Jerry Bell @jerry@infosec.exchange

This is… depressing: https://twitter.com/rajandelman/status/1553060059806056449?s=21&t=rWs33Wg0e3mDt6P333BGOw

Turns out EarthLink is a broadband reseller.

This my buddy in the tank this morning doing physical therapy.

Just saw a post about potato cannons. I once drove from Detroit to Atlanta along I-75. Somewhere in North Georgia, I guess, was a few people in an open top Jeep. The passenger had a potato gun and was firing it from the car into the median.

It’s really quite memorable because that was the morning of September 11th, 2001. An hour or so before the world went to hell.

In case it’s not obvious, the building appears to be a large EarthLink office. I thought they had been out of business for years.

I had no idea…

By the way, the $1200 aeron chair is totally worth it, in my experience so far. Really happy with it.

Apparently because I bought their $1200 chair, I now need their $4000 desk

In other news, I get to take my dog to physical therapy today where she will be placed in a water treadmill.

My dog hates water. This is going to be entertaining.

I have noticed a concerning trend with software that increasingly distributed as a virtual appliance, or more often a container image. Those images are usually Linux distros with some extra software and configuration installed. But the Linux OS isn’t stripped down, and so the image is subject to all manner of vulnerabilities in components that the application doesn’t use. Then, because it’s a software product, end users have to wait until the vendor releases a fix. But the vendors declare “yes, it has that vulnerability, but we’re not fixing it because it doesn’t impact our product”.

I think that’s the wrong way to look at things. If a baddie is able to find some way in, why are we leaving helpful tools for them all over the place? Yes, they may still be able to install their own, but that’s like saying “I’m not going to lock my door because someone can just break a window if they wanted to get in”.

I think we need to get better and minimizing the attack surface by removing stuff we don’t need AND fixing (or removing) vulnerabilities we don’t think impacts us, but are still there.

The latest update excluded my location. Sigh. I was looking forward to some space junk.

Looks like I’m in the path for the rocket crash landing tomorrow. Hopefully my insurance will cover this: https://aerospace.org/reentries/cz-5b-rb-id-53240

Had a dentist appointment today. Routine cleaning. Turned out to be not so routine. I won a return trip next week for a crown and some laser surgery on the roof of my mouth 💩​

I know most people hate Scott Adams now, and for good reason, but when I entered the corp world about 30 years ago, I found the Dilbert books and really loved them. One of the cartoons that sticks with me to this day is a strip where the office team has to compliment each other. I think it was Wally who said to Dilbert “I admire your ability to get paid for that kind of work”. Still makes me giggle.

That at the idea of turning unused cubicles into overflow prison cells.