Paco Hope #BLM @paco@infosec.exchange

#GDIT: We do #Cloud, we do #AI, we do #Cyber. But we do NOT do #carts!

Passwords are like underwear...

This is why I use #ghostery as my browser on my #iPhone. 3 images of the same web site. First, safari with no ad blocking or anything. The ads are so big and thick I can’t see one word of content. Next, Safari with “Better” a paid content blocker from aral@mastodon.ar.al. Finally Ghostery, which is usable. Life is better without ads. It’s important to do both: Ghostery and Better, because Better blocks content in web browser contexts like embedded browsers in apps. Ghostery doesn’t.

I love #AWS, I really do. But this blog post (https://aws.amazon.com/blogs/aws/how-we-sent-an-aws-snowcone-into-orbit/) has a pretty embarrassing detail. They tested for "seven months" only they didn't notice that the files were written in upper case and the software was looking for lower case. Kinda makes you ask what testing they were doing for 7 months...

I have to do a thread on this amazingly terrible web page that is awesome in its terribleness. Let's just start with the title:
"How International Student Pass Business Writing Class."

https://www•eclipseaviation•com/how-international-student-pass-business-writing-class/

(URL neutered to avoid giving them clicks).

So it's not clear that the author really WOULD pass a business writing class, with that title. But a quick read gives so much more fun details.

1/

How do they write these things with a straight face? “We don’t store key material, but we store the encryption key”

https://web3isgoinggreat.com/?id=offline-cash-project-finally-gives-the-world-what-it-really-needs-physical-digital-physical-cash

I feel bad that I can’t give credit. This is a screenshot that was sent by a friend of a friend. But it is so apt about #NFT and #web3. #beaniebabies

And so now I can just go over to Safari, copy/paste the text, and be on my merry way!

I don't have a lot of encrypted PDFs whose content I can happy paste into a search engine (not much overlap in that Venn diagram!) so I don't know how MUCH text I can copy/paste this way. But it beat the heck out of typing! 3/FIN

If I try to copy from the PDF, I get this warning that says I need to supply the password to Preview. Now, if I right click on the text, I see a few options. Including "Search with DuckDuckGo". That's interesting. (DuckDuckGo is my default search in Safari) I select that option and what do you know? Safari opens. It has copied the text I highlighted and sent it to DuckDuckGo as a search string! 2/

I've just discovered how to use Preview on #macOS to bypass some #PDF #security protections. Here's a small thread. It's trivial stuff.

On our legal documents, our legal team apparently encrypts PDF contracts. Good for them. If I open one in Preview (Version 11.0 (1018.6.2), Big Sur 11.6.5) and I look at the document info, I see password protection is enabled. It says it's "encrypted" but there are a few standards of PDF #encryption. I don't know what this means. 1/

I know this is a bit of a flame war provoker. But why does nobody mention that _not running #Microsoft Windows_ is also a helpful anti-#malware strategy?

https://www.theregister.com/2022/05/12/ransomware_dangerous_enough_to_close/

So I'm confused. If I login here and type `paco` in the search bar, I see this. Amusingly the top 3 results are, in fact, me. But the problem is one of them (social.paco.to) is an instance I ran briefly in 2017. Later I moved to mastodon.org.uk. The second is mastodon.photography, which appears to be gone (the domain is for sale). Why do they show up here even now? Is there some maintenance thing @jerry has to do to prune long-dead instances from some list somewhere?

If you're serious about security, you need this book:

"A Million Random Digits With 100,000 Normal Deviates"

Hardcover – March 1, 1955

Only US$755.63. Be sure to read the reviews.

https://www.amazon.com/dp/0029257905/

I am so annoyed at #siri and #macos #spotlight. I have disabled Siri suggestions entirely, as far as I can tell. And yet, when I search a string that MATCHES something ON MY HARD DISK, I have to scroll past an ENTIRE PAGE of search results of stuff that are not even on my hard disk before I see anything that is on my hard disk. Here's a constructed screenshot. Am I doing something wrong, or is Apple?

Current status.

OK. Time to vent. I was checking out a MUD toolkit (Evennia, anyone know others?). I went to their demo instance. I am using TELNET. T.E.L.N.E.T! Typing a password in the clear, echoed back to my terminal over an unencrypted connection. And you want to tell me my password is not strong enough!? I'm dead.

Green text, meet red text. Red text, meet green text. Now that you guys are acquainted, would you like to go off, have a little chat, and come back to me with a USEFUL error message?

This is a fascinating C2 vector. But I gotta admit: it's hard to take it seriously with this diagram. https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/

Not mine. But absolutely appropriate for this forum. :) #infosec

Strange event on my house WiFi. A new station joins (associations goes up by 1. Someone opened a macbook air's lid) then all WiFi traffic goes to 0 (sev1 ticket: "daaaaad! The WiFi is broken!") Not sure what the deal is. OpenWRT is usually pretty robust, but this is not the first time I've seen this behaviour, but it's the first time I've captured it in the graph and gotten some data.