Paco Hope @paco@infosec.exchange

#passwords are like #underwear is a terrible metaphor. :)

I just spent the day in Dundee, Scotland at #Securitay2019. If you are looking for the best #infosec talent coming out of UK universities, this is the con to go to. They’re such great kids, incredibly clever, and the conference is a great time. https://securi-tay.co.uk/

After the con I always pull out a box of cigars and we have “cigar-itay”.

What’s the difference between Fyre Festival and Brexit?

I'm running a pi-hole in the house now to block ads and trackers. It's absurdly easy to setup and very effective. Plus the stats are so interesting to see all the ads blocked. The best thing is that because it works at the DNS level, it affects things like TVs, mobile apps, game consoles, and other embedded devices. https://pi-hole.net/

So... I accidentally left a DNS recursive resolver open to the Internet for a day or two. Someone noticed.

Here's how my #Monday is starting. How's yours?

This is not a joke. This was an actual progress bar on a web site I use. Microsoft has nothing on these folks. :)

If you're in #infosec and you're in Europe, the Middle East, or Africa, there's a great award to recognise an outstanding contributor: the ISLA (Information Security Leadership Award). Nominations close in 2 weeks: https://www.abstractscorecard.com/cfp/submit/login.asp?EventKey=ZVLLTVYZ

I disable location services most of the time and disable background app execution all the time. Is it any wonder why?

Someone actually modified our internal ticketing system to offer the option of seeing random cats or dogs instead of staff members' employee photos. It's awesome.

I have to admit, once I got #kibana and #elk running in my #aws account, I just had to Log All The Things. Got some great ability to analyse #CloudTrail out of it.

Despite my #mikrotik router being annoying, I managed to get #elastiflow running on #FreeBSD in #AWS looking at my on-prem network. https://github.com/robcowart/elastiflow

Japan cyber security minister admits he has never used a computer. More secure than any of us!
https://www.theguardian.com/world/2018/nov/15/japan-cyber-security-ministernever-used-computer-yoshitaka-sakurada

People who don’t embrace the #cloud have a tendency to buy excess capacity that they use inefficiently. Like this guy.

#CloudWatch logs show the impact on my #MySQL server of taking the blog off #WordPress. Most of the network traffic had been blog traffic. But the blog changes so rarely, that's really pointless traffic.

Reading about the alleged hardware supply chain attack. This is a hilarious quote.

AWS and Iridium are partnering to get the cloud above the clouds. https://www.cnbc.com/2018/09/27/amazon-partners-with-iridium-for-aws-cloud-services-via-satellite.html