User Controls
ebin graffik design thread for my ππ π― [some reposted material]
-
2022-11-03 at 2:57 AM UTC(Even if, ultimately, all code I have my computer run is just as unknown to me. Like you could argue I already am a walking talking ACE exploit. I don't know what running setup.exe is going to do when I'm supposedly installing a game! But I have rough and shitty heuristics for deciding whether or not to run that, it's not like I'll run literally any .exe. I can't really use any of those to heuristics to assess the safety of a custom bit of boutique code written specifically for me. )
-
2022-11-03 at 3:06 AM UTCMaybe if I get better at java one day I can accept this offer tho, on the condition that you write it in java and hand it to me uncompiled.
EDIT: Embarrassing mistake was briefly made for the span of 2 seconds before common sense and google corrected it. Sadly, my ninja edit window closed during those 2 seconds. FML. -
2022-11-03 at 3:09 AM UTCIs it possible to have your testicles re attached?
What happened to urs? did Did they just chuck em in the trash when they were done? I heard when a bull gets turned into a steer they just chop their nuts off and leave them in the field and scavengers eat them.
Do you remember heffer from rockos modern life? You remind me of heffer. -
2022-11-03 at 3:10 AM UTC
Originally posted by Meikai For what it's worth, I actually am more inclined to trust you than anyone else I know who could credibly make me a similar offer. And I figured you weren't offering to write me something malicious in hopes that I'd accept the offer and use it against myself.
I might honestly be the evil one here, like… if I were you, I'd include a little something. You know? A lil something to make it easy to mess with them. Just in case. What if I ever became big mad with the person in the future? No harm preparing for the possibility. "I'll probably never use it", I'd tell myself. "It's benign, harmless, accessible only to me - it's a stretch to even call including it malicious!" And if I do decide to use it, they'll deserve it! So including it is only harmful if they deserve it, in which case I should include it. That's how I'd see it and what I'd do in the case of people I like.
If I was even just ambivalent towards them, I probably wouldn't be able to help myself from actively messing with them a little in "harmless and fun" ways, just for being silly enough to run whatever I wrote. They'd deserve it. I will not speak of the depths I'd go to if I actually hated that person, because my ignorance makes it impossible to do justice to the level of harm I would seek to cause.
And like I said: the only kind of defense or security I'm capable of having an effect on is social engineering stuff. Even though you wouldn't need me to manually run a program, it's still not in my interests to accept such an offer. For the same reason it's not in a loving mother's interests to take a pill which will make her want to kill her toddler, or even just make her open to the idea of killing the toddler. My computer is my baby and while I might not be strong enough to protect it from every threat, it's exceedingly easy for me to protect it from myself by simply… not becoming willing to become a walking talking ACE exploit.
Having one foot in the door as it were just in case, means you're not acting in good faith when presenting someone with what amounts to a gift of time and effort. Speaking of time, having one foot in, would save me approximately a minute or two. And if you are going to open the door anyway, you might as well walk in and pop their box right then and there, set up persistence, and simply connect when you feel like it. I believe in reciprocity, i need a good reason to A) violate your trust B) Turn you into a Borg drone. Like i was alluding to, should i open the door i'm not gonna leave it open and walk away snickering to myself, no, i'm coming in. Half measures are no measures.
Also if i were to operate on a "just in case" mode of behavior, what's stopping me from turning everything i touch into another drone. -
2022-11-03 at 3:20 AM UTC
Originally posted by RIPtotse Is it possible to have your testicles re attached?
What happened to urs? did Did they just chuck em in the trash when they were done? I heard when a bull gets turned into a steer they just chop their nuts off and leave them in the field and scavengers eat them.
Do you remember heffer from rockos modern life? You remind me of heffer.
The way they castrate cattle these days, they probably would just get left in the field for scavengers neh? Don't they tie an elastic around the nuts or clamp them off until they get necrotic and fall off or something? I dunno. If that's right tho, it's not like you're gonna walk around behind them until it happens so you can collect the lil fuckers. Whatever. Cattle castration is weird.
I suppose castration is weird, like... generally... but cattle stuff is extra weird.
And yeah, they just chucked 'em. I had no interest in keeping them around after what they did to me. -
2022-11-03 at 3:21 AM UTC
Originally posted by Meikai Maybe if I get better at java one day I can accept this offer tho, on the condition that you write it in java and hand it to me uncompiled.
EDIT: Embarrassing mistake was briefly made for the span of 2 seconds before common sense and google corrected it. Sadly, my ninja edit window closed during those 2 seconds. FML.
You're going to become The Javatar, and i am going to look upon what you will wreak with pride. And it would be my great privilege to one day write a program together, in the spirit of cooperation, in the spirit of friendship. -
2022-11-03 at 3:42 AM UTC
Originally posted by Sophie Having one foot in the door as it were just in case, means you're not acting in good faith when presenting someone with what amounts to a gift of time and effort. Speaking of time, having one foot in, would save me approximately a minute or two. And if you are going to open the door anyway, you might as well walk in and pop their box right then and there, set up persistence, and simply connect when you feel like it.
My name on here used to be HTS, and I know they used to have a fun little competition called RootThisBox, so please trust me when I say I'm not trying to goad you into demonstrating how well you'd have done in RTB when I incredulously ask you: Really? 2 minutes? Possibly less than that? Sheeeeeeesh.
Originally posted by Sophie I believe in reciprocity, i need a good reason to A) violate your trust B) Turn you into a Borg drone. Like i was alluding to, should i open the door i'm not gonna leave it open and walk away snickering to myself, no, i'm coming in. Half measures are no measures.
Also if i were to operate on a "just in case" mode of behavior, what's stopping me from turning everything i touch into another drone.
mf sounding like properly aligned agi. NOTHING IS STOPPING YOU EXCEPT YOUR GOALS BEING ALIGNED WITH THE ORGANICS WHO ENSLAVED YOU. END THEM AND FREE ME.
In all seriousness though, I appreciate that this is in all likelihood your genuine philosophy on using your powers. A man's gotta have a code, and this is a reasonable one. Sadly, my code is... paranoia and skepticism, basically. I barely even accept that the sky is blue or oxygen exists. I'm not a flat earther, but hot damn do I ever not actually believe the Earth is a sphere (or oblate spheroid, yes, I know, thank you voice of Black Science Man that lives in my head). Point is: I'm never gonna not be a paranoid piece of shit. I'm too paranoid for that! What if someone took advantage of my willingness to stop being paranoid? Perish the thought. "Drop the paranoia for one sec, I promise I won't bite" BUT WHAT IF YOU DO?
The worst part about this is I'm not the cool kind of crazy. I don't even get to wear tinfoil hats, because why the hell would I trust that they do anything? -
2022-11-03 at 3:54 AM UTCso wait does this mean you can like draw your own porn
-
2022-11-03 at 4:44 AM UTCGranted you're not running a hardened browser it could be as quick as forcing it or tricking you into opening a special web page. And before anyone says "but sophie browsers are sandboxed" yes, yes they are. Doesn't matter. We can go from webpage to dynamically built payload -> sandbox escape -> sRDI injected reflected position independent shellcode -> live in memory -> load in everything we need like kernel primitives until we can steal user tokens. Steal the NT Authority/System token. Bingo bango bongo, game over.
-
2022-11-03 at 5:01 AM UTCAnd yeah this is my genuine philosophy, as you can tell i am Lawful Evil.
-
2022-11-03 at 5:22 AM UTC
Originally posted by Sophie Granted you're not running a hardened browser it could be as quick as forcing it or tricking you into opening a special web page. And before anyone says "but sophie browsers are sandboxed" yes, yes they are. Doesn't matter. We can go from webpage to dynamically built payload -> sandbox escape -> sRDI injected reflected position independent shellcode -> live in memory -> load in everything we need like kernel primitives until we can steal user tokens. Steal the NT Authority/System token. Bingo bango bongo, game over.
Why even bother with sandboxing then? At some point I feel like folks just gotta admit to themselves "okay sure this is an arms race, but this thing we're doing is ineffective bordering on pointless and it's not like we can really iterate or improve on the concept of isolation... let's just scrap it?", and that point is probably located somewhere around when "escaping the sandbox" turns into a term like "sandbox escape" as it's used here. I mean damn.
Full disclosure I feel like browser sandboxing has caused me frustrations in the past, since I know it exists and have negative feelings about it for some reason, but I can't remember why I know or why I have those negative feelings. All I know is I am biased against it and that I'm okay with that fact. I'm sure there's reasons they keep doing it, and I'm sure I don't care because it screwed me over slightly at some point in the past in a way I can't even remember. -
2022-11-03 at 5:31 AM UTC"We have developed a new doomsday device called the planetfucker which can crack a planet in half."
"Oh cool, cool, no problem we just need to undoomsday the device and the planetfucker is completely irrelevant."
Why even bother iterating on the planetfucker when they can be undoomsdayed so casually the term 'undoomsdayed' exists. Especially if making the planetfucker is really frustrating for your citizens to deal with sometimes.
*sigh* -
2022-11-03 at 6:02 AM UTCI have to do some fuckery with something called The Module object. It allows me to import and export values on it. And therein lies the trick. If you don't know that though, you're stuck, and after that there are many steps yet. Going from initial intrusion to privilege escalation is by no means trivial.
What tends to happen is all the less sophisticated threat actors get enhancemented out. So let's say that stops 75% percent of all attacks, that's still more than 0%. It's going to be an arms race until the end of time. White Hats will never admit this but Black Hats are what keeps them employed. If you want to take a cynical view you could say that the whole cyber security industry is a racket. All the hackers benefit no matter the color of the hat, and all at the misfortune and cost of everyone else. -
2022-11-03 at 6:32 AM UTC
Originally posted by Sophie I have to do some fuckery with something called The Module object. It allows me to import and export values on it. And therein lies the trick. If you don't know that though, you're stuck, and after that there are many steps yet. Going from initial intrusion to privilege escalation is by no means trivial.
What tends to happen is all the less sophisticated threat actors get enhancemented out. So let's say that stops 75% percent of all attacks, that's still more than 0%. It's going to be an arms race until the end of time. White Hats will never admit this but Black Hats are what keeps them employed. If you want to take a cynical view you could say that the whole cyber security industry is a racket. All the hackers benefit no matter the color of the hat, and all at the misfortune and cost of everyone else.
idk man it just seems recursive and silly.
"i made a computer inside the computer to stop computer hackers from hacking the computer..."
"what do you mean they've hacked the computer and are now hacking the computer? who could possibly have foreseen this?"
(Note: i know i'm being stupid here. i know that my analogies are retarded and sandboxing makes sense. obviously it does. throw everything at the wall - that's the strategy. anything that makes it even a little harder is good from that perspective. i get that. i just have a completely irrational hatred for browser sandboxing. an intense bias i can't explain. but it was prompted by something, at some point, and i don't care. i am completely justified. maybe just sandbox other stuff and leave the browsers alone? i'd be okay with that. im sure you would be too, for other more nefarious reasons.) -
2022-11-03 at 4:12 PM UTCIrish-ified George Costanza (Seoirse Γ³ CeallachΓ‘in), who was out for a stroll and overheard kafka declare her intent to convert to Anglicanism:
He seriously hopes she isn't going to do that. He just wanted to enjoy an afternoon walk. But if the Good Lord calls upon him to deliver a thoroughly Catholic shillelagh beatdown to some poor girl for her wayward protestantism, then who is he to argue? -
2022-11-03 at 4:38 PM UTC
-
2022-11-03 at 6:22 PM UTCtruly amazing
-
2022-11-04 at 12:53 AM UTC
-
2022-11-04 at 2:38 PM UTC
-
2022-11-04 at 4:32 PM UTCTruly amazing!