r000t boosted

I never understood people who got little plaques for their wall with pithy sayings.

And then I saw this beauty.

Making a pixelfed instance literally just for my cat.

Friday night muthafucka.

Someone needs to tell "IBM X-Force" that LoserSquad was by no measure a hacktivist group. There was no moral or even political goal, half the children were literally going for fame.

Well, if there was ever an excuse for a brand new Ryzen build...

r000t boosted

From the iOS 12.2 changelog:

Safari:
* Removes support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable [...]

Which makes perfect sense, but is still pretty ironic.

>Telephant

Fuck, that's what Mastodon should have been called in the first place. It rolls off the tongue so much easier.

r000t boosted

"UNIX was not designed to stop its users from doing stupid things, as that would also stop them from doing clever things."

r000t boosted

BOFA isn't an injection. It works differently.

BOFA is an FDA approved treatment for moderate to severe ligma for whom TheseHands did not work well.

Like now I wanna (try and) make a Mastodon instance that breaks as many others as will interact with it, but I don't want people turning around and using that as evidence to call Mastodon insecure.

. @fribbledom's custom client gave me an idea.

We have badssl.com/, which is a set of (specifically) poorly configured SSL implementations that you can test whatever against.

How about a bad Mastodon instance? It would have super long toots, messed up unicode, "infinite" procedurally generated accounts/toots, etc.

r000t boosted

broke: it pisses me off that people say literally when they mean figuratively
woke: it pisses me off that people say directly when they mean indirectly

Does anybody know if Wikipedia has any ongoing projects to update very very old screenshots? Potentially with updated versions of software and modern/no window decoration?

John McAffe walks onto the stage in a mock turtleneck. He's holding a manilla envelope.

"HI, yes, hello, thank you all for coming out and joining me for my keynote. Today we will be discussing the identity of famed Bitcoin creator Satoshi Nakamoto," John says.

The crowd goes wild.

"The true identity. Of Satoshi Nakamoto. Is," John continues, while opening the envelope. The crowd has fallen silent.

John flashes a mirror to the audience

"You. All of you are Satoshi Nakamoto. You always were."

Um also, so, like, um, in my Expanded Amazon Dystopia Comedy Toot Universe, Jeff Bezos looks like Urgot. Kinda.

But the legs are also Prime Lockers.

It's the year 2038 AD.

Roving Prime Death drones permanently neutralize all valued Prime Citizens above the age of 55. After a 30 second ad for human composting.

r000t still passive-aggressively closes tickets where the filer said "comp" when they meant computer.

r000t wishes the Prime Death drones could neutralize all people who shorten computer to "comp". After a 30 second ad for human composting.

r000t boosted

Ruby: "We get stuff done around here but the E, N, and D keys on your keyboard are gonna wear out fast"

Python: "Do you know how to configure various editors to use spaces for tabs? Hope so, pal."

Haskell: "You shouldn't program computers until after you read this textbook on braided monoidal categories."

Java: "Buhhhhhh... I liek to type many varios words on the coputer."

At first glance, only his Twitch and Twitter got taken over.

But all of these other places also potentially fell to SMS account recovery:

Email
Corporate Email (BoomTV)
Discord
Steam (and other gaming platforms)
PayPal
Facebook/Instagram
Snapchat

If not properly configured, a Google account (and any associated YouTube channels) is also pwnt.

All that said, attackers seemed more interested in defacement than exfiltration. I'd even guess they made no attempt on the email.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.