• @Lord_ToRA
    link
    English
    87
    edit-2
    10 months ago

    deleted by creator

    • Ephera
      link
      fedilink
      English
      3210 months ago

      When I got asked that once, I told them they should bring me their laptop. 10 minutes tops and I’ll have access to their files. They really didn’t know, if I was bluffing or not.

      (I wasn’t. The average laptop is genuinely that badly secured.)

      • @[email protected]
        link
        fedilink
        1710 months ago

        Almost every personal computer that isn’t a MacBook is poorly secured due to the lack of filesystem encryption as a default. No one encrypts their data at rest, and as such you just have to pull their drive and read it with another computer. Hell, I don’t encrypt my entire file system despite being aware of this because of the inconvenience of added boot time, but everything that matters is encrypted and backed up across multiple devices.

        The best thing anyone can do is keep the amount of critical, digital data they have to a minimum, keep that data encrypted and backed up, and use a password manager properly. That alone makes it exceedingly unlikely you will ever be a victim of cybercrime solely because you’re more of a pain in the ass to compromise than 99.9% of the world.

        I personally have almost 10TB of data between all my systems, but of that maybe 10 MB is actually valuable to anyone but me.

        • bitwolf
          link
          fedilink
          910 months ago

          Windows encrypts by default now. I don’t know if any Linux distros do by default but it was certainly option for me to enable it at install time.

        • @[email protected]
          link
          fedilink
          510 months ago

          Pretty sure bitlocker is enabled by default since Windows 11 rolled, to my understanding it’s part of the reason they now require Microsoft accounts for device on boarding.

      • @cm0002
        link
        710 months ago

        Lol Windows user password is the digital equivalent of a pad lock, it only keeps honest people honest lmfaoo

        • @LifeInMultipleChoice
          link
          4
          edit-2
          10 months ago

          Local accounts, yes. How are you bypassing Microsoft accounts with 2 factor authentication enabled? Unix and Mac passwords were the same for local accounts before.

          Easiest way right now would be to acquire a username password to get into their phone provider, say Verizon. Then log into their Verizon account and move their phone number to a new phone. (this will only require knowledge of their security questions, also a phone not purchased by a card or registered to you if you don’t want it traceable)

          Once done then you can reset the password using the unknown password to their Microsoft account using the 2 factor that sends to their phone number…maybe.

          Especially on windows 11 we don’t stand much of a chance getting passed.

          Likely easier to pick up the password book they wrote all of their passwords down in and accessing them. (Performed by most people over 50 I know)

          Edit: also, you will find their Facebook password written there haha

          • @cm0002
            link
            210 months ago

            Assuming bitlocker isn’t enabled (Which it probably isn’t since it’s still not default yet AFAIK) boot Linux live USB > access files under user folder on disk

            • @LifeInMultipleChoice
              link
              3
              edit-2
              10 months ago

              Bitlocker is enabled by default, requiring tpm. Which internal tpm is used by most all devices. Also you won’t get into any commercial devices as the bios will be locked by password, so booting by USB will not happen.

              Source: Microsoft, “On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com) or your work or school account.”

              Alt source: I have spent years working for DOD and other IT positions

              • @cm0002
                link
                110 months ago

                Oh that’s probably why I never ran into it, I only do local accounts because fuck Microsoft online accounts lmao

                • @LifeInMultipleChoice
                  link
                  2
                  edit-2
                  10 months ago

                  Yeah, I don’t use Microsoft online accounts, but “work or school accounts” come up in many jobs because Windows is still used by many companies. I want to get certified or such for Googles BS (edit: bullshit not fancy terms) just because so many companies hire for transitions from Microsoft to Google or vise versa. It shouldn’t be a hard transfer… But I don’t have the time or money at the moment, so the $1000 for the course for certs sounds like a pain… But the $70-75 an hour for remotely transferring their systems and supporting it sounds like it is worth it. If you know anyone with background on the Google side of it please let me know if the certification is a waste of time.

      • @rdyoung
        link
        210 months ago

        Do you know the wonder that is konboot? It works on every version of windows with old school offline accounts, it even works/worked on Linux and it leaves no trace.

        • Ephera
          link
          fedilink
          English
          810 months ago

          I had not heard of it before. I would have just booted a Linux Live USB. So long as there’s no disk encryption, you can just access the hard drive in the laptop like any other data disk.

          Or in other words, I’m actually not even trained/informed about hacking. I just accidentally acquired this knowledge by installing Linux at some point. 🙃

          • @rdyoung
            link
            110 months ago

            You can do the same with the windows install/repair or any other bootable os. I kept konboot around for when I was working on someones pc and they forgot to tell me the password or they forgot it.

      • @[email protected]
        link
        fedilink
        110 months ago

        There’s literally an open source tool suite you can flash on a thumb drive, stick it in a sleeping notebook and get access to it. Sadly don’t find it anymore.

        • @LifeInMultipleChoice
          link
          310 months ago

          Only for local accounts which Windows pushed people away from for security risks. And then near mandated the standard user can’t figure out how to create this security flaw

      • @aksdb
        link
        2710 months ago

        In the U.S. it already counts as hacking when you scrape data… so yeah, sure.

        • whoareu
          link
          fedilink
          1010 months ago

          YOu mean I have been hacking instagram for a year O.o

      • @Lord_ToRA
        link
        English
        7
        edit-2
        10 months ago

        deleted by creator

    • @cm0002
      link
      710 months ago

      The GHackerz, no one would suspect a bunch of old granny’s running an elite top tier hacking group lmao

  • @indepndnt
    link
    3810 months ago

    I can hack Facebook.

    hits F12

    Look, I just broke into their CODE!

  • AwkwardLookMonkeyPuppet
    link
    English
    34
    edit-2
    10 months ago

    Most of us older computer nerds and coders certainly tried to hack Facebook back in the 00’s. To answer Grandma’s question, no, we cannot.

    • @cbarrick
      link
      English
      4710 months ago

      Back in undergrad, before Facebook went HTTPS only, I would setup “free wifi” and steal people’s cookies for shits and giggles. Use the cookies to authenticate with FB and send random messages to people.

      Looking back, I probably shouldn’t have been doing that. Definitely illegal.

      • AwkwardLookMonkeyPuppet
        link
        English
        1810 months ago

        They were just barely starting to get serious about legislating cyber security, so you were only maybe breaking some laws. I remember in the 90’s it was a lawless land. There were no laws against hacking, or at least none that anyone understood, and most sites had terrible security. I gained access to someone’s Hotmail once just by trying “anon/anon” as a user/pass combo. I also used to gain access to e-commerce customer databases just by googling certain SQL strings. I’d poke around and then send the webmaster an email letting them know their site was vulnerable.

        • @[email protected]
          link
          fedilink
          1210 months ago

          There isn’t a law against hacking but I am sure there are other applicable laws when you do harm while hacking.

          • @[email protected]
            link
            fedilink
            910 months ago

            There is, it’s called CFAA and is absurdly broad. Pretty much any time you

            knowingly accessed a computer without authorization

            it’s technically illegal.

            • kase
              link
              510 months ago

              So you’re telling me every time I stole my sister’s phone and took goofy selfies with it?? Straight to jail???

              • @[email protected]
                link
                fedilink
                6
                edit-2
                10 months ago

                Seems that way yeah. Naturally this sort of law is selectively enforced to nab whoever they have a problem with though so probably your sister doesn’t have the clout to bring you to justice.

                • kase
                  link
                  110 months ago

                  That’s a really good point

                • kase
                  link
                  210 months ago

                  (⁠ ⁠⚈̥̥̥̥̥́⁠⌢⁠⚈̥̥̥̥̥̀⁠)

        • @Hasherm0n
          link
          810 months ago

          Firesheep!

          That plugin and others that came after, was one of the things that finally got websites to start using https on everything, not just the log in page.

      • @[email protected]
        link
        fedilink
        310 months ago

        Looking back, I probably shouldn’t have been doing that. Definitely illegal.

        You know that stuff you post on lemmy is probably on databases everywhere for like, forever, right?

        • @gaael
          link
          410 months ago

          Who’s gonna press charges for the “hey mom, today I ate my poo” message they sent 10 years ago ?

        • @cbarrick
          link
          English
          210 months ago

          No one is going to press charges about me fucking around with their FB accounts 10 years ago.

  • @UnculturedSwine
    link
    3410 months ago

    Had a random guy that I spoke to at a bar ask me if I could hack a university to forge a degree for him when I told him I work in IT. Even if I could do something like that, it seems like a really risky and unethical thing to do for some rando at a bar.

    • @datelmd5sum
      link
      1510 months ago

      I once had the knowledge how you could hack a government system to get free fishing licenses. Seemed like a high risk / low reward type of deal though.

    • Captain Aggravated
      link
      fedilink
      English
      1110 months ago

      I could probably do that in LibreOffice. Like, how hard is it to print out a thing that says “BACHELOR’S OF SCIENCE” in that stupid old school font.

    • @GoosLife
      link
      610 months ago

      So he was asking in earnest? Lol

    • @robocall
      link
      English
      210 months ago

      …but could you?

    • @[email protected]
      link
      fedilink
      210 months ago

      That’s when you say yes, edit the page source in browser, show him it says he has a degree, get paid, and disappear.

  • LazaroFilm
    link
    English
    2710 months ago

    So you know how to crochet? Can you make me a bulletproof vest?

    • @LemmyKnowsBest
      link
      410 months ago

      okay but the amount of yarn that would require will make your vest impossibly huge & heavy to wear or walk around in.

    • @[email protected]
      link
      fedilink
      English
      2310 months ago

      I got this from a service technician once. He was like, “So you know code? Say I had my wife’s phone, but not the password. How could I get into her Facebook Messenger??”

      And I was like, “… So can you fix my drain line, or no?”

    • SSTF
      link
      1210 months ago

      I just get teased by my computer guy because I still use WinZip. Apparently that’s now considered “retro”. Ow my dignity.

      • @wolfpack86
        link
        310 months ago

        What’s the cool zip utility?

        • SSTF
          link
          17
          edit-2
          10 months ago

          Apparently 7-Zip. I’ve never felt bother enough by WinZip to stay en vogue with the times I guess.

          • @[email protected]
            link
            fedilink
            2010 months ago

            7-Zip is open source while WinZip is not. Also, 7-Zip’s native format, .7z, is superior to Zip.

          • @SeabassDan
            link
            710 months ago

            Man, I’m over here still using my paid version of WinRAR like a boomer, and it seems to work just fine.

            • @wolfpack86
              link
              210 months ago

              I was wondering where this left WinRAR. I never felt like WinZip was ever cool.

  • @UsernameIsTooLon
    link
    810 months ago

    “I’ve tried, you can’t” to just end the conversation.