@superruserr I couldn't find what was and wasn't included in "Team Mode" do you happen to know?

@ScottMortimer Interesting that they are keeping track of what you look up through their dns services.

For those of you who work in a security consulting type of role; how do you help with remediation for clients?

@fallenhitokiri That's simple, sure, but it's not actionable, right? Think about things they can go home and do tonight, think about things they not only CAN do, but WANT to do! Things they go "Wow, I can make a big impact and all I have to do is go home and do a few simple things!"

@fallenhitokiri Honestly: Stick to actionable by anyone, and how it impacts their business in the simplest most direct ways. Use comparisons they are likely to deal with already.

@ScottMortimer Is that price change really driving you away from lastpass or is it a security concern? If price is what bothers you, what about something like Keepass?

Also worth noting EECploit means rowhammer works even on machines with ECC memory as well. If it has a non-Core series Intel CPU, it's basically vulnerable. This is going to be a real doozy.

To be clear, not only execute from javascript, but execute in a timely manner (46s to discover addresses + a targeted rowhammer attack). This is going to be a real problem.

So, now that someone has found a better version of SPECTRE and Meltdown that you can execute from Javascript, what are we going to do? Source: arxiv.org/pdf/1903.00446.pdf

@Liam Not until that is the most valuable avenue for them to pursue as a business interest, which means more work for us making people realize how important good security practices are.

Deveyus boosted


I'm a just a dude that makes #web apps using #Angular and #dotnet.

I'm still blazing the trail that is my life and hope I'm also able to make positive impact on peoples lives around me.

Small background in #ElectricalEngineering
and enjoying life in the great state of #Texas, USA.

I have a love for all things #Tech such as #Smartphones, #Software and #IoT. Along with #podcasts and #music. I'm a sucker for #AudioGear as well.

Also, shout out to @Deveyus for introducing me to #Mastodon.

@woland Oh, we KNOW the reason, it was out to get you, after the NSA turned it with bribes of all the hot locks they'd give it access.

@maxeddy Sounds prone to race conditions, I'd setup some form of scheduler for the coughing.

@kornel @leip4Ier Thank you for the very useful and awesome information.

@leip4Ier Yeah, the style the language takes on when writing it has actually been a big barrier for me. Though on the other side, I'll be glad to be out of the versioning and build mess that Go often has too so maybe it's worthwhile for me.

@leip4Ier I use Go mainly as a library language that my work in node/typescript calls into for really expensive stuff, especially high concurrency or remote machines. I have been wondering if it would be worth it to learn to replace it because of this. Most of my gains tend to be in concurrency.

@leip4Ier I haven't tried yet, but I hear concurrency in Rust is as good or better...

@leip4Ier I think it mostly has to do with the fact that concurrency in go, with it's wonderful channel structure makes things amazingly easy, more than anything. :)

@darrenpmeyer Grabbed arcolinux, gonna give the i3 based version a try

Today in technology that amazes me:

The "Popcorn" button on my microwave, does in fact, not burn my popcorn or leave a ton of it unpopped.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.