lauantai 28. marraskuuta 2015
keskiviikko 25. marraskuuta 2015
tiistai 24. marraskuuta 2015
What photography blogs/users do you follow/subscribe to?
Hey guys,
I'm always looking for inspiration from other people, and I'm hoping you guys can share some of your best Instagram/tumblr/etc. pages that you think have some great images! What are some of the sites/users you follow?
[link] [16 comments]
maanantai 23. marraskuuta 2015
Dell ships laptops with rogue root CA, exactly like what happened with Lenovo and Superfish
I got a shiny new XPS 15 laptop from Dell, and while attempting to troubleshoot a problem, I discovered that it came pre-loaded with a self-signed root CA by the name of eDellRoot. With it came its private key, marked as non-exportable. However, it is still possible to obtain a raw copy of the private key by using several tools available (I used NCC Group's Jailbreak tool). After briefly discussing this with someone else who had discovered this too, we determined that they are shipping every laptop they distribute with the exact same root certificate and private key, very similar to what Superfish did on Lenovo computers. For those that aren't familiar, this is a major security vulnerability that endangers all recent Dell customers.
Surely Dell had to have seen what kind of bad press Lenovo got when people discovered what Superfish was up to. Yet, they decided to do the same thing but worse. This isn't even a third-party application that placed it there; it's from Dell's very own bloatware. To add insult to injury, it's not even apparent what purpose the certificate serves. At least with Superfish we knew that their rogue root CA was needed to inject ads into your web pages; the reason Dell's is there is unclear.
If you have recently bought a Dell computer and want to see if you are affected by this, go to Start -> type "certmgr.msc" -> (accept on UAC prompt) -> Trusted Root Certification Authorities -> Certificates and check if you have an entry with the name "eDellRoot". If so, congratulations, you've been pwned by Dell, the very company you paid for your computer!
Here is a link to the certificate, private key, and PFX file for the certificate I found on my machine. The password for the PFX file is "dell". (The certificate itself is in the eDellRoot.crt file. Do NOT import the PFX file unless you know what you're doing. I just included it for convenience.) If yours came with the eDellRoot certificate, its thumbprint will probably be:
98:A0:4E:41:63:35:77:90:C4:A7:9E:6D:71:3F:F0:AF:51:FE:69:27
And its serial number:
6b:c5:7b:95:18:93:aa:97:4b:62:4a:c0:88:fc:3b:b6
It's upsetting that Dell would do this despite the backlash Lenovo experienced from its customers and the US Department of Homeland Security, and I really hope they quickly do something to correct this. The more people that know and speak up, the faster it will happen.
[link] [350 comments]
sunnuntai 22. marraskuuta 2015
Happy 20th Birthday GIMP! (x-post /r/GIMP)
Not sure if many are aware of this, but it was 20 years ago today that Peter Mattis announced a beta version of the "General Image Manipulation Program" to Usenet. So happy 20th birthday GIMP!
As a present, I built GIMP a new website. Come check it out!
[link] [87 comments]