SillyString is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

SillyString @sillystring@infosec.exchange

Pinned toot

So many interesting rabbit holes to go down. So little time.

SillyString boosted

Curiosity: How did you choose your instance?

I just created my own because there wasn't a humor instance and I wanted a place for my friends and me to play.

I find this stuff fascinating to watch. More interesting than any fiction.

"China-linked cyberattacks likely as Malaysia reviews projects: security firm"

reuters.com/article/us-malaysi

SillyString boosted

These new proxmark’s (RFID Badge and Contactless Card Cloners) work great!

SillyString boosted

The start of a hilarious misadventure

Or a horror movie

SillyString boosted

Looks like we'll be planning for the next round of VMware updates due to #L1TF tomorrow: vmware.com/security/advisories

"vCenter Server, ESXi, Workstation, and Fusion updates include Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM. This issue may allow a malicious VM running on a given CPU core to effectively read the hypervisor’s or another VM’s privileged information that resides sequentially or concurrently in the same core’s L1 Data cache."

#infosec

SillyString boosted
SillyString boosted

If you're payment processing flow includes actions by default blocked by chrome (iframe redirects, popups) then you seriously f-ed up.

SillyString boosted
SillyString boosted
SillyString boosted

Worried about the dominance of big instances? No, really, this is quite natural.

As an emergent and self-governing system, it could be expected that the size distribution of #Mastodon instances roughly follows Zipf's law.

Does it?

At first you see the top 6 instances, and then the rest. But on a log-log scale the size distribution is close to a straight line, which would be expected from an emergent system.

#statistics

1/

is the future. Fediverse is now. 🙇

SillyString boosted

OH: "Yeah, that's a good point. I can code, so I suppose I could just built this functionality myself. That's what's great about Slack. If you want something it doesn't have, you might be able to find it, or buy it... but you can very likely build some version of it."

That's some serious Stockholm Syndrome right there. Plus, super annoying how corporations are hijacking the opensource spirit of DIY.

SillyString boosted

@WritingPrompts

Hackers are not cybercriminals.

Let's stop confusing the two please.

SillyString boosted
SillyString boosted

The SATCOM talk for #BlackHat2018 was more dire than I guessed. Sure, you can hijack SATCOM terminals to burn people. But Santamarta found in flight aircraft on Shodan and observed botnets trying to infect airplane and ship SATCOM systems. Many ship systems are already infected. Full story soon. #infosec

SillyString boosted
SillyString boosted
SillyString boosted

Russian anti-gay law; teenager prosecuted; freedom of speech Show more