Paco Hope @paco@infosec.exchange

Super cool and simultaneously creepy. It’s now an arms race between things like fingerprint scanners and facial recognisers and GANs. https://www.inverse.com/article/53280-this-person-does-not-exist-gans-website

I'm running a pi-hole in the house now to block ads and trackers. It's absurdly easy to setup and very effective. Plus the stats are so interesting to see all the ads blocked. The best thing is that because it works at the DNS level, it affects things like TVs, mobile apps, game consoles, and other embedded devices. https://pi-hole.net/

So... I accidentally left a DNS recursive resolver open to the Internet for a day or two. Someone noticed.

If you have a #mac and you want to forget the open #wifi access points that your mac has joined, this handly little python script does the trick. It leaves alone any wifi that has a password. Only deletes the WiFi networks that have no password. If you use #iCloud keychain, this will have the lovely side-effect of deleting them from your #iPhone/#iPad at the same time. https://github.com/mubix/osx-wificleaner
You might also want to disable the captive network assistant on your mac:
https://massimoronca.it/2015/05/20/disable-captive-network-support-in-os-x.html

Maybe I’ll put a password on this zip file. Why bother? Crypto implemented like a CS undergrad. With many eyes, all bugs are someone else’s job to find. https://twitter.com/3lbios/status/1087848040583626753

This is an absolutely epic thread about racking and stacking. I love it. https://twitter.com/QuinnyPig/status/1087472201492643840

Here's how my #Monday is starting. How's yours?

I started visualising my #CloudTrail events on #AWS using #ElasticSearch. I blogged about it and put the code on Github.
Blog post: https://blog.paco.to/2019/cloudtrail-to-elasticsearch/
GitHub: https://github.com/pacohope/cloudtrail-logs-to-AWS-Elasticsearch-Service

I just noticed that, now that I migrated my mail server to #AWS and #EC2 and assigned an ipv6 address to it, I'm actually accepting #SMTP connections over #IPv6! Yay.

Not learning a thing from 3D printing of TSA keys or all the data breaches that have happened in the last decade, a firm has created photos-of-keys-as-a-service. It is a bad idea beyond bad ideas.
This year's announcement. https://www.bbc.co.uk/news/technology-46795616
Why that's bad.
https://www.wired.com/2015/09/lockpickers-3-d-print-tsa-luggage-keys-leaked-photos/

Looks like #Buttercup is a #password manager to watch. It's multi-platform, open source, and free. Reading the github issues, it sounds a little rough around the edges. Ready for early adopters, but not ready for the masses.

This is not a joke. This was an actual progress bar on a web site I use. Microsoft has nothing on these folks. :)

I just disabled #clamav on my email server. I'm not sure that it detects anything of value, but it uses half the instance's RAM trying. I suspect the RAM-to-value ratio is not good enough.

If you're in #infosec and you're in Europe, the Middle East, or Africa, there's a great award to recognise an outstanding contributor: the ISLA (Information Security Leadership Award). Nominations close in 2 weeks: https://www.abstractscorecard.com/cfp/submit/login.asp?EventKey=ZVLLTVYZ