Jump to content

Search the Community

Showing results for tags 'pine numbers'.

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

AIM

MSN

Website URL

ICQ

Yahoo

Jabber

Skype

Location

Interests

Enter a five letter word.

Found 1 result

  1. telot
    Good day my fellow pineapplers! I'm very curious about the pinenumbers feature. Why would we want anyone (even you Seb/Darren) to track usage on a device that is so easily (and dare I say commonly?) used for illegal/semi-legal things? The very nature of the pineapple is grey-hat at best. Its purpose-built to take advantage of inherent trust vulnerabilities and exploit them. This is great for pentesters, but not everyone who buys/uses a pineapple is a pentester. I know, I know, theres plenty of disclaimers about not using it for nefarious activities - which protects you guys very well. You certainly need these boilerplate statements when building/supporting this kind of device. But what protects us, the consumers? I understand you're want for usage statistics, just like any dev - you can build better future products and continue to increase functionality in a more efficient way with your current products. With this type of device, with this market you're in, with these privacy-paranoid customers that you have...it just doesn't make sense in my brain. Tell me, why would I allow that on my pineapple? My second argument is that of contactual privacy afforded to my customers. Say I use the pineapple for legal pen testing as I should, and say I am pentesting a fortune 500 company or even better, a government institution. What happens on a pen test, stays in a pen test. By contractual obligation I can only share the results of the pen test with my customers in their status reports and final report. By allowing the pineapple to send usage statistics and other metrics (even anonymous ones) to the cloud, the pineapple would break that trust I have with my customers and infringe on the contracts I've signed and get paid for. I understand theres going to be an opt-out function in the gui (and I hope cli support as well) - but I thought I'd explain myself as to why I won't be participating with some of my pineapples. My test pineapples, the one I play with at home, the one I use to rick roll my friends - I will surely leave on for your metrics. Ones that are actually used on jobs, I'm afraid I just can't, and I hope you understand. I'd love to begin a dialog about this, so please let me know your thoughts. Thanks everyone! telot
×
×
  • Create New...