Show more

I’m upgrading a server that runs using iocage jails. I prefer something like xcp-ng as my hypervisor. So I can completely separate upgrading the kernel from the guest OSes.

“The media reports of our security incident were wrong on several points.”
“Hi, this is Brian Krebs, the reporter who handed your ass to you. (This is your ass, isn’t it?) Which points were incorrect?”
Hilarity and sadness ensue.

Paco Hope boosted

?? This is awesome! :ruby:

"Build up professional development experience by contributing to open source projects with the help of a mentor. RubyMe pairs early-career developers from under-represented backgrounds with seasoned Rubyists.

Choose specific areas to focus on. Get paid for 8 hours per month, learning best practices from experienced developers and contributing to Ruby open source."

Paco Hope boosted

My #blackHole humour is getting substantial attn in that other place. It just seemed to tasty to not share…

Paco Hope boosted

You've met "this meeting could have been an email", now let me introduce you to "this in-person event for which multiple people have travelled could have been a Slack chat"

This is such a powerful poem. Very apropos at this junction in world history.

The only thing I am”legendary” at in is dying early.

Paco Hope boosted

Americans are at such risk of identity theft. The fact that there are DOZENS of companies, each with its own opt-out hoops to jump through. There are no laws to protect people. So invasive of #privacy.

I just spent the day in Dundee, Scotland at . If you are looking for the best talent coming out of UK universities, this is the con to go to. They’re such great kids, incredibly clever, and the conference is a great time.

After the con I always pull out a box of cigars and we have “cigar-itay”.

Brexit UK politics 

Paco Hope boosted

Worst feature ever: Netflix’s brutal automatic preview. It’s so against the user that is clearly designed to be that way.

Paco Hope boosted

OK. Just saw someone posting "8 Character Passwords are Dead"

To support this they say how a 2080Ti GPU has passed 100 Billion guesses per second and how that means in 2.5 hours they can try every single possible password.


That's in the case of NTLM hash. A notoriously bad hash that has *no* *salt*. Even more ridiculous, because the NTLM hash is just as good as having the password. You don't need to crack the hash.

Yes, 8 character passwords should be dead, but this is bogus.

Super cool and simultaneously creepy. It’s now an arms race between things like fingerprint scanners and facial recognisers and GANs.

I'm running a pi-hole in the house now to block ads and trackers. It's absurdly easy to setup and very effective. Plus the stats are so interesting to see all the ads blocked. The best thing is that because it works at the DNS level, it affects things like TVs, mobile apps, game consoles, and other embedded devices.

So... I accidentally left a DNS recursive resolver open to the Internet for a day or two. Someone noticed.

If you have a and you want to forget the open access points that your mac has joined, this handly little python script does the trick. It leaves alone any wifi that has a password. Only deletes the WiFi networks that have no password. If you use keychain, this will have the lovely side-effect of deleting them from your /#iPad at the same time.
You might also want to disable the captive network assistant on your mac:

Maybe I’ll put a password on this zip file. Why bother? Crypto implemented like a CS undergrad. With many eyes, all bugs are someone else’s job to find.

Paco Hope boosted
Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.