A Random Half-Giant @Ent@infosec.exchange

There's one thing I want to point out with nanoblogger. Yes, it's an evil fucking bash script. But here's the thing. The developer abandoned it in 2011. Nine years ago. Today, I pulled down the final release candidate, unpacked it on disk, and the fucker worked flawlessly out of the box.

It really is possible, folks, to write software that will still work at longer time frames than a month, to design for the future. It sometimes requires less-than-awesome tradeoffs but it is possible.

https://www.bitlog.com/2020/02/12/why-are-we-so-bad-at-software-engineering/

Saw this yesterday and boosted it again this morning. It's spot on about the kinds of trade offs and project methods that get employed in developing a web application -- and how those processes, born from "agile" are not the right solution for all software engineering endevours. Particularly things like the Iowa Caucus where you won't get the chance to roll back and try again if things go haywire.

It also got me to thinking about another item that's been on my mind lately. That so much web development still suffers from sticking business logic into the view layer. We have rich interactive interfaces at this point, and the hottest libraries of web development have always been front end. Go on a job board, and there will be an endless pile of positions looking for React or Vue. Javascript is everywhere.

The business side sees a need for churning out new features fast. User stories focus our attention on the UX, and draw attention away from the model -- product management types don't have the time to devote to working out a rich model that they can't see and touch. Back-end positions get advertised as Full Stack where the stack is ankle deep. Web developer's understanding of modeling business logic ends at making a bunch of tables and letting the ORM build you a bunch of objects. These objects enforce no rules, encapsulate no knowledge of the domain.

It makes some twisted sense as a trade off, as Bitlog outlines. The feature might get canned next sprint, so why put hundreds of developer hours into building anything more complex than what amounts to a prototype? If the prototype survives and the business ever has the opportunity to grow large enough to care about the model they can do a rewrite then (if).

But it can be frustrating.

Remember, friend's. SQL Injection references are fun but don't put them on the cards you include when sending flowers to your Valentine.

Now if you'll excuse me, I need to explain to my local florist why the flowers I'm sending to my wife crashed their point-of-sale system.

Amazon Ring is reinventing the surveillance state - ProtonVPN Blog
https://protonvpn.com/blog/amazon-ring-surveillance-network/

"Dark Crystal transforms secrets into crystal shards that you can send to trusted friends. If you lose the secret, or something happens to you, your friends can combine the shards to recover the crystal and reveal the secret."
https://darkcrystal.pw/

#SSB #Scuttlebutt

... kay so my curiosity is getting the better of me. on average, how much time do you spend listening to music a day? constrained to time spent awake. please boost cuz i'm curious.

Earlier tonight, I posted a link to a site that is scoring mastodon sites based on their threat score. Using things like violence, socialism, and polygamy as data points to score instances.

I removed the link, because they are a known entity that we can use for Projekt:ONI.

Let me take a moment to describe Projekt:ONI.

We are working on a detection and response system to detect listeners on the fediverse. It is in it’s very early stages... but essentially we will be compiling statistics in order to find targets that are likely surveillance operations, and then alerting the fediverse.

Think of it as an AI/ML system to keep snoops out of our shit.

You’re welcome.

Remember when AOL and Microsoft conspired to kill Netscape?

As a writer this gets straight to my heart

Yes, of course I want a rotary cell phone.

The power switch is an actual slide switch. No holding down a stupid button to make it turn off and not being sure it really is turning off or what. http://justine-haupt.com/rotarycellphone/

EXCLUSIVE: The #CIA secretly owned the world's leading supplier of #encryption systems to other countries.

Crypto AG sold rigged machines to more than 100 nations, including Iran, India, Egypt, Italy...

"It was the intelligence coup of the century."

https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/

This proves #Snowden was right.

#privacyMatters

ICANN Allows .COM Price Increases, Gets More Money

https://www.namecheap.com/blog/icann-allows-com-price-increases-gets-more-money/

The Public Comment period is open through February 14, 2020. Submit your own personalized comment using ICANN’s form at https://www.icann.org/public-comments/com-amendment-3-2020-01-03-en/mail_form

🙀🙀 https://www.haaretz.com/israel-news/elections/.premium-app-used-by-netanyahu-s-likud-leaks-israel-s-entire-voter-registry-1.8509696

Remember all those Flash games that used to be all over the internet? And those Flash animations?

Since Flash is going the way of the Dodo someone took the effort to archive them, in a stand-alone app that you can use the play them! If you choose the version that includes all the content (38,000 games and 2,400 animations) you will download a whopping 288GB!

https://bluemaxima.org/flashpoint/
Windows only sadly.

wow..

Reversing (and Recreating) Cryptographic Secrets Found in .NET Assemblies Using Python

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/reversing-and-recreating-cryptographic-secrets-found-in-net-assemblies-using-python/