Show more

My family is watching the Georgia/Alabama game. It’s amazing to see how emotional the fans in the stadium are when their team loses. As if a part of them has diminished/died.

The Starbucks/Youporn fight is pretty dumb. A) VPNs exist, B) Sbux likely has no real choice, if they want to avoid “hostile workplace” lawsuits, C) streaming porn eats bandwidth. I am more surprised that it wasn’t already blocked.

Jerry Bell boosted

In response to Starbucks' move to filter from users accessing their WiFi, has banned the presence of products in their office. This is going to be the biggest trade war of 2018 😂 mashable.com/article/youporn-s

Jerry Bell boosted

My motion detecting camera (for catching package thieves) seems to be picking up spurious "events" when the camera auto-adjusts its exposure.

There is a setting I can adjust called "lightswitch" that should remove such events. I believe it ignores any sequence that involves sudden brightness changes to the whole image.

Could I exploit that by carrying a very bright, rapidly shifting LED flood light into the scene? And do "real" security cameras have a vulnerability like that?

Upgrading to 1809. I’ve got a bad feeling about this...

Jerry Bell boosted
So, does any of you #infosec folks feel knowledgable about BTC ransom stuff? Specifically if you're in the Berlin area?
Jerry Bell boosted

Airdropping unsolicited pics to nearby users. Classic practice 😂 however it appears that New York City are planning to impose $1,000 fines or jail time to those trying to get their junk out in the public space engadget.com/amp/2018/11/30/ny

Normally, my evening walk with the dog is filled with the sound of gun fire. Tonight, it’s a herd of low flying helicopters.

Jerry Bell boosted

My upcoming Ethical Hacking class is open for registration and it is also available online. For more info and links to register go to thehackermaker.com/classes/ Following this class in the Spring my Web App Pentesting class will be available.

Jerry Bell boosted

Feel free to add me on Wire.

@R10T

I want to give it a try.

Jerry Bell boosted
Jerry Bell boosted

The latest "Smashing Security" podcast is out: "Google Maps, Fed phishing, and Grinch bots"

Topics discussed include:
How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?

Listen to full show in your fave podcast app, or at
smashingsecurity.com/106

Jerry Bell boosted

Mastodon needs a way to cancel a follow request.

Jerry Bell boosted

another npm package with wide deployment backdoor'ed: news.ycombinator.com/item?id=1 blog.bitpay.com/npm-package-vu

There are two paths to mitigating this stuff, which both should be taken:
- Focus on auditable and reproducible packages. Sadly, mostly impossible with NPM, which is one of the worst language package environments: dustycloud.org/blog/javascript
- Introduce ocap security into the ecosystem. Probably won't happen but MarkM explained how: youtube.com/watch?v=9Snbss_taw

Friends don't let friends use npm.

Jerry Bell boosted

@jerry just a random thought after reading about the layoffs at GM.

It occurs to me that the current US president is falling into the logic trap of equating private sector economics with public sector economics. Private sector economics seem intuitive and straight forward, including what to pressure the government to do. But the economic impacts at a government scale are very different and have 3rd, 4th, 5th order effects that’s are very hard to foresee. I suspect this period will be heavily analyzed by economists in the coming decades.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.