Pinned toot

Let's see. When I was younger I liked telephones. A lot. I still do. That included exploring the PSTN and causing general mischief. I have a Western Electric 1D2 payphone in my bedroom. Among other hobbies... I'm an amateur radio operator, Linux user, open source supporter and electronics meddler. I admire any human who has the patience to work in infosec.

I can't really stomach the wallowing echo chamber of Twitter, so maybe this will be better.

woland boosted

Got a chance to tell a story on with Jack Rhysider.

Ep 36: Jeremy from Marketing

"A company hires a penetration tester to pose as a new hire, Jeremy from Marketing, to see how much he can hack into in his first week on the job. It doesn’t go as planned."

You can listen to it here: darknetdiaries.com/episode/36/

Can someone tell me exactly what Google Fiber would be considered when it comes to WAN technology? SONET/SDH? Something else? All the reading I've done on it hasn't been clear. I know there is a fiber network box each user gets, but not sure how it works.

woland boosted
@woland @jerry

We get a bunch of DMCA demands every day at work. Almost without exception they’re from bots of DMCA companies that have been hired for that purpose. There’s almost never a real person on the end of the complaint and it’s nearly impossible to get any kind of feedback from the complainer.

The whole DMCA system is just a big-ass broken piece of crap that been turned into a big-ass automated broken piece of crap.
woland boosted

"Reporting about copyright infringement is not infringement. The few thumbnails—including a single image from American Gods—act as proof of the story being reported and certainly don’t replace watching entire episodes of television."

"EFF’s Tweet About an Overzealous DMCA Takedown Is Now Subject to an Overzealous Takedown"

eff.org/deeplinks/2019/04/effs

It's my weekend! Weekend project is reevaluating and changing all of my passwords and then shutting down accounts I never use anymore. Super exciting, I know. But it's been a little while.

Some crazy people might even call this fraud.

Office Depot rigged PC malware scans to sell unneeded $300 tech support

arstechnica.com/tech-policy/20

woland boosted

the GRUB manual contains the phrase "We hope that you enjoy using GNU GRUB as much as we did writing it." which is either rather nice or extremely threatening

I forget who originally posted this, but thank you. It's a superbly written article on the importance of reading fiction and its neurological implications towards creating empathy. I think empathy is important in security. It's valuable to know how an attacker or potential target thinks and operates, especially in a social engineering or OSINT scenerio.

lithub.com/what-does-immersing

Me: I should probably study for that Network+ exam coming up. Also me: oh look! Make an RSS reader in Python? Let's do that!

woland boosted

I'm reading through "Influence: The Psychology of Persuasion" and I have to say the commitment principle is fascinating. We as humans tend to make up all kinds of crazy justifications for a decision we have made once we make a commitment to that decision. This explains a lot of the crazies in politics, including the flat earthers.

In one corner we have the Master Lock 570, a pin tumbler lock with a dead core (not spring loaded) and 4 security pins. In the other corner we have a snake rake and tension wrench. Guess who wins? (Within 45 seconds, every single time.)

woland boosted

- Sent an email to kick off disclosure with a company (I don't send the details until the 2nd email)

- company replied back "Thanks!"

- Database still up.

woland boosted

"Detecting Multiple Identities of Vendors in the Darknet Marketplaces"

The paper:
people.cs.vt.edu/gangwang/asia

A great read for enthusiasts.

"'"No clue about VLANs, no clue about if it has STP, or trunking, or anything.'"

IT staff 'locked out' of data center's core switch after the only bloke who could log into it dies

theregister.co.uk/2019/03/20/s

Sounds like these employees had interesting smoke breaks.

"A Russian 'troll slayer' went undercover at a troll factory and found that hundreds of Russians were working as paid trolls in rotating shifts"

businessinsider.com/russian-tr

woland boosted

Let's talk about banning stuff. Books. Websites.

This graph shows ~3 months of posts on 4chan from New Zealand.

See that spike at the end? Where people posted one hell of a lot more than they used to? That's where New Zealand started blocking/banning 4chan.

Bans don't work.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.