Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "social engineering"
My college internet sucks!
It was totally fine upto when they blocked facebook and other social networking sites. 😕
Then they blocked youtube! 🤧 Ok, that was fine too!
But now they've blocked Stack Overflow! WTF!! 😭😭
This is the biggest punishment for any computer engineering student.
And there's no one to complain about it!😡😡 They've also blocked Ubuntu forums and several other helping sites! And they expect us to code without using these helpers. FML49
When i was a around the age of 4 or 5 my dad used to torrent kids movies for us, and had to leave the pc on for nights, then one night i snuck up to it and pressed the keyboard for the first time and was thrilled by the realization that i had a lots of buttons in front of me that had some sort of effect on the screen in front of me.
When i was around 6 i was allowed to use the computer few hours per day before the parental controls shut it down, it didnt take all that long to realize that i could change the system timezone and get few more hours of playtime
One time i accidentally opened command line and wondered what it was, after i googled a bit, i found the command “shutdown /a” , which aborts shutdowns and i made my first commandline script that would loop every 4 seconds and abort shutdown if there was one about to happen ( the parental control had a 5 second warning before the shutdown)
Then one time i asked mom to come and extend the time a little bit because i was sick, but she was also sick (we both had a cold) so she didnt want to get up, so she just told me her password which i promptly wrote to the underside of the table
Thats how got hooked on computers, hacking and social engineering
I had that old pc with me until last year when i had to get rid of it when i moved to my own as i had no room for it2
Let's get something straight people, the trend to change terms in programming languages for PC approved ones is NOT for "making the workplace a better place".
If you are one of those who say "oh it's just terms, if it makes them feel better why not?", "I don't care so should everybody else", "the outrage proves we need to change the terms!".
No sir, first of all, since when has programming been about ditching standards to make people "feeel" better? Since when has engineering been about that?! We are engineers, we don't change shit and waste effort trying to fix things that are working.
Second, this word cleansing does NOT come from a well intentioned one, it's not about making the workplace a better place, it's not about minorities, it's about sanitizing language from an ideological and political standpoint to please an agenda pushing minority who doesn't give a shit about any real social issues.
They have done it to movies, videogames, news, political speech, magazines, books and now programming. It doesn't stop and they will never be satisfied, it's not about changing the terms, no one gives a shit about the terms, it's about pandering to ideological crybabies who want to control what you say because it "offends" them or some supposedly oppressed group from which we just hear anecdotal evidence.
Personally I wouldn't give a shit if it was for technical reasons, but it's not and I've seen what this shit does to communities I love and I won't stand it happening to the dev community just because some weak ass, no balls coders decided to pander to the retards on the far left to score virtue points instead of standing their ground.
Are you worried about oppressed groups? Donate money to third world children, speak out about women in Siria, travel to actual shitty 3rd world countries so you realize changing words on a GitHub repo on your expensive ass MacBook, sipping your soy based coffee on an office with air conditioning is not making the world a better place you delusional prick.
You want to ignore the facts be my guest, be willfully ignorant, but I will not police myself and my ideas for your ideological beliefs, not in gaming, not here. Fuck off.31
So... Some fake accounts on Twitter claimed to be Elon Musk and to give shitloads of Bitcoin to those who sent a little amount first. They stole... Wait for it... 180 grand.
That's basically your everyday 419 scam. Existing since before the internet, done with the names of Gates, Buffet, Bush, Obama...
They say "the big bad evil criminals and the poor little innocent victims" I say natural selection. Sorry, in those lion vs gazelle scenarios I always thought that it was fair, no matter how it went.
Just when did humanity get so brainless? Have we always been, is the internet just a catalyst for stupidity?
Just why the fuck must I be an infosec sheepdog instead of a wolf? Man, I could live the life, drink beer and smoke herb while working... Get up at 12, don't give a shit, no boss, no taxes, no social security payments that I don't see jack shit from, and the pay would be better to.
"Systems open to all, but closed to intruders"
HEY, HP, PACK YOUR WHOLE FAMILY OF TRASH SOFTWARE INTO YOUR TRAILER HOME AND DRIVE IT OFF A CLIFF. WHAT THE __FUCK__ DOES THAT EVEN MEAN YOU LITERAL BLOAT FLIES. HOW ABOUT WE START WITH THE FACT THAT ALL IT TAKES IS ONE DUMB MOTHER FUCKER ANYWHERE IN A COMPANY GIVING AWAY ONE LOGIN IN A SOCIAL ENGINEERING ATTACK TO POP THIS NICE FART FILLED BALLOON YOUR DRUNK SALES AND MARKETING MORON PARADE CAME UP WITH.
STOP FUCKING ADVERTISING ON MR. ROBOT AND LET ME PRETEND IT'S NOT A PRODUCT FOR JUST ONE MOMENT FUCK YOU FUCK YOU FUCK YOU4
Quote from the esafety au website
"Social engineering is not hacking. Hacking involves the use of computer technoliogies to gain unauthorised access to systems. Students sometimes use the term 'hacking' when in fact they have shared their password"5
I absolutely love the dev community but one thing I just can't stand is the snobbery that permeates it. I don't understand why some devs expect non devs to know or understand the intricacies of computer programming or even computers in general when it's really not their job to do so.
"Ahhhhh!! How DARE this non dev PEASANT ask me about hacking Facebook accounts!! Does he NOT understand the basics of DNS spoofing and social engineering!!1!!1! bahh"2
Unnamed hacking game - "terminal" graphics
-Multiplayer. Last man standing.
-Like a tower-defence game but technical
You work for a company that has outsourced their technical department to Bykazistan, a country with good internet and bad laws. On one hand, labor is very cheap! There are no pesky laws protecting workers, so you don't need to pay them what they're worth. Phew. However, there are also no laws against cyber crime. But for a start-up like you, the risk is worth the reward!
...which would be great! If you were the only company with that idea. As it turns out, you aren't. All of your competitors also recently outsourced to Bykazistan, and that could be an issue.
You would be afraid, but you are a hardened businessman. You are familiar with the cut-throat nature of the business world and where others see risk, you see opportunity. Let the games begin.
Your mission is to protect your ciritical assets at all costs, eliminate your opponents, and make ciritical financial decisions - all while maintaining your uptime!
Build a botnet and attack your competition to decrease their uptime and disable their attacks. Port scan your opponents to learn more about their network, but beware of honeypots! Initiate devastating social engineering attacks - and train your employees against them! Brute-force their credentials, and strengthen your own.
Make sure to keep your software patched...6
We can hide messages in images via steganography (or ZIP sewing), we can hide messages in sound via either sound-based transmission (like Morse) or waveform-based transmission (think oscilloscope art videos), we can transmit it in videos in like 300 different fucking combined forms...
Encryption isn't the ONLY way, yo. Social engineering and being a cheeky shithead can get it done too.3
Warning: This is gonna come across as a little cringe/self-pitying, but whatever
Jesus Christ I'm so fucking lonely it literally hurts. I know I should be grateful I have a hobby in coding, also recently I got my first job as a developer (even if I'm overworked and paid shit all with poor job security), but I swear what will eventually kill me will be my own hand cos this empty feeling is unbearable at times.
Also, I'll try to ask this in the most politically correct way possible: how do you single guys in your 20s/30s cope with the lack of females in the industry? I absolutely do not mean this in a "making-unwarranted-advances" sort of way; I just mean that we're biologically wired to desire some form of interaction with the opposite sex (unless you're queer), and this happens naturally in most professions but obviously not engineering/software dev. It's especially difficult when you don't have a big social circle so your job basically becomes your life.
So... For those of you who can relate, what do you do? Do you make an effort to socialize outside work? Or maybe you're lucky enough to work somewhere with a diverse mix of people? Should I blame Zuckerberg for damaging my adolescent brain and turning me into a needy piece of crap?8
1. It's gonna be more and more specialized - to the point where we'll equal or even outdo the medical profession. Even today, you can put 100 techs/devs into a room and not find two doing the same job - that number will rise with the advent of even more new fields, languages and frameworks.
2. As most end users enjoy ignoring all security instructions, software and hardware will be locked down. This will be the disadvantage of developers, makers and hackers equally. The importance of social engineering means the platform development will focus on protecting the users from themselves, locking out legitimate tinkerers in the process.
3. With the EU getting into the backdoor game with eTLS (only 20 years after everyone else realized it's shit), informational security will reach an all-time low as criminals exploit the vulnerabilities that the standard will certainly have.
4. While good old-fashioned police work still applies to the internet, people will accept more and more mass surveillance as the voices of reason will be silenced. Devs will probably hear more and more about implementing these or joining the resistance.
5. We'll see major leaks, both as a consequence of mass-surveillance (done incompetently and thus, insecurely) and as activist retaliation.
6. As the political correctness morons continue invading our communities and projects, productivity will drop. A small group of more assertive devs will form - not pretty or presentable, but they - we - get shit done for the rest.
7. With IT becoming more and more public, pseudo-knowledge, FUD and sales bullshit will take over and, much like we're already seeing it in the financial sector, drown out any attempt of useful education. There will be a new silver-bullet, it will be useless. Like the rest. Stick to brass (as in IDS/IPS, Firewall, AV, Education), less expensive and more effective.
8. With the internet becoming a part of the real life without most people realizing it and/or acting accordingly, security issues will have more financial damages and potentially lethal consequences. We've already seen insulin pumps being hacked remotely and pacemakers' firmware being replaced without proper authentication. This will reach other areas.
9. After marijuana is legalized, dev productivity will either plummet or skyrocket. Or be entirely unaffected. Who cares, I'll roll the next one.
10. There will be new JS frameworks. The world will turn, it will rain.1
Becoming the Consultant or Sys admin who does social engineering pen testing and then making a spreadsheet of all the employees who failed listed by name1
They call it security questions.
I call it social engineering backdoor.
I'm supposed to enter those questions after logging into my account and I'm not able to skip it nor to set a proper two factor method.
Well, fuck you. Did you ever thought about dying by a two factor method? Ever watched a Saw movie? You got the idea.
In the spirit of week93:
If you haven’t read/heard about the attack on HB Gary Federal (a computer security company) in 2011 and you want a good read about a DDOS attack, social engineering, espionage, and the “infiltration of Anonymous” by a very punchable CEO you should check out this article:
And the follow up by Anonymous:
I'm hosting dancers for BluesShout! a dance festival in Chicago. Three of the people I'm hosting are developers (two girls, one guy). There are a lot of engineering types that dance. If you haven't done any social dancing, you should really give it a shot. Find a Lindy/Swing, Blues or Contra group and take a class. You might love it. 💃💜3
So, we're apparently going to build a sort of social media(with competitions) for our software engineering project. I thought of a productivity app that would follow the GTD methodology (with my own additions), but my team mates thought my idea wasn't big enough for a team of 10. One claimed that he would do it all by himself in a week/month(Don't know what he said). Oh, well. Anyways, I'm going to build that software as a side project with a friend or two. I hope that goes well..
PS. We need a team name. Any suggestions?
I thought of Team Sudo lol.. No one liked it..1
Serverless and death of Programming?!
I hate serverless at work, love it at home, what's your advice?
- Is this the way things be from now on, suck it up.
- This will mature soon and Code will be king again.
- Look for legacy code work on big Java monolith or something.
- Do front-end which is not yet ruined.
- Start my own stuff.
Once one mechanic told me "I become mechanic to escape electrical engineering, but with modern cars...". I'm having similar feelings about programming now.
All of the sudden everyone is doing Serverless, so I looked into it too, accidentally joined the company that does enterprise scale Serverless mostly.
First of all, I like serverless (AWS Lambda in specific) and what it enables - it makes 100% sense and 100% business sense for 80% of time.
So all is great? Not so much... I love it as independent developer, as it enables me to quickly launch products I would have been hesitant due to effort required before. However I hate it in my work - to be continued bellow...
_I'm fake engineer_
I love programming! I love writing code. I'm not really an engineer in the sense that I don't like hustle with tools and spending days fixing obscure environment issues, I rather strive for clean environment where there's nothing between me and code. Of course world is not perfect and I had to tolerate some amounts of hustle like Java and it's application servers, JVM issues, tools, environments... JS tools (although pain is not even close to Java), then it was Docker-ization abuse everywhere, but along the way it was more or less programming at the center. Code was the king, devOps and business skills become very important to developers but still second to code. Distinction here is not that I can't or don't do engineering, its that it requires effort, while coding is just natural thing that I can do with zero motivation.
_Programming is Dead?!_
Why I hate Serverless at work? Because it's a mess - I had a glimpse of this mess with microservices, but this is way worse...
On business/social level:
- First of all developers will be operations now and it's uphill battle to push for separation on business level and also infrastructure specifics are harder to isolate. I liked previous dev-devops collaboration before - everyone doing the thing that are better at.
- Devs now have to be good at code, devOps and business in many organisations.
- Shift of power balance - Code is no longer the king among developers and I'm seeing it now. Code quality drops, junior devs have too hard of the time to learn proper coding practices while AWS/Terraform/... is the main productivity factors. E.g. same code guru on code reviews in old days - respectable performer and source of Truth, now - rambling looser who couldn't get his lambda configured properly.
On not enjoying work:
- Lets start with fact - Code, Terraform, AWS, Business mess - you have to deal with all of it and with close to equal % amount of time now, I want to code mostly, at least 50% of time.
- Everything is in the air ("cloud computing" after all) - gone are the days of starting application and seeing results. Everything holds on assumptions that will only be tested in actual environment. Zero feedback loop - I assume I get this request/SQS message/..., I assume I have configured all the things correctly in sea of Terraform configs and modules from other repos - SQS queues, environment variables... I assume I taken in consideration tens of different terraform configurations of other lambdas/things that might be affected...
It's a such a pleasure now, after the work to open my code editor and work on my personal React.js app...2
Got a scammer on my hook. Ideas welcome to fuck him/her over.
He/she confused me with someone else and messaged me acting as a support person of an exchange. I acted along and s/he is insisting on sharing account details.
Played along like a dumb internet noob and I think I got him to share his fake email id.
Now I'm thinking of ways to extract more details about him via email.
From top of my mind, these are some ideas I have:
- get his IP address
- zip bomb or something like that? But g mail is probably gonna detect that.
Ideally, If I could social engineer him to give his phone number, I could easily report him to police and find his identity.
Have you busted some scammers? Would appreciate some tips.6
If I wanted to become a hacker here is what I would do to cover my steps: 1.) Buying a used Laptop with cash, and picking it up in person.
2.) Using random coffee shops to work by dice roll. Obviously at least a d20 and at least 20 coffee shops.
3.) Installing Linux, probably Manjaro. (Not Kali because I've heard that is watched)
What are your thoughts?31
This is story and not a rant about my journey in programming. I've left out some details ofc, some of which I couldn't remember and some I got too lazy to add. They're not that important so I omitted them. There may be a lot of errors but it's almost 3 am and I cba. I'm tried but yeah, just decided to share something because it's been a while. I would also like to hear you guys' journey as well. Maybe they might inspire someone, who knows 🤷🏿♂️.
I had a thirst of learning more about computers and how they worked when I was around 13. I started looking into web development because I was really curious how websites worked. I started using cms's like web.com, enjij.com and any other cms I could find back in 2011 to build websites just to get a basic knowledge. A year later I picked up programming because I wanted to start making them by myself from scratch. I did some research and found websites that teach you how to start. I used codecademy and YouTube to teach myself the basics of web programming. It was fine for a while until I got bored and wanted more. I found out about php and it's capabilities. so I learned that using the same methods. I built sites for my Minecraft server, a small e-company I wanted to start and social media sites just for fun. I struggled with bugs and issues of course but that made it fun. The late nights trying to fix them or the late nights where I burst with ideas and was just coding. it was bliss. I wanted to expand my knowledge and tried learning Python but I felt overwhelmed back then and took a break. The years go by, I still made websites using php, js, html and css. I improved my skill with them. Now using OOP, writing sleeker and better code and my web designs improved massively as well as my MySQL abilities. It was time for me to graduate and I wanted to go into computer science but because of how much time spent programming, I fell back on my classes and just barely managed (albeit it wasn't the only reason, I slacked and didn't care because I felt hs was too easy for me at first). I instead went on to do a game design course in Toronto Film School and that's where I learned c# for unity and a little bit of c++ (this shit is so hard bro, I couldn't keep up and I've forgotten most of it). Fast forward, I graduate with decent grades and can now make some pretty nice games. I took a year off after that to look for jobs but as you know, you need experience and it's not easy to get those. I tried making an android app and got stuck with a very simple but that took 4 months to fix and then I burned out. I also lost my programming motivation partly because I felt like I wasn't making anything unique and meaningful. I felt empty so I quit for a while. All my plans fail and I decide to go back to school to upgrade the marks I needed and either do comp sci, mechanical engineering or stem. I forgot to mention btw that my goals shifted from just programming to being an inventor. Anyways, I boosted my grades and I did superbly so I can go into anything I want now. Currently just waiting for my acceptance letter while learning Python again along with react, SharePoint and a few other things to boost my skills and knowledge. I'm slowly getting my mojo back and it's really fun. But yeah that's my journey 😁1
How should you approach someone and tell them they have been an victim of social engineering without being mean?
I was at an security conference today and watched a lot of speaks, and I must say that the atmosphere and the people around made it even better.
Here is one takeaway:
Does the security of IT has to be this depressing most of the time, like there is so many IoT devices, services, websites and critical infrastructure that has security flaws and all we can do is watch for now and say we are all fucked. Then try to lead the industry to better practices, like owasp (duck it) . Stop accepting and using shitty answers from SO that has security flaws (why learn something a way that is wrong in the first place?).
We need more awareness about IT security overall, how can one developer know that certain technologies can have certain vulnerabilities such as XSS, XSRF and even SQL injection if there is no information about it in among all shitton tutorials, guides and SO answers in the first place?
Lighten up! Being sad and depressing about these issues is not the best way to approach this! We need to embrace all steps taken towards better security, even the smallest ones.
Check out OWASP if you are not familiar :
Thanks for reading.
Recruiters that call you "to have a chat".
I find this more offensive than the ones that call you frantically wanting to talk to you because you popped up on a keyword search that matches one word in your profile.
Why do they do this? I quite often think it's some form of social engineering and am immediately on the offensive because they have called with no clear intent.
Awesome feature by devRant...
You can't post your password in rants or comments... See:
My password is ***********
Try now! When you post you can see the password, but others will only see '*'.
-If you fell for this, u r a noob.17
It's pussy-assed mass hysteria at its best. Social media and the overall deprecation of quality life for the human race is what's caused this. Fear takes its toll in many ways, and this is an incredibly forceful way of engineering a "Big Brother" effect on the World to increase the sale of products and pharmaceuticals based on predictive statistics that nailed down our habits and decision making process as a whole.
Sad shit, since history proves that this will eventually lead to a World War and we're way too far lost in opinion to comprehend the true consequences that will follow.
Having said that, it ain't gonna happen for a while, but this is the igintion that will cause Stephen Hawking's theory where we went from having 1000 years left on Earth ecologically to what is now approximately 100 years left socialogically.
But, at least you get to "work remotely" while jacking off to Facebook all day.
Looking at @striker28 's rant made me think of my time I did my MSc and I think it needs it's own separate rant so here it goes:
So I did an MSc at one of the big league unis in London. First clue was during week 1 where in one of the class a mature student asked whether there would be actual coding during the course. There was an audible gasp from everyone else! Once the lecturer said the unfortunatly they wouldn't be you could hear the sigh of relief from the students...
Next up was all the lectures being placed in the freakin' basement of the university in crap, smelly rooms with annoying ticking A/Cs whereas all the social siences, business and other subjects had lecture halls and classrooms above ground. The contempt for CS from the university's direction was palpable.
Then there was the relegation to the theory-only (i.e. abstract with pen/paper) "tutorial" to the hand of T/As with bugger-all teaching experience. In short most were terrible and should've found a way to abscond themselved from this obligation which was part of the terms of their phd grants unfortunatly.
Further into the course there was the "group project". Oh boy! Out of the 5 in the group my now mature student friend and I were the only one commiting to the repo. There was either no code and a lot of bullshit from the others or crap code that didn't even compile despite their assurances it was all good.. Someone clearly never actually coded and pressed "run" in their lives which is fucking surprising since they've managed to graduate with a BSc and get into a MSc somehow. None of the code "made" by the other 3 persons made it into the master branch for release.
The attitude was that of "We (hahahah) wrote loads of code. We'll get a great mark!". At that stage the core wasn't even complete and the software didn't work yet.
Some of the courses where teaching things already 10 years out of date and when lecturer where pressed on that the few mature students that happen to be there the answer was always "yes, we are planning to update it for next year". Complete bullshit. Didn't help that some of the code on the lecture slides was not even correct! I mean these guy are touted as "experts" in their field...
None of the teory during the entire year was linked to any coding. Everything was abstract with no ties to applied software engineering. I.e. nothing like the real world.
The worst is that none of the youger students realised they were being screwed over and getting very little value for their money. Perhaps one reason why these evaluation forms have such high scores given on them. If you haven't had a job and haven't lived outside academia yet there is nothing to compare it to. It tends to also fall into confirmation bias (hey it's a top UK university, it must be worth it afterall! Look how much they ask for).
By the end of the year I couldn't wait to get the hell out. One of the other mature student sumed it quite well: "I will never send my children here."
Keep in mind that the guy had just over a decade of software engineering experience in the industry and was doing this for fun.
In the end universities are not teaching institutions. The lecturers's primary job is research and their priorities match that. Lectures tend to be the most time efficient teaching format for the ones giving them but, on their own, are not for the consumer.
To those contemplating university for CS: Do the BSc. Get your algo/datastructure chops and learn the basic theory. It is interesting. Don't get discouraged by the subject just because it is taught badly.
Avoid the MSc unless you want to do a phd and go for an academic carrer. You are better off using that year and the money to learn more on your own and get into colaborative projects (open source) on top of some personal ones. Build up your portfolio. It will be cheaper and more interesting!2
So, got call from fake windows tech support (India) just minutes after syncing my github Gmail to Windows 10 mail app. Trolled along while recording the audio, until he told me which command he wanted me to run. The I hung up and did a security scan.
Figured I'd learn something instead of just hanging up right away 😎3
Going to do our first social engineering pen test. We're setting up a general plan and we'll call for a meeting with a company next week. Any tips?5