golguin's forum posts

#1 Posted by golguin (4286 posts) -

Parasyte episode 21. It finally happened. Shinichi went balls deep.

#2 Posted by golguin (4286 posts) -

I don't know about TT, but I'm hitting that Chocobo Racing pretty hard.

#3 Posted by golguin (4286 posts) -

I've been watching the Best Friends playthrough for this game and I've seen dialogue comments come up a lot. I'm no high school expert (graduated in 2004), but I assumed that all the hipster centric dialogue was accurate and teens really do talk like that.

Why would people have issues with the writing/dialogue (voice acting was a bit shaky) if its trying to be authentic?

#4 Posted by golguin (4286 posts) -

So Parasyte has gone into beast mode with the hype levels of the show, amazing pacing, shocking action, and the continued cliff hangers.

The shit is about to hit the fan in Aldnoah with everyone seemingly about to make a move. It's very possible that everyone is going to come out losing in the end.

JoJo is amazingly funny this season.

Log Horizon is good and I'm surprised how their world keeps me wanting to know more.

More to report later!

#5 Posted by golguin (4286 posts) -

@sylar112 said:

Hi Duders .

so the only Anime I have seen is Berserk , The series not the newer movies,

I kind of liked the gritty and gruesome nature of it . would there be any more you could recommend

Madoka, Parasyste, Psycho Pass, and Fate/Zero.

#6 Posted by golguin (4286 posts) -

JoJo was fantastic this week. I was literally laughing harder than I've laughed in quite a long time thanks to all the Avdol and Joseph shenanigans.

Aldnoah is still good. It looks like everyone is going to have their own princess as we move into the final conflict.

#7 Edited by golguin (4286 posts) -

@matatat said:

@splodge said:

@golguin said:

@splodge said:

@matatat said:

It's kinda absurd how easy it is to hijack someones information through some simple social engineering. My first year of college I got ahold of the email accounts and bank accounts of a couple people I knew in high school just to show them how easy it is to do. Took a few Google searches and a couple hours to just put some pieces together.

Alternatively at a Computer Security club I went to a couple meetings for in college we did some experiments with how much information we could find on someone and we used the president and vice president of the club as guinea pigs. We started with one simple piece of info about them (maybe a phone number) and would see how much we could get in 20 mins. For the sake of brevity they would tell is if something was right or wrong but we found a disturbing amount of info about them. Couple that together with something dumb like a "security question" for an old email or something and you suddenly have access.

Spent a summer in college learning how to use package sniffers and some basic trojan viruses. It is fucking INCREDIBLE how easy it is to get into peoples private accounts. Emails, facebook, everything. All wide open. And then, failing all that, you can use social engineering to get the info you want.

I think the vast majority of people have very little idea how unsafe their networks are, and how easy it is to obtain information from them.

I've always wondered how social engineering worked when you'd have to be pretty slow to divulge private information that can't be found online.

As an example how would anyone ever find the name of my first crush if I used that as part of my password without directly asking me?

I would just directly ask you or one of your friends (I know you stipulate without doing that). Hence the social aspect. Otherwise it is not really social engineering.

EG messaging a friend of yours on facebook and posing as an old friend trying to get in touch with you. I could use your friend's facebook info to spark up a conversation about the old days, then mention that girl you used to like but what was her name again? god I just cant remember.

There are many, many ways.

EDIT - Also, by duplicating your facebook session I can chat to anyone on your facebook as YOU. It gets pretty easy to get information about you when I am posing as you.

This is a potential way, another way to start whittling things down would be to go through your Facebook or Myspace (if you had one) and gather all the girls from that list. Chances are that you may have been friends with your crush. Or find out where you went to school and compile a list of people that were in your grade (as well as above or below) and brute force attempt to match something like this. A decent amount of websites will stop you from entering passwords constantly, but if it was your secret question on some website then I could just programmatically attempt all the possibilities.

On one of the people I did this on I got lucky pretty quickly. I found an old forum he used to go to and if I remember correctly I answered his secret question and it told me his password. It didn't work on his current email, but it did work on his old hotmail account, which was also the "recovery" account for his current email. So I had them reset the password and send it to the recovery email. Logged in to his new email, and found an email where it was his bank account number. Then I just figured out the secret question on there and reset his password.

The process for this one was pretty simple, but it just goes to show you how some stuff you did when you were in early high school or jr high that you had forgotten can come back to haunt you.

I've only ever had 1 email address. All other email addresses were made forcefully or for one reason or another (a thing required my email so I'd make a fake one). Since everything is connected to that 1 email address it naturally has the most powerful password of all my passwords. Believe me when I tell you that I've thought about identity fraud since I first got online in high school. It's the reason why I don't have a social media presence.

Facebook, myspace, or any online thing wouldn't have existed or my first crush. You'd have better luck inputting random female names than going through a yearbook that didn't exist for my elementary school and a girl that didn't even go to my school.

I imagine this kind of stuff is easier today for people that put their lives online, but if you were born in the 80s and didn't really give a shit for social media until you were forced into it I don't see how it's possible aside from hacking into my computer and obtaining passwords that way. Someone can also break into my house and grab the piece of paper that lists every password I've ever had. Yes, I've written down every username and password I've ever had. Even the ones for online poker when I used to play taxes holdem online.

#8 Posted by golguin (4286 posts) -

@splodge said:

@golguin:

Heh think I found it, wont link it but do you have a cat on the banner in the back? And did you / do you work at target?

It has where you studied, your place of work, and your home town. Cross reference that stuff with your friends list then find people who work with you / went to school with you and work on them.

Privacy is a thing of the past now :/

Edit: Also, I could see all your friends on FB so I don't think you did it right ;)

You'd have to go through several more Giovanni Olguin's before you realize that I can't be found on facebook through google. Trust me. I've tried and I can't find me even when I throw in some super special keywords. The other Giovanni Olguin's are very prolific on social media so you'll just get them.

Stuff like my address, phone, and other contact info is easily searchable because I made it so due to my job. None of that can lead to my passwords though, which have no connection to stuff that's searchable. My passwords also can't lead to other passwords since all important passwords are unique.


#9 Posted by golguin (4286 posts) -

@splodge said:

@golguin said:

@splodge said:

@matatat said:

It's kinda absurd how easy it is to hijack someones information through some simple social engineering. My first year of college I got ahold of the email accounts and bank accounts of a couple people I knew in high school just to show them how easy it is to do. Took a few Google searches and a couple hours to just put some pieces together.

Alternatively at a Computer Security club I went to a couple meetings for in college we did some experiments with how much information we could find on someone and we used the president and vice president of the club as guinea pigs. We started with one simple piece of info about them (maybe a phone number) and would see how much we could get in 20 mins. For the sake of brevity they would tell is if something was right or wrong but we found a disturbing amount of info about them. Couple that together with something dumb like a "security question" for an old email or something and you suddenly have access.

Spent a summer in college learning how to use package sniffers and some basic trojan viruses. It is fucking INCREDIBLE how easy it is to get into peoples private accounts. Emails, facebook, everything. All wide open. And then, failing all that, you can use social engineering to get the info you want.

I think the vast majority of people have very little idea how unsafe their networks are, and how easy it is to obtain information from them.

I've always wondered how social engineering worked when you'd have to be pretty slow to divulge private information that can't be found online.

As an example how would anyone ever find the name of my first crush if I used that as part of my password without directly asking me?

I would just directly ask you or one of your friends (I know you stipulate without doing that). Hence the social aspect. Otherwise it is not really social engineering.

EG messaging a friend of yours on facebook and posing as an old friend trying to get in touch with you. I could use your friend's facebook info to spark up a conversation about the old days, then mention that girl you used to like but what was her name again? god I just cant remember.

There are many, many ways.

EDIT - Also, by duplicating your facebook session I can chat to anyone on your facebook as YOU. It gets pretty easy to get information about you when I am posing as you.

But I don't use facebook. I used to use it, but I've had it locked up tight so there is no way for anyone to see who's my friend on facebook. I haven't even been able to find my facebook by googling my name. Try Giovanni Olguin and see what you find.

#10 Posted by golguin (4286 posts) -

@splodge said:

@matatat said:

It's kinda absurd how easy it is to hijack someones information through some simple social engineering. My first year of college I got ahold of the email accounts and bank accounts of a couple people I knew in high school just to show them how easy it is to do. Took a few Google searches and a couple hours to just put some pieces together.

Alternatively at a Computer Security club I went to a couple meetings for in college we did some experiments with how much information we could find on someone and we used the president and vice president of the club as guinea pigs. We started with one simple piece of info about them (maybe a phone number) and would see how much we could get in 20 mins. For the sake of brevity they would tell is if something was right or wrong but we found a disturbing amount of info about them. Couple that together with something dumb like a "security question" for an old email or something and you suddenly have access.

Spent a summer in college learning how to use package sniffers and some basic trojan viruses. It is fucking INCREDIBLE how easy it is to get into peoples private accounts. Emails, facebook, everything. All wide open. And then, failing all that, you can use social engineering to get the info you want.

I think the vast majority of people have very little idea how unsafe their networks are, and how easy it is to obtain information from them.

I've always wondered how social engineering worked when you'd have to be pretty slow to divulge private information that can't be found online.

As an example how would anyone ever find the name of my first crush if I used that as part of my password without directly asking me?