0xBDB is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

0xBDB @0xBDB@infosec.exchange

Pinned toot

- I am a Senior Pen Tester at a Fortune 500 financial firm. You would think this means that I know something about pen testing, but it turns out it's astonishing how far beauty and charm will take you.

0xBDB boosted
0xBDB boosted

Evite is another of those parasitic companies that gives you no way to opt out of all of their emails. The only thing to do is filter, which means anyone who adds your email address to their invite list will receive no feedback that you never got the invite. Which is all in Evite's interest, of course.

The fact that this is perfectly legal just goes to show that CAN-SPAM was never about protecting consumers; it was always about protecting well-connected spammers from less-connected spammers.

0xBDB boosted

Quick Poll: who here routinely uses Multi-Factor Authentication?

0xBDB boosted

@freedom Thanks to Peertube I am almost there... I have delteted Youtube and Facebook.

* I do protonmail and mailfence instead of gmail.
* I do duckduckgo and searX instead of google search.
* I do Mastodon instead of G+.
* I do Riot.im and IRC instead of Hangouts e.t.c...

I do visit Youtube but only as a spectator. I do have privacy badger, cockie autodelete and ublock helping remove traces.

I don't use Chrome... I do not have an Android nor Apple or Microsoft telephone. I have an Jolla.

0xBDB boosted

@0xBDB I would submit that rather than explaining it as barrier to entry, this might be a case of selection effect, or even founder effect—Mastodon initially drew in people who were looking to escape Twitter's nastiness, and that sets the tone for the later crowd (especially if we work to welcome newcomers and introduce them to the culture.)

Twitter is more useful to me because of sheer biomass but I like the people here better, even if I mostly lurk. Hate to be that elitist guy but quality is proportional to barriers to entry in this case.

0xBDB boosted

As you settle into Mastodon, be sure to learn the lingo:
- "toot": a tweet
- "tusking": starting a pointless fight with another user
- "woolly": going viral, as in "wow, that toot really went woolly"
- "extinction event": when a whole instance goes down

0xBDB boosted

Remember when everyone left MySpace to go to Facebook because they were dissatisfied with MySpace's protection of their privacy and felt Facebook would do a better job?

0xBDB boosted

My new music, podcast, and audiobook player. It has some amazing features, like being immune to Spectre and not being usable to spy on me, even if I never update it.

social.literati.org/media/atTe

0xBDB boosted

so @ek and I agreed:

if you're trying to start a cooperative/non-profit residential ISP in seattle, wobscale (AS64241) will offer you free transit if you can get a cross-connect to our rack in the westin building exchange.

inquiries: iliana@wobscale.website

0xBDB boosted

the fucked up thing about programming is that nobody ever says "it's cool the way you use a for loop there! i like the way you named those variables, those are good names" the only say "why did you do it like that, thats the way a baby would program. youre a baby. and not even one of the babies who can program"

"Hack Your Credit Score". Not the usual InfoSec conference fare but one for everybody to watch.

youtube.com/watch?v=5gFDnQGr6W

Useful: Recommendations for underutilized NSE scripts from an NMAP dev.

threadreaderapp.com/thread/950

I keep forgetting to post here. Twitter is an old habit that dies hard.

0xBDB boosted

The year is 2382. #infosec has run out of scary names for breaches, bugs, and vulnerabilities and has adopted the storm system naming convention from the National Weather Service.

Thousands live in fear of the remote code execution called "Dwayne."

0xBDB boosted

Just a reminder that Internet Archive are doing very important work preserving information on the Internet. They're running a fundraising drive at the moment, so if you've ever used their site and can spare some money, please consider donating.

- I am a Senior Pen Tester at a Fortune 500 financial firm. You would think this means that I know something about pen testing, but it turns out it's astonishing how far beauty and charm will take you.

I was on a Mastodon server before but it died without me noticing. Here to stalk infosec peeps and learn stuff, and I'm all out of... no, I'm good.