Funny problem. How do you deploy an role across all your AWS accounts?
Step 1: deploy an IAM role to all your AWS accounts.
Step 2: run this script to use the first IAM role to deploy the second IAM all your accounts...

And so now I can just go over to Safari, copy/paste the text, and be on my merry way!

I don't have a lot of encrypted PDFs whose content I can happy paste into a search engine (not much overlap in that Venn diagram!) so I don't know how MUCH text I can copy/paste this way. But it beat the heck out of typing! 3/FIN

Show thread

If I try to copy from the PDF, I get this warning that says I need to supply the password to Preview. Now, if I right click on the text, I see a few options. Including "Search with DuckDuckGo". That's interesting. (DuckDuckGo is my default search in Safari) I select that option and what do you know? Safari opens. It has copied the text I highlighted and sent it to DuckDuckGo as a search string! 2/

Show thread

I've just discovered how to use Preview on to bypass some protections. Here's a small thread. It's trivial stuff.

On our legal documents, our legal team apparently encrypts PDF contracts. Good for them. If I open one in Preview (Version 11.0 (1018.6.2), Big Sur 11.6.5) and I look at the document info, I see password protection is enabled. It says it's "encrypted" but there are a few standards of PDF . I don't know what this means. 1/

When IoT product vendors offer "lifetime technical support", they're serious. They just don't mention WHOSE lifetime they're talking about. It's their life span that will the limiting factor, not yours.

In 2019, we observed AdColony receiving GPS location data from Grindr and filed a GDPR complaint:

German watchdog just observed Inneractive/Fyber receiving GPS location data from a clock/weather app with >50m installs:

Show thread

Nice story about how you can end up with cool stuff if you keep old warez about 

Lotus 1-2-3 enthusiast runs into old pirated copy of lotus 1-2-3 for unix and ports it to linux. Great story, which wouldn't have been possible if it wasn't for pirates.

#piracy #software #hacks

My battle against the SecurityHub "best practices" continues. This time it's "[EC2.21] Network ACLs should not allow ingress from". I don't USE NACLs. NACLs are stupid. They're a total waste of time and not the right way to do network security. If NACLs are an important part of your , you're doing it wrong.

Got my new #cat yesterday. Forgot to post a photo. He has a raccoon tail, so I named him Arty (“RT”). He’s settling in really well. #mastocats

Today's hot take, from someone who works at (but this is just my personal opinion). CIS Benchmarks for AWS are total crap. Mostly a waste of time. Like, you can spend hours and hours making them shut up and stop nagging. But it's so superficial and so basic. You have a LONG way to go after you get the CIS benchmarks to shut up.

Dear open source users,

If the author of your favorite open source app has announced they stopped developing and supporting the app (because they're frustrated and possibly burned out), please don't suggest they do more free work so that you can continue using the app.
Instead, consider thanking them for their past work and let them know that you enjoyed their app.

another open source developer

I wonder how view this announcement 6 months or so later…. Might have been premature to abandon the . Especially given their clientele.

do it, boost my status. load test my instance. take it down. i dare you

Just checked my email server's uptime. 99.995% for 2022. 99.87% since January 2021. Not bad for amateur hour.

Typical week on that server looks like:
* 1115 received
* 2380 delivered
* 1943 rejected (44%)

* 92751k bytes received
* 187495k bytes delivered
* 526 senders
* 268 sending hosts/domains
* 129 recipients
* 47 recipient hosts/domains

I know this is a bit of a flame war provoker. But why does nobody mention that _not running Windows_ is also a helpful anti- strategy?

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.