Post AR0zuALaQURNxcDSFM by hdm@infosec.exchange
 (DIR) More posts by hdm@infosec.exchange
 (DIR) Post #AR0zuALaQURNxcDSFM by hdm@infosec.exchange
       2022-12-26T21:52:15Z
       
       1 likes, 1 repeats
       
       Profound boredom is the root of all innovation. This paper covers it well, but every substantive project I worked on started offline with limited technical resources and lots of time to kill (metasploit, recog, runzero): https://www.bath.ac.uk/announcements/social-media-may-prevent-users-from-reaping-creative-rewards-of-profound-boredom-new-research/Offline doesn't mean no computing, just lack of boredom-driven-page-reloading. So erm, if you are seeing this, drop into offline mode, find a park, and fidget until you find something all-engrossing to sink your time into.
       
 (DIR) Post #AR0zuBrsltrug4KlE0 by hdm@infosec.exchange
       2022-12-26T22:50:42Z
       
       0 likes, 0 repeats
       
       OK, so what does fidget mean? What information do you have around you, right now? Take a deeper look. Why is that WiFi AP named XNF998FE? Why is your laptop's serial number XY3327S? How often is that helicopter circling? Why are so many license plates from a particular state with a specific prefix? Look for the lack of entropy that is an encoded signal.In the early Metasploit days this involved dumping function addresses of DLLs from a literal binder of DVDs. The opcode database and later analysis by folks like skape (matt miller) and spoonm made exploit development much easier as a result.Scanning the internet is easy. Understanding all the data coming back takes a lifetime. Grab some data dumps and sift through specific protocols and fields. Toss Fiddler at a Windows thick client (or enable HTTP event tracing). We are flooded in dodgy software, weak numeration, and information leaks. Stop for a bit, breath, pick one, and go deep.