Show more

@jerry I have a bunch of fun IOT garbage *and* I filter/block the hell out of it so it ostensibly only communicates to minimal functionality, if I let it talk to the Internet or anything else at all.

My LG TV doesn't need to talk to the Internet unless I want a firmware update, and I only want that if I'm having picture issues or if they decide to add eARC. So it doesn't need to go outside, even though it *really* wants to.

Purple Squad Security - Episode 49 – The Red Team Life with Curtis Brazzell

Curtis Brazzell from Pondurance joins me to talk about red teaming and managing red teams.

So I think someone wants me to help them deal drugs? Maybe? 🤷‍♂️

I was on Paul's Security Weekly in early January. Here's my interview segment. I was actually on the whole show, which went 3+ hours...

I’ve been in IT for decades, worked as an industrial engineer, programmer, sysadmin, network engineer, and now in . Being selective makes sense, but I like my electronic locks, Nest thermostats and doorbells, i can turn my air compressor on with my phone, and find OpenWRT to be more trouble than its worth (ubiquiti unifi all the way).

Smart speakers seem a bit much, though.

“After leaving her job at the NSA in 2014, Lori Stroud worked as a contract intelligence operative for the UAE. Stroud, now living in an undisclosed location in America, said the mission crossed a line when she learned her unit was spying on Americans.” Photo by Reuters/Joel Schectman

An interesting note on the ex-NSA mercenaries working for the United Arab Emirates story: the third party software they used to easily root iPhones via iMessage sounds very similar to exploits described by Lookout researchers at when they recently exposed an unnamed nation state's attempt to purchase spying tools (and named the names of the vendors selling those tools). Point is, these 0-day phone exploits are available to the highest bidder.

For people that are into , here's a blog with some useful resources. I regularly update it. If you have good resources that are missing please contribute!

So as my second is breaking already I need something new
(Or better used )
The graphics should be preferably compatible to

I use it mostly to SSH into other systems and for a Webbrowser and

I would be able to spend a maximum of 200 EUR

Feel free to boost

The fediverse apparently adds a dimension that was missing from twitter: the ability to argue about implementation details of the underlying code and protocols and why I will affectionately call “rage forks” (though I haven’t seen any come to fruition yet).

Looks like I missed out on some mastodon/Pleroma compatibility drama. What’s going on?

Anyone on Masto going to this year? I'll be scuttling around the briefings.

Not strictly related, but this is a very big deal. The main hurdle facing the plaintiffs' bar on these suits was this standing/injury issue. If your company has been playing fast and loose with may want to get on top of that.

Hi All

I’m after some advice from the community, I’ll be publishing advised and best practices for regular people in an easy to understand way, mostly via a blog and facebook. I would like to get feedback on what topics, also why that topic. If you know of a great example already please let me know. The aim is to help regular people be more aware of the pitfalls of computers and security, making the internet a safe place for all.

I’m open to all suggestions.

Thank you

P.S. you don’t have to connect your new smart TV to the internet. Get a roku or Apple TV or use a Pi.

What on *earth* could Jenny Radcliffe be describing in the new episode of "Smashing Security" out tonight (Weds 7pm EST, Midnight UK)?

Subscribe in your favourite podcast app to make sure you don't miss out.

“No good deed goes unpunished” is my life today 😕

*sigh* GDPR compliant shredder? Visitor cards? Oh well, I'm quite sure someone will buy it because of that, but .....

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.