ugh.
-
tempted to drive past their HQ with a megaphone "I'VE GOT YOUR MODELS, YOU AI HACKS!"
-
wait. did they seriously stuff videos into their redis database?
-
they sure did! I have a video of someone picking something up from outside a door.
-
okay found their S3 creds. they hardcoded them in a Jenkinsfile.
-
not a good sign to see a bash case statement for environment, and prod sets the server to FOOBAR.EGG
and test sets the server to... FOOBAR.EGG -
Gabriel Pettierreplied to Foone🏳️⚧️ on last edited by
@foone hm, are you *sure* they are bankrupt (i mean, not just technically ), if this was in production as of 2 months ago, maybe they just scaled away from this infra and sent everything to ewaste after migrating.
-
Foone🏳️⚧️replied to Gabriel Pettier on last edited by
@tshirtman yeah. they may have just moved everything to cloud-hosted and didn't need their wall of NUCs
-
anyway I'm gonna be near their HQ on thursday. Maybe I'll stop by and ask if they're still in business, and if they are, do they know where their NUCs are?
-
4censord :neocat_flag_pan:replied to Foone🏳️⚧️ on last edited by
@[email protected] didnt you have bascially that same thing happen just a few weeks/months ago? last time with a raspi like thing?
-
Foone🏳️⚧️replied to 4censord :neocat_flag_pan: on last edited by
@4censord yeah! with a completely different company!
-
and in case anyone is getting deja-vu:
This is a completely different company than the other one I found like 3 weeks ago:
Foone🏳️⚧️ (@[email protected])
good lord. I pulled a microSD card out of a Raspi inside an IoT product and it appears they had some developer use a raspi to develop/test some software, and then they just yanked the SD card out of that machine and duped it on to all of their deployed products. it's got .bash_history of the development process! there's git checkouts of private repos! WHY WOULD YOU DO THIS?
digipres.club (digipres.club)
-
I'm really not the right person to work in computer security research, but it'd be nice to have a sort of consulting job with a local one where I can just point them at some really broken shit and they investigate it and maybe give me a commission
-
because this keeps happening
-
@foone where do you find these devices? eBay? A local recycling center?
-
@SeanOMik local recycling center
-
Why the fuck is this on hacker news? ugh. I'm gonna need to run my own mastodon instance, aren't I?
If you found this on hacker news, you owe me 5$:
Foone🏳️⚧️ (@[email protected])
I'm a few thousand dollars away from being able to pay my bills this month, but the most important thing I need to pay for is my health insurance: I've got meds I can't afford without it and an upcoming CT scan. If you can donate a few dollars or more, that'd really help! Thanks! https://ko-fi.com/fooneturing #mutualaidreqest
digipres.club (digipres.club)
-
Denis Warburtonreplied to Foone🏳️⚧️ on last edited by
@foone oh shit they found us
-
Jason Lefkowitzreplied to Foone🏳️⚧️ on last edited by
@foone Give ‘em the full Mike Ehrmantraut treatment
-
@foone god this thread might fill an entire talk about “things you should not fuck up”
-
@cy I could give a good talk about that