[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Name
Options
Subject
Comment
Flag
File
Embed
Password(For file deletion.)
Not reporting is bourgeois
[ Return / Go to bottom ]

File: 1747325643228.png (1.87 MB, 1024x1024, tired of ts.png)

 

I'm a communist but I'm currently employed in internal tech department of one of the big 4 banks in the US with expensive international operations, control financial infrastructure and currency exchange in many periphery countries and act as an arm of US imperialism.

my role is just a mid level front end web dev so limited authorization to take any kind of business action, although I did manage to get access to internal research documents they have which talk about global forecasts, macroecon trends, defense spending, and attitudes of capitalist class around political events.

Aside from that, I do work in a big office with relatively loose security, I could hypothetically sneak stuff in or try to install malware (although I'm not sure if the LAN here would be accessible from outside).

I might have the ability to steal or spoof someone else's credentials too, since I have access to certain app logs from people who use it in senior leadership, there is sometimes partial session/cookie/token info that sneaks in there although I don't really have any experience with that kind of hacking. Social engineering approaches probably won't work as it could expose me more.

If you were in my position, and you wanted to expose as much confidential internal company info, or create some kind of vulnerable entry point for others, maybe have other hackers be able to access it, what would you try to do?

That happened.

>>29728
>Being this accelerationist.
Chances are if there's no progressive alternative you'd just make peoples' lives worse by doing this.

Why don't you join a union instead of this adventurist shit? Oh right tech workers earn so much they never unionize.

Just take it easy and continue your path as usual…
I think its silly to think hacking a bank would yield a revolution or something.. would it?
You'd likely just be arrested and have your trial in a gloomy room where the orators claim their judgement is more precious than yours. Your heart willed, but wise state-law willed against it

>>29734
>You'd likely just be arrested and have your trial in a gloomy room
Pretty much. You'd go to jail over nothing like Luigi or the idiot who set himself on fire.

>>29735
Mhm, such individual adventures oftenly result in a silent punishment and being forgotten. If Luigi's act was seen as heroic for some, we'd have more of CEO's getting assasinated.. only at rare moments in the history we had a revolutionary ethos being present in the society.

comrades… you needn't be so narrow minded.

i'm at least going to share secret research with the org im in (not saying which rn) to help with our analysis and publications. already looked into the legal ramifications based on my jurisdiction and worst case scenario i could tank it.

now i'm just thinking of how far i could take it. there's at least a couple of OAuth-secured WAN-facing systems which host most of the reports and data they produce, but the real juicy stuff is internal investment controls and confidential company disclosures gated behind higher levels of authorization. like my bosses' boss or one of the business senior leadership. obviously getting someone else's credentials would make this a lot more serious and punishable but if i pulled it off i could give others access without compromising myself.

i realized the token in old log file idea wouldn't work but if the Oauth does succeed it gives a long-lived refreshing cookie which is what id really want. i cant push any code that would go through VCS but i might be able to get a compiled test version of an app sent to someone, with something baked in that would quietly copy all the headers i need to a drive where i could get it before anyone notices.

there might be easier ways. people around the office leave computers unlocked unattended sometimes. support and various people pass around scripts they don't look at. getting access to someone's email higher up would be interesting too but not sure how i would do that. i'm wondering if any of you have other creative ideas or advice

why don't you just introduce some kind of "bug" that ignores bullshit bank charges to make it stop stealing money from poor people?

>>29735
This. Even worse than Luigi. Luigi at least killed a mega porky. This would do nothing.
>>29751
I'd really advise against this. You already have access to investment info, no? This is already worth quite a lot. Why jeopardize it by doing something like this?

>>29752
It would be very hard to introduce something persistent like that into production systems. Anything that directly hits their money will be a one time thing they might revert. Also I'm closer to the institutional clients side, other huge corps, not retail which is like regular customers. But idk I'll need to think more

>>29754
Because I know I can do more. Why are you guys being such boring pussies about it? I just need to talk to a leftist actually knowledgeable in cybersecurity


Unique IPs: 9
[Return][Go to top] [Catalog] | [Home][Post a Reply]
Delete Post [ ]
[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]
[ Return / Go to top /