52784948][url]http://www.androidpolice.com/2015/01/21/psa-if-your-nexus-6-has-an-att-sim-card-your-android-updates-are-being-withheld-but-it-doesnt-actually-matter/[/url][/QUOTE] Nevermind then.
[QUOTE=Scratch.;52784939]nvidia trashshare actually works on my computer now [t]https://tenryuu.blob.core.windows.net/astrid/2017/10/17-10-17_02-08-38-GeForce_Experience.png[/t][/QUOTE] I uninstalled GeForce Experience and never looked back. Don't want to support that shit. But it's probably only a matter of time until it is hard-bundled with the driver.
[QUOTE=Protocol7;52784963]I uninstalled GeForce Experience and never looked back. Don't want to support that shit. But it's probably only a matter of time until it is hard-bundled with the driver.[/QUOTE] already part of the install exe, you can bypass it easily though. gotta extract and install drivers to skip it [url]https://github.com/ElPumpo/TinyNvidiaUpdateChecker/wiki/Driver-file-content[/url]
I still have GeForce Experience 2.something. Shadowplay still works a real treat. Only problem is I can't actually launch GeForce Experience because it demands I update it. Also trying to install my drivers fails for some reason so I'm like 4 years out of date.
I could never get around shadowplay on geforce experience 2. Compared to 3, it's UX is pretty sub optimal. Could never get it working the way I wanted it. Compared to 3, which now has the split audio channels, and video cropping/uploading tools, it's very handy. Still no led controls though in gfe3 [editline]17th October 2017[/editline] To my benefit, gfe3 is written in JavaScript, so it's basically Uncompiled code. Easy hacks
[QUOTE=Scratch.;52785016]I could never get around shadowplay on geforce experience 2. Compared to 3, it's UX is pretty sub optimal. Could never get it working the way I wanted it. Compared to 3, which now has the split audio channels, and video cropping/uploading tools, it's very handy. Still no led controls though in gfe3 [editline]17th October 2017[/editline] To my benefit, gfe3 is written in JavaScript, so it's basically Uncompiled code. Easy hacks[/QUOTE] I thought GFE 2.x was the last version without nVidia Share bullshit, and still had Shadowplay. Is there a download for 3.x with shadowplay somewhere? I don't need social networking in my goddamn recording software, and shadowplay's 10-minute constant capture thing is invaluable to me, so OBS is a no-go really.
Geforce doesn't have a social network... Yet, I find references to friends lists though. I don't know their outlook, but yeah, the current version of shadowplay requires gfe3, which not all versions require a login, but the latest version will. I could probably bypass login with dummy data, but cbf. Nvidia share is just shadowplay rebranded, they still refer to it as shadowplay internally as well, can confirm this. They might have switched the name back perhaps
Christ fucking RSA vuln too, fuck you Monday
[QUOTE=Levelog;52785092]Christ fucking RSA vuln too, fuck you Monday[/QUOTE] Are you talking about the Infineon implementation fuck-up? Because that's incredibly minor because it's not used in too much.
[QUOTE=nikomo;52785322]Are you talking about the Infineon implementation fuck-up? Because that's incredibly minor because it's not used in too much.[/QUOTE] TPM 1.2 is really all I'm too worried about with it
[QUOTE=Sam Za Nemesis;52784729][B]Still needs the manufacturer[/B] and carrier [B]to play a role, good luck playing along with them[/B][/QUOTE] That, SD card fuckery because fat32 is somehow still a good idea in their head for that application, and shitty app permission system is why I'm still salty at Google. But starting all over is still worse, this is why I drink.
[QUOTE=Van-man;52785553]That, [B]SD card fuckery because fat32 is somehow still a good idea in their head for that application[/B], and shitty app permission system is why I'm still salty at Google. But starting all over is still worse, this is why I drink.[/QUOTE] but sd cards stopped being fat32 like 2 android releases ago. Its all ext3 now.
[QUOTE=S31-Syntax;52785648]but sd cards stopped being fat32 like 2 android releases ago. Its all ext3 now.[/QUOTE] Not even EXT4? not even optionally Btrfs? Wow...
The app permissions was fairly decent but people complained about it being too much, so they generalized it and now people complain about it being too little. v:v:v
[QUOTE=FlakTheMighty;52786399]The app permissions was fairly decent but people complained about it being too much, so they generalized it and now people complain about it being too little. v:v:v[/QUOTE] Instead of explaining each segment of permissions better for the less tech literate they just dumbed it down HARD. Essentially pulling a Youtube on it, halfassed solution and does more harm than good..
Sorry, you need to Log In to post a reply to this thread.