It is proven! I am calcifer on Keybase: https://keybase.io/calcifer/sigchain#a702c903fbb1f7b53572bd44e1fd89837bbb184853056b08fd9b9ee747a327150f
Tools: Unblockable Chains - POC project of a fully functional C&C infrastructure on top of the public Ethereum network. It demonstrates a novel channel for implant and controller communications by using smart contract as intermediate - https://github.com/platdrag/UnblockableChains
Here's a twist: My works has apparently been named as evidence in the lawsuit by the "snake oil crypto" people against Black Hat. https://twitter.com/thepacketrat/status/1164968292156620800
4.5km ride on the #onewheel. I'm almost up to making a continuous trip to my local cafe (that's 5.3km away, with a couple challenging hills)!
But still nowhere near pushing the 20-28km max range…
It seems weird to say I'm building up endurance for an electric transport device, but it's true! I've been riding my #onewheel regularly for 2-3km trips (and often return trips), and now my calves and feet aren't all tense and sore afterwards.
It's lovely to be able to go 3km in 10m (including waiting at traffic controls) casually. It's really extended how far I can range from home without driving.
Related: lots of time wasted on trying to be clever with unproven controls that *might* be marginally better than a proven, simple control you already have
The number of times I've seen people try to get clever with things like authn and authz in new apps when they already have a well-designed SSO or something in place…
It's amazing to me how many hours are wasted by companies trying to find clever ways to protect sensitive data or resources that they don't actually need to have in the first place
Every single security person should have a habit of pushing for people to consider the simplest security control: stop doing the risky thing
If there's good reason to reject that option, fine: we can mitigate the risk. But *make people defend the choice*
A Tumblr called "Accidentally Quadratic", dedicated to showcasing instances of software that did just that: https://accidentallyquadratic.tumblr.com/
Headlines that shouldn’t need to exist: "Drinking bleach will not cure cancer or autism, FDA warns”
Context – there are a bunch of “supplements” marketed for treating cancer, autism, etc. that are just “chlorine dioxide solutions”. They’re effectively bleach. People are using them.
One of my recent blogs in which I try to debunk common misconceptions about password managers. https://johnopdenakker.com/common-misconceptions-about-password-managers/
Cafepress pwned, change your passwords. #databreach
Q: If you, like me, make your income via the internet (not just through something like ecommerce or Patreon...but like a day job that is internet related), and the internet were to go away tomorrow, what other skills do you have to make a living?
I don't know if I have any, and that disappoints me.
Feel free to boost to get a bigger answer pool.
Applied AppSec Research @ Veracode ; I don't speak for them here. Part-time coffee and Arduino nerd. keybase.io/calcifer
A Mastodon instance for info/cyber security-minded people.