Language:
switch to room list switch to menu My folders
Go to page: 1 2 3 4 5 [6] 7
[#] Thu Nov 05 2020 18:52:15 EST from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

I received an email from DDoS extortion scammers, announcing that

www.citadel.org (the Citadel project web site, not Uncensored) is going

to get DDoSed starting November 2, unless they are paid off with a

large amount of bitcoin.

Everybody who has a website gets tons of those every frigging month.

Most of those threats are not worth the bits used to deliver them.

I am fed up of receiving warnings that they are gonig to crash my websites using an unpatched plugin exploit when the website has no plugins engine at all.

[#] Sun Nov 08 2020 10:12:50 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

You are correct, as expected, the attack never materialized. I didn't think it would -- but I just couldn't risk it.

[#] Sun Nov 08 2020 17:45:27 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


For what it's worth, I hope your whois record is anonymized. Looks like it is, at least, now.

You don't *want* to make it impossible for people looking at the website to contact you, but at least you can make it at little harder to automate that.

[#] Mon Nov 09 2020 09:58:00 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

That's interesting ... if it's anonymized now then it's been anonymized for about a year, since I switched to that registry. I wonder how they found my address.

[#] Mon Nov 09 2020 12:01:20 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


I dunno, I was actually having trouble querying their server, so I could be mistaken.

[#] Mon Nov 09 2020 12:12:04 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Nov 09 2020 09:58:00 EST from IGnatius T Foobar
That's interesting ... if it's anonymized now then it's been anonymized for about a year, since I switched to that registry. I wonder how they found my address.

Anonymizing your WhoIS record requires a service that costs extra. For years I just put false information in my WhoIS contact information - but that can get you deregistered if they catch you. 

Now they've got the correct info, the registrar doesn't send me threatening e-mails about my WhoIs info being fake, and I've got a level of protection me between and the Internet fruitcake stalkers. 



[#] Mon Nov 09 2020 12:15:51 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

Another "Google is the new Microsoft" issue. 

Today I came in and my boss was losing his shit because his machine wasn't working and was crawling. Windows update was applying - and it was doing the thing where it takes 20 minutes to install, counting down the percentage, then on reboot, it gives you a DIFFERENT progress percentage countdown, that also crawls. I figured it was going to back it out, but it looks like the 2nd time it tried to apply it worked. 

At any rate - after applying, then his system was crawling. I had a look, and CPU utilization was at 50% or more at idle. Looking at the task list... I discovered Software Reporter Tool had two instances running and together they were running most of the 50+% of utilization being consumed... 

The irony is a Google search rats Google out: 

https://www.techpout.com/what-is-chrome-software-reporter-tool-and-how-to-block-it/

I know that Edge is just Chrome.. 

But Chrome is really no better than IE at this point. 



[#] Mon Nov 09 2020 13:34:23 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


I actually bumped into a website the other day that was breaking under Chrome, and only worked under IE. (I didn't attempt Edge or Firefox.)

You get three guesses which website, and the first two don't count: it was the Department of Motor Vehicles.

[#] Mon Nov 09 2020 15:19:19 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

I've experienced this "only works on IE" thing on a couple of sites. Which ones they were escape me right now, or what set of steps made me think, "let's see how this page renders on IE..." 

But I remember being shocked that IE was beating Chrome at anything. 

 



[#] Mon Nov 09 2020 15:23:02 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


it's thoroughly obsolete, but that's why some sites only work on it

[#] Mon Nov 09 2020 17:55:14 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

Yeah, most likely I was trying to do something on a thoroughly obsolete web site. They're generally the best. Thoroughly modern technology rapes you, sells your personal information, and reports you to the feds for every deep secret thought you've ever fleeting entertained. 

 



[#] Mon Nov 09 2020 19:12:49 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


... you're talking to a guy who just had both nostrils raped today, for a mandatory test.

I don't agree that DMV websites are the best (LOL), but I will be very happy when this is all over.


The DMV website was badly written. It failed on the callback from the payment provider they were using (I had to pay to purchase an accident report.) So they coded a simple URL redirect handshaking sequence that just fails on any modern browser. Lame. This really has nothing to do with the JavaScript-is-bad debate or anything like that.

[#] Mon Nov 09 2020 19:55:57 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Nov 09 2020 19:12:49 EST from LoanShark

... you're talking to a guy who just had both nostrils raped today, for a mandatory test.

I don't agree that DMV websites are the best (LOL), but I will be very happy when this is all over.


The DMV website was badly written. It failed on the callback from the payment provider they were using (I had to pay to purchase an accident report.) So they coded a simple URL redirect handshaking sequence that just fails on any modern browser. Lame. This really has nothing to do with the JavaScript-is-bad debate or anything like that.

I didn't say DMV websites are the best... I said old websites are generally the best. You clearly have been visiting the wrong sort of old websites. :) 

I like sites that play well with my Amiga 500. Citadel is not one of those sites, even without encryption - but, there is always Telnet. :) 

.gov websites are generally the worst, regardless of if they're old or new. :) 

 

 



[#] Mon Nov 09 2020 21:17:23 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]


It's an absolute, objective truth that I have been visiting the wrong sort of websites. What is the internet for, anyway?

[#] Mon Nov 09 2020 21:26:19 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Nov 09 2020 21:17:23 EST from LoanShark

It's an absolute, objective truth that I have been visiting the wrong sort of websites. What is the internet for, anyway?

Quoted for Truth. ;) 

 



[#] Mon Nov 09 2020 23:03:50 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

You are correct, as expected, the attack never materialized. I didn't

think it would -- but I just couldn't risk it.

What *is* happening, however, is that someone is trying to brute-force an account -- any account, it seems. They have our user list (which is public, at least the screen names) and have been hitting random accounts with random passwords for days now. They are using IMAP to test passwords.

This is happening from a massive botnet of over 1000 machines. But it's happening at a slow rate of maybe ten tests per minute.

I'm not sure what they think they're going to do with someone else's account, when it would have exactly the same privileges as an account they could just create as a new user. Are they spammers? And if so, what kind of spammer is clever enough to learn enough of Citadel to read the user list, but dumb enough to fail to understand that the vast majority of those users do not have permission to send Internet mail?

If this is the same "Russian" hacker who promised to DDoS the site unless I sent him a ransom payment, he's not very bright.

[#] Mon Nov 09 2020 23:13:01 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

I know that Edge is just Chrome.. 

...and it's a decent way to surf the net when you're on a Windows machine.
It's the same browser as Chrome, but with all the Google spyware removed and Microsoft spyware replacing it. But if you're on Windows, Microsoft is watching anyway.

My rationale is that if I'm going to use Chrome on Windows, I might as well use the version that can't be uninstalled. If you install DuckDuckGo Privacy Essentials, and add another extension to set the New Tab Page to anything other than MSN, it is basically indistinguishable from Chrome.

I had been using Brave, a privacy-focused Chromium browser, but our IT department asked me to remove it because it has a built-in Tor client, and IT doesn't like that. At home, I am using Dissenter, a close cousin of Brave that is even more paranoid about privacy.

I wish someone would bring back the Netscape brand. netscape.com simply redirects to AOL at this point. How is AOL even still in business?

[#] Tue Nov 10 2020 09:03:38 EST from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]

I wish someone would bring back the Netscape brand. netscape.com
simply redirects to AOL at this point. How is AOL even still in
business?

strangely enough, my girlfriend still has a @netscape.net email address that's grandfathered in from the old old days.

[#] Tue Nov 10 2020 09:39:11 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

I still run into AOL and Yahoo accounts surprisingly often - but I haven't seen a Netscape address in decades, probably. 



[#] Tue Nov 10 2020 10:05:04 EST from zooer

[Reply] [ReplyQuoted] [Headers] [Print]

I have seen AOL email addresses.  

The two that I remember recently, one is a friend of the family an older guy not very technical.  He might have switched to gmail now that he has an android phone but still has the AOL address.

The other was the personal account of an older doctor.  I don't know why, maybe he kept his email because that is what he used for years.  He might have used it for medical work unrelated to the practice.

He told me once that all his old mails were gone and wanted to know if I could get them back. 

 



Go to page: 1 2 3 4 5 [6] 7