Pinned toot

I'm a software developer and systems admin. I like to keep an eye on infosec so I can help my team and company build better tools

Learned the rules for owning lock picks in Alberta. Bring them into the house and leave them there.

Or, do two years of apprenticeship, have a criminal record check and fingerprints on file. I don't really have time for the apprenticeship, but the other two are easy. I had to get those all the time when volunteering.

Ken boosted

I think it's beautiful how imperfections make art. Software developers work really hard to add imperfections to art programs and CGI, because humans can sense when something is too perfect; we're made uncomfortable by it.

We love the grit and grain of the page and the graphite. The rough and irregular edges of ink and chalk. The imprecision of the human hand.

Don't be perfect. Be you. That's what people want. That's art.

Was playing a bit of Fallout 4 around my 10 year old this weekend. Mostly looting stuff.

He asked if that's how lock picking actually works (turn the bobby pin to the right spot turn the lock with a screwdriver). So I started digging into the links I've collected from the likes of @tinker and @deviantollam to show him how picking actually works. I think I should pick up a beginner set for us to learn with.

Maybe I should have taken a vacation sooner... now it's cool and rainy

Ken boosted

Still using RSA for OpenSSH authentication?

You should read: latacora.singles/2018/08/03/th

tl;dr: OpenSSH uses by default the md5 hash of your password to encrypt the id_rsa private key.

Good news, you can fix it by running this command (with -o it uses the improved key-format):
ssh-keygen -o -p -f ~/.ssh/id_rsa

Or even better, generate a new ed25519 key (they use the improved key-format by default):
ssh-keygen -t ed25519

Thanks @amenthes for pointing me to the article!

#openssh #infosec #linux

A cow peed on my car this morning.

While I was driving down the highway.

How's your day going?

Ken boosted

Maybe it’s because I’m less than a day in — but the user interface of *everything* around Mastodon and the client apps I’ve tried is not good. I’m constantly confused.

I’m really hoping for the Tweetbot and Twitterrific of Mastodon to appear. With a Mac app too — that supports multiple accounts (because I use multiple accounts).

watching a developer get frustrated with a security feature of an OS he doesn't use and ask how to disable all security instead of learning how the feature works. 😞

@pamela @kurtm Y'know, everytime I see Pamela talk about mturk, I read that as kurtm in reverse. It was confusing at first. 😂

closed the tab and now it's working again. wonder what broke.

Neat. can no longer scroll in mastodon. all the other tabs in Safari scroll just fine. not this one

TFW you get an email from a security company you like and they're all "Cisco is acquiring". oh no.

Wanted to read a Peerlyst article which required me to sign up. Okay, sure. Three tries before my password manager could generate a password that the site liked. "One special character" should be identifying which special characters it likes.

Monday morning. Digging through database logs to find a random error from the weekend... only 18 million rows of data

Need a filter tool for mssql trace files

Jerry rigged an antenna out of old speaker wire for this am radio. Thinking size of the loop and length of the wire is important.

wouldn't be so bad if he was part of the call in the first place.

need to learn how to think about OPSEC in an open office. coworker is repeatedly using information I give over the phone to ask me questions.

I think it’s time to show my kids just how much network knowledge I have. Had to unplug the router twice to get their attention. Going to automate that with voice commands.

Disconnect thing one now.

hahaha. org.eclipse.jetty.util.thread.strategy.EatWhatYouKill

Going into the app you get one further question: Why? Choices are "this is a fraudulent authentication" or "I hit this by mistake".

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.