Posts by nbering@infosec.exchange
(DIR) Post #9lrJJUL3iRklAerQTw by nbering@infosec.exchange
2019-08-13T23:37:20Z
0 likes, 0 repeats
@jerry @JohnsNotHere I think I’ve got a good start for ideas. I’ve been working from Bruce Potter’s Oh Noes! game framework, reviewing @JohnsNotHere’s D&D episodes, and I’ve got some choice incidents inspired by the Bad Things Daily twitter feed, and adapted to our company.Now I just have to try and predict what people will try and come up with some story paths that won’t be completely avoided by whatever the players actually do.
(DIR) Post #9ltNUZMOpFCeq2FFlw by nbering@infosec.exchange
2019-08-14T23:23:02Z
0 likes, 0 repeats
@JohnsNotHere @jerry Thanks for the tips. The event went better than expected for short-notice prep. Everyone had some fun, we learned a little about our IR plan, and a little about how to run one of these events. I was worried my scenario would be too short so I prepped two, and we didn’t need the second at all.
(DIR) Post #9m3lZ08aQkLu3UawDI by nbering@infosec.exchange
2019-08-19T23:50:24Z
0 likes, 0 repeats
@jerryThat’s really awful.
(DIR) Post #9m3m4wh6leRodvySum by nbering@infosec.exchange
2019-08-19T23:56:11Z
0 likes, 0 repeats
@jerry I grew up on a farm. There was life all around, but the balance is that there was a lot of death, too. Especially with the barn cats. At least once a year growing up I’d find one had been hit by a car our hunting at night.It’s hard not to let it get the better of you when it’s an animal that’s like family. And it’s so much worse when it happens while you’re right there.
(DIR) Post #9m7RCMQOBEuy4AgjIW by nbering@infosec.exchange
2019-08-21T18:21:03Z
0 likes, 0 repeats
@jerry @stringlytyped Stab in the dark, but when you’re looking for doubled-up IPs, don’t forget to look at an VMs that might be on the network.
(DIR) Post #9mWxztE1s5FjZ5STa4 by nbering@infosec.exchange
2019-09-02T15:35:17Z
0 likes, 0 repeats
My wife pulled my collection of Battlestar Galactica (the remake) DVDs out of the basement. They’ve been in storage for several years.It’s like watching a whole new show again after this many years. And good golly this show is brilliant.The writing, photography, acting, sets, props… all amazing.
(DIR) Post #9mWxztSuyjA8JGQMmu by nbering@infosec.exchange
2019-09-02T15:59:10Z
0 likes, 0 repeats
I especially love how they went to the trouble of making so many things that are familiar, but different enough to feel alien. The obvious example is books with the corners cut off.But another great example is Helo and Boomer arriving at a fallout shelter, and the door has a symbol on it has a lot of the elements of our symbol for radioactivity, but adapted to be kind of triangular instead of a circle.
(DIR) Post #9mfCB4Fq8jGRW1KQQS by nbering@infosec.exchange
2019-09-07T01:12:57Z
0 likes, 0 repeats
@ScottMortimer I’m on the fence for what I should set as goal for my kids’ next hardware. PiTop, PineBook Pro, or ChromeBook.Related, asked my daughter “Programmer or Hacker?”Without hesitation, “Hacker.” So probably PineBook. Smart for grade 2. 😄
(DIR) Post #9mu2ZknezIGKWJDJey by nbering@infosec.exchange
2019-09-14T05:06:01Z
0 likes, 0 repeats
@leip4Ier Been there, too. We ended up using a commercial plugin to handle provisioning via DHCP options and I think it was TFTP?It’s been a few years, but somehow I doubt it’s changed a lot.It was definitely better than not having an on-site PBX because we had limited bandwidth so local extension calls not leaving the LAN improved call quality overall.
(DIR) Post #9mxCptpsk5AmC3TE48 by nbering@infosec.exchange
2019-09-14T05:08:38Z
0 likes, 0 repeats
@leip4Ier For a family business where the busy main line rang in the business owner’s house... it was also very nice to be able to set features like office hours. Especially on holidays.
(DIR) Post #9mxCpu0W6XgCj2Rids by nbering@infosec.exchange
2019-09-14T05:17:58Z
0 likes, 0 repeats
@leip4Ier I refer to it in the past-tense because it’s still there, but I’m not. It was a frustrating but ultimately very rewarding project, though. It’s remarkable the useful things you can do once you own your local telephony stack.I had built a booking service for school tours. I added a button to the details page… wen you clicked it, the web app talked to asterisk and connected a call between the user’s desk phone and the customer’s number.
(DIR) Post #9mxFaC7JJ0Uc7WpE36 by nbering@infosec.exchange
2019-09-15T18:15:55Z
0 likes, 0 repeats
@leip4Ier That’s brutal. We had similar issues with VoIP vendors. We went with someone small and within our Canadian province.We were having crazy latency issues. Turns out they were back-hauling to a Rackspace server in Texas.While troubleshooting, they insisted it was our router - which was a premium Cisco for Small Business box. They charged us to replace it with a residential router that they flashed with DD-WRT.In the end, we switched to Voip.ms and things got much better.
(DIR) Post #9mxG226G8rD9A5bl2W by nbering@infosec.exchange
2019-09-15T18:20:57Z
0 likes, 0 repeats
@leip4Ier Ya... lots of snake oil salesmen. Watch out for people who want to do things for you or insist on certain hardware.At the end of the day, it’s not much harder than figuring out router configurations if you use FreePBX, Voip.ms (which is like a wholesale service - cheap and self-serve), and some simple SIP devices like Cisco, or we used Grandstream.
(DIR) Post #9mxGaHRFcUS4Zyl00O by nbering@infosec.exchange
2019-09-15T18:27:08Z
0 likes, 0 repeats
@leip4Ier Ya. I think getting going we had similar annoyances. The endpoint manager helped a lot because it had a better idea of what all the settings were.
(DIR) Post #9myCGTtdO3g0lZISFk by nbering@infosec.exchange
2019-09-16T05:13:27Z
0 likes, 0 repeats
@leip4Ier The take off to forget part reminds me of the Nymi band. It uses/used ECG readings as a biometric authenticator. You needed to touch the opposite finger for it to get a good reading and unlock. Then if the band was removed it would forget the key.https://nymi.com/The company is still around, but I don’t think they ever scaled up production of the bands to commercial product levels.
(DIR) Post #9myqb3BtruN6BlCfTc by nbering@infosec.exchange
2019-09-16T12:45:21Z
0 likes, 0 repeats
@leip4Ier Their threat model seems to be designed for facilities security. Basically, a replacement for RFID cards.In that environment, putting the band on someone who is unconscious to try and unlock something is probably going to be noticed.It’s an interesting thought… The same problem would seem to exist for fingerprints, or a ring.If your threat model includes someone willing to render you unconscious for your secrets, perhaps the best mitigation is a body guard?
(DIR) Post #9n5saaPOQKZ2oPdGds by nbering@infosec.exchange
2019-09-19T22:10:36Z
0 likes, 0 repeats
@jerry There was already and ISP association in the UK trying to label Mozilla as villains for implementing privacy measures that circumvent government surveillance programs.
(DIR) Post #9nCNMR1cmEZzBR0SlU by nbering@infosec.exchange
2019-09-23T01:23:44Z
0 likes, 0 repeats
@leip4Ier Humans can't be trusted to edit fstab anyway...
(DIR) Post #AJpW2Qdk6Y6kUOiO36 by nbering@infosec.exchange
2022-05-26T01:25:05Z
0 likes, 0 repeats
@jerry That sounds about right. And I think people miss the point of teaching it young if they expect kids to treat it as a future career path.At early ages, it’s about giving them foundations in case they want to learn more later. Learning later requires them to work past preconceptions taught in higher maths.
(DIR) Post #AlqT0VSV5ZUR0cFfqS by nbering@infosec.exchange
2024-09-10T01:41:24Z
0 likes, 0 repeats
@davidrevoy This ended up in my feed by coincidence, but I’m excited to give you a follow!This summer, my daughter was learning to use a pen display on her Raspberry Pi with Krita. We watched some of your excellent tutorials, and both learned a lot about the tech and technique. ❤️