Posts by malwaretech@infosec.exchange
(DIR) Post #AwWP5cxM0Dy4wDDbHc by malwaretech@infosec.exchange
2025-07-26T04:47:20Z
0 likes, 0 repeats
Not really buying this claim from Tea. I'm not aware of any laws which require platforms to retain raw identification documents, especially not for "cyberbullying prevention". Some laws require retention of user metadata like IP addresses, but retaining photos of government IDs used for ID verification is just plain reckless.
(DIR) Post #AwjRutAkOFVkxnLsH2 by malwaretech@infosec.exchange
2025-08-01T16:34:02Z
1 likes, 0 repeats
It's wild that Apple was the only major big tech company to not drink the AI kool aid, and now they're being forced to because every dipshit analyst is like "well the earnings are really good but we're concerned about the lack of AI". How are these people real ðŸ˜
(DIR) Post #AwpEwoHrOKNnw41Yqe by malwaretech@infosec.exchange
2025-08-04T08:32:58Z
0 likes, 0 repeats
Every Reason Why I Hate AI and You Should Toohttps://malwaretech.com/2025/08/every-reason-why-i-hate-ai.html?a=1
(DIR) Post #Ayfs7SDOn5VkXnurnU by malwaretech@infosec.exchange
2025-09-28T15:12:06Z
1 likes, 1 repeats
Wait, so AI companies are struggling to raise enough funding to build datacenters for their unproven technology. And to solve this, Nvidia is just handing out cash on the condition that those companies buy their GPUs, which is being spun as Nvidia building a walled garden? That kind of sounds like someone combined the Subprime Mortgage Crisis with a Ponzi Scheme.https://www.theinformation.com/articles/jensen-huang-using-nvidia-cash-rule-ai-economy
(DIR) Post #AzJ8SQmAVr7Gaqdnwe by malwaretech@infosec.exchange
2025-10-17T15:03:38Z
2 likes, 4 repeats
You know how billionaires end up with severe cognitive deficits as a result of becoming surrounded by yes men who constantly tell them their every idea is genius? What if we made a bot that just does that to everyone. I think that would be great.
(DIR) Post #AzYRZ0eIrYs05cDAZ6 by malwaretech@infosec.exchange
2025-10-25T01:45:39Z
0 likes, 0 repeats
Absolutely incredible stuff coming out of Bozo The Clown School of Economics.1. convince everyone you're going to fix the economy by slapping tariffs on everything. 2. Tell Americans that other countries will pay the tariffs, even though tariffs are paid by importers (you).3. Americans gets mad when beef prices go up because as it turns out, importers do in fact pay the tariffs.4. That's ok, the tariffs were really about rewarding companies who produce goods locally, so at least the American farmers are happy.5. Wait, never mind. Other countries have started importing beef from elsewhere because US beef is too expensive now.7. Don't worry though, it's all part of the plan. We will fix this by simply giving $20 billion dollars of taxpayer money to Argentina.8. Ok, that didn't seem to have worked. Maybe if we announce we're going to give them $40 billion dollars instead?9. Hmmm, bailing out Argentina doesn't seem to have fixed the US economy.10. Lower Argentina's beef import tax rate to less than it was before you got into office, costing US farmers even more money.11. Somehow all of this is actually good and part of a completely sane economic policy, I'm just too dumb to understand the grand plan. MAGA - Make Argentina Great Again?
(DIR) Post #Azk3BsEU1G5BSAF6Om by malwaretech@infosec.exchange
2025-10-30T16:27:51Z
2 likes, 0 repeats
Watch OpenAI go public and just follow Tesla's business model (convincing retail investors to shovel their money into a fire while announcing "AGI is coming next year" every year forever).
(DIR) Post #B0CDTEFGE9EWMfyYdM by malwaretech@infosec.exchange
2025-11-13T07:36:28Z
1 likes, 1 repeats
This post from the President of Windows basically reads like someone trained an LLM on those SF billboards that just say incomprehensible nonsense.
(DIR) Post #B0RdEnXMfVxaZOmQd6 by malwaretech@infosec.exchange
2025-11-20T17:48:01Z
0 likes, 1 repeats
It always makes me chuckle how occasionally you'll run into beginners who say stuff like "real hackers use Linux". Real hackers aren't constrained by operating system choice. In fact, half the fun is running into that weird edge case where you end up having to code your own OS for some hyper-specific task.
(DIR) Post #B0iTuEfkHIVgq117UO by malwaretech@infosec.exchange
2025-11-28T20:20:29Z
2 likes, 0 repeats
Here's an easy way to understand the US "hacking back" / Offensive cyber operations proposal: You lose the keys to your house down the back of the couch. It would be very time consuming to try and dig them out, but buying new locks would cost money.The least expensive option is to simply remove the entire front door, which your family approves of. This would leave more money to gamble in the slot machine (some guy who says he is 100% definitely not the owner of the slot machine has told you that if you put in enough money, you will receive a return on your investment).After voting to remove the front door, someone walks into your house and steals your TV. Having to buy a new door, new locks, and new TV would cut into the slot machine fund. Which is unacceptable.You decide the most cost efficient option is to track down every thief in the world and punch them in the face. The family agrees that punching every thief in the face would certainly deter any further theft, and have absolutely no possible negative consequences at all.The not slot machine guy has also offered to buy all your house's windows for $30, to help you recuperate some of the losses from your TV being stolen. You agree that this is indeed a good deal, and proceed to remove every window.One day you come come to find a 600 pound grizzly bear rooting around in your pantry eating all your food. Your are completely perplexed. Despite your best efforts to secure your home against theft, people have still been walking in and taking whatever they want. However, a grizzly bear is new.You consult with the not slot machine guy, who has recently used all his not slot machine money to buy up every local hospital. You are concerned that the punching everyone in the face policy does not appear to have affected theft rates. Also, this policy was designed for humans, not bears.The not slot machine guy reassures you that this is the best way. He tells you that you just aren't punching people hard enough. He also says that there is no reason why the same policy couldn't also be applied to bears. He sells you some punching classes for $5 trillion dollars and send you on your way.With your new found punching skills, you are now ready to fight the bear. You return home to find out that all of the local bears have learned that your pantry is a great place to get food. There in now an entire group of them. That is ok though, you've been training for this.
(DIR) Post #B19UBDls7yuoEYtrfM by malwaretech@infosec.exchange
2025-12-11T19:59:28Z
0 likes, 0 repeats
Is it me or are major internet platform outages getting more frequent? I used to instinctively reboot my router, now I just assume it's the platform. GitHub broke for me this morning, now LinkedIn is offline. Reddit and Twitter feel like they go down twice a week. Meanwhile all these companies are bragging about layoffs because they've "become more efficient with AI". Like, dawg, you can't even keep your website online.
(DIR) Post #B1HPYOi6g1AkJd3B9k by malwaretech@infosec.exchange
2025-12-15T17:38:26Z
1 likes, 0 repeats
The tariffs certainly appear to be working. American companies are no longer importing goods from China. Instead, they're becoming Chinese companies and producing good domestically.
(DIR) Post #B1grfcGIc56KVa1jnM by malwaretech@infosec.exchange
2025-12-27T18:08:11Z
1 likes, 1 repeats
One concern about the AI bubble that I've not yet seen discussed is how many All-In podcasts it's going to create. Every time one of these AI companies is bought or IPOs, it creates like 10 new billionaire who will start a podcast where they pass their single brain cell around a table and influence people on issues they know nothing about.Remember when David Sacks and Jason Calacanis got together with Elon Musk and tried to sabotage Ukraine's defense because they convinced themselves that angering Russia would lead to a nuclear war? Now imagine there's 400 of them. At this rate the entire media sphere will just be midwit billionaires with podcasts.
(DIR) Post #B2Ug5qFo87wMfyOmOG by malwaretech@infosec.exchange
2026-01-20T23:38:11Z
1 likes, 1 repeats
Since the decline of peer-to-peer botnets it's been difficult to track malware infections externally. But smart contract based C2 infrastructure provided us with unique insights into this campaign.https://expel.com/blog/clearfake-new-lotl-techniques/
(DIR) Post #B2wLnWs8bx9M0nk2oy by malwaretech@infosec.exchange
2026-02-03T05:01:56Z
1 likes, 1 repeats
I can’t believe we’re doing this again. It’s just a bot that generates the text you ask it for. If you put it in charge of critical decisions, it will kill people. Not because it’s secretly evil, but because it’s a word generator. It’s like putting your toaster in charge of air traffic control.
(DIR) Post #B3fermQ9Nx3adTaVg8 by malwaretech@infosec.exchange
2026-02-25T06:09:07Z
3 likes, 0 repeats
We plan to decrease operational costs for our AI model by building custom servers that are immune to cosmic radiation, then spending trillions of dollars launching them into space. Yes, our CFO did tech themselves math using ChatGPT, why do you ask?
(DIR) Post #B3gJTsfqa4ZbCTeWJM by malwaretech@infosec.exchange
2026-02-24T20:52:06Z
1 likes, 1 repeats
Anthropic when Chinese companies use Claude to train their own AI models vs Anothropic when they’re stealing everyone’s data to train Claude
(DIR) Post #B449XK112wXb7RauqO by malwaretech@infosec.exchange
2026-03-08T22:29:52Z
1 likes, 2 repeats
It feels like Proton are being intentionally misleading in their statements. They know that most of their customers aren't familiar with how legal process actually works, so are happy to spread half-truths.Under US law, a US law enforcement agency (LEA) typically has to apply for a subpoena or search warrant with a US court. The court is then responsible for deciding if the legal bar for search a request has been met, then either grants or denies it.The problem is, if a company has no real US footprint (no US corporate entity, offices, servers, etc.), then a US court typically doesn't have the jurisdiction to compel the company to hand over customer data (except in some rare circumstances). Even if the court approved the warrant anyway, it wouldn't really be legally binding.Which is why the Mutual Legal Assistance Treaty (MLAT) exists. MLAT enables law enforcement agencies in one company to send requests for information to law enforcement agencies in another. Switzerland has such a treaty with the US. This means that the FBI can request that Swiss authorities hand over a Swiss company's data on their behalf.Any country requesting information held by a company in a foreign jurisdiction would typically do so via MLAT. Which means from Proton's perspective, the legal request would appear to originate from their local law enforcement, not the FBI. Which they clearly understand based on their Reddit post.Saying "we don't respond to legal requests from anywhere other than Swiss authorities" seems very intentionally worded to give the impression that the company does not cooperate with foreign law enforcement. But since it'd be the Swiss authorities handling any such requests, they'd have to comply, since as they admitted, they have to comply with local laws.There is, however, some useful (but more nuanced) information here: Firstly, MLAT requests are handled by local law enforcement according to local law. So if there is a difference between the law of the sending and recipient country, that might mean the MLAT request is denied. That probably doesn't mean much, because if you're on the FBI's radar, the chances are you did something that is also massively illegal in Switzerland too.Secondly, they are 100% correct in saying that no other service provider is going to do any better. They're all beholden to local laws, and the ones that think they're not tend to get their doors blown off by SWAT like CyberBunker did. The only exception is if the company resides in a country which does not cooperate with US law enforcement (which Proton does not).But the part that's extremely disingenuous is that the "we only respond to requests from the Swiss authorities". That statement is likely intended to imply they don't cooperate with law enforcement in any other countries, which is simply not true. Switzerland has MLAT agreements with over 30 counties.People really need to understand that no company is going to shield you from the FBI (or any reputable law enforcement agency). They'll use misleading statements to make it sounds like they don't cooperate with law enforcement, but they do. They have to.
(DIR) Post #B5ZH2PZ2Jwt4PFhASO by malwaretech@infosec.exchange
2026-04-22T17:11:34Z
1 likes, 1 repeats
I spent nearly 4 months investigating the inner workings of a North Korean state-sponsored hacking group. Here's what I found:- The group used generative AI tools to aid in almost every part of their operations.- They exfiltrated 26,584 cryptocurrency wallets from victim systems, with a combined value totaling as much $12 million dollars.- In several cases, the threat actors set up entire front companies to lure in developers via fake job posting, then infected them with malware.- The threat actors successfully pulled off a supply-chain attack by compromising a VS Code extension developer's system.🔗 Full article: https://expel.com/blog/inside-lazarus-how-north-korea-uses-ai-to-industrialize-attacks-on-developers/
(DIR) Post #B5p2waCnYOJ2qKyl9s by malwaretech@infosec.exchange
2026-04-30T14:23:27Z
1 likes, 0 repeats
Listening to cybersecurity people freak out over Mythos is so tiring. Like, bro, your local water treatment plant runs Windows XP, your mobile provider's hardware is older than you are, and the protocol that routes internet traffic is secured by everyone just agreeing that hijacking it would be uncool.