oooh, the redbox uses full AES encryption!
-
oooh, the redbox uses full AES encryption!
and they always use the same key which is embedded in the executable right next to the encrypt() and decrypt() functions. well done, guys
-
correction: they hardcode two separate keys in the two separate places (that I've found so far) which use AES.
-
this code is enterprise as hell
you need the url for the base client? well you use Redbox.Rental.Services.KioskClientService.KioskClientServiceBaseUrl which is a property that'll ask the ServiceLocator to find an instance of IConfiguration to get the KioskClientServiceBaseUrl object out of it
-
@foone Java was a mistake
-
@cinebox it's not java!
it's C#
-
they wrote their code as a fuckton of C# services that are always HTTP POSTing at each other
-
@foone real question : if your code contain a function that use AES to encrypt data, where do you put the key ? because the AES function will need the key as input, so you need to have it stored in your source code somewhere ? right ?
-
HTTP is, as always, the poor man's IPC
-
@Fangh you shouldn't put it in the source at all! it should be stored elsewhere, and loaded at runtime. or it shouldn't be loaded at all, and is stored inside a TPM or similar
-
@foone look for CORBA
-
@foone cowards.
SMTP is the superior choice.
-
@petrillic @foone WSDL is just round the corner!
-
@piofthings @petrillic oh god I used to do WSDL stuff when I was doing soap for the US government all in java.
it was so fucking enterprise
-
Foone🏳️⚧️replied to Foone🏳️⚧️ last edited by [email protected]
they logged the first six digits and last 4 digits of every credit card transaction.
HAVE YOU EVEN HEARD OF PCI?
Edit: this is technically allowed by PCI.
-
1234 56## #### 7890
can I buy a vowel?
-
I'm trying to tar up a redbox install and upload it, but each time the tar gets past 50% we find another file with PII in it
-
@foone wait is this redbox as in those movie rental kiosks
-
@lyncia as in those former movie kiosks, yes.
-
You're telling me!
-
Medea Vanamonde🏳️⚧️ ♀replied to Foone🏳️⚧️ last edited by
@foone you got one?
