Posts by sawaba@infosec.exchange
 (DIR) Post #AUMEzZzlLWxkjPGNTk by sawaba@infosec.exchange
       2023-04-05T23:09:02Z
       
       0 likes, 0 repeats
       
       Seems like it's maybe similar to Mastodon - decentralized, and Snort.social is the equivalent of mastodon.social?Loving the design so far. Very clean, I'm a fan of purple.Ooooh, but the login field is asking for a KEY, things are starting to feel very Web3I guess I'm generating a pub/priv key pair and the priv key will be part of my login, while my pub key signs my posts?
       
 (DIR) Post #AUMEzaUFWBLiFxWizw by sawaba@infosec.exchange
       2023-04-05T23:13:37Z
       
       0 likes, 0 repeats
       
       Yeah, pretty much, it looks like that's how this works.Saved my keys, next.Grab my username, next.
       
 (DIR) Post #AUMEzaxJm6bLi77wJ6 by sawaba@infosec.exchange
       2023-04-05T23:18:58Z
       
       0 likes, 0 repeats
       
       Okayyyy, WTF is this? I thought I just picked a username.But it's going to show a default avatar and the first 8 characters of my public key instead? What sense does that make?So, it looks like I can register a unique handle of sawaba@snort.social, okay.But it's going to cost me 50,000 sats? What's a sat? Is that short for satoshi?I'm vaguely remembering that 1 BTC equals some amount of satoshis - like a million or a billion.Okay, looks like 50,000 sats is roughly $14 right now, and I have enough BTC in my Coinbase wallet for that.
       
 (DIR) Post #AUMEzbUdmDFxNSiYFM by sawaba@infosec.exchange
       2023-04-05T23:23:37Z
       
       0 likes, 0 repeats
       
       Okay, buying sawaba@snort.social...but wait, I recall buying some crypto domain name a few years ago - it wasn't cheap either, like $100Can I use that instead?Right, here we go - I own sawaba.crypto and badinvestments.crypto. Could I use one of these instead of buying a snort.social handle?
       
 (DIR) Post #AUMEzc7dRERrKOxh1k by sawaba@infosec.exchange
       2023-04-05T23:33:37Z
       
       0 likes, 0 repeats
       
       I'm gonna skip that for now - seems like something I could do later on. (right? that's not really clear at this point)Okay, now I have an option to connect with Twitter friends who are already on this platform, that's handy.Aaaand, I have no idea who these people are, because they all have pubkeys for names and default avatars. Useless. Skip.
       
 (DIR) Post #AUMEzcnSvhuPQ8X6EC by sawaba@infosec.exchange
       2023-04-05T23:34:11Z
       
       0 likes, 0 repeats
       
       HOLY WTF, this is what I'm presented with now. Is this the current state of Web3 in a single image?A web of anonymous, unrecognizable accounts that can't be bothered to replace the default avatars and buy custom domains...And then there's Jack, atop the Web3 throne, clearly recognizable.
       
 (DIR) Post #AUMEzdNGmaY5DBHh2G by sawaba@infosec.exchange
       2023-04-05T23:36:23Z
       
       0 likes, 0 repeats
       
       And I'm done. I'm now exploring the UIHere's Jack's profileLooks like there are a few more folks that have proper names and avatars... but how does he know who he's following? The vast majority of these accounts have no recognizable features.
       
 (DIR) Post #AUMEzduEo0v6rQi1QG by sawaba@infosec.exchange
       2023-04-05T23:39:18Z
       
       0 likes, 0 repeats
       
       Apparently, by default, I am my own follower?Also, it shows my username here, why not in the main UI, where you need it to know who is posting in a thread?
       
 (DIR) Post #AUMEzeSckAQSa4nU1I by sawaba@infosec.exchange
       2023-04-05T23:41:54Z
       
       0 likes, 0 repeats
       
       My first post!To be fair, this isn't the first social platform where people's first posts are mostly "how does this work"
       
 (DIR) Post #AUMEzf4CUSU2ScNUae by sawaba@infosec.exchange
       2023-04-05T23:44:13Z
       
       0 likes, 0 repeats
       
       The social UI/UX is pretty simple. Instead of boosts, you have "zaps", but you also have likes, retweets, and replies.
       
 (DIR) Post #AUMEzfjg0Ff0XFmcEq by sawaba@infosec.exchange
       2023-04-05T23:45:11Z
       
       0 likes, 0 repeats
       
       Similar to Mastodon, you have both 'local' and 'global' feeds you can browse.
       
 (DIR) Post #AUMEzgFa5dBI8Ci5y4 by sawaba@infosec.exchange
       2023-04-05T23:51:44Z
       
       0 likes, 0 repeats
       
       Ohhh, zaps are donationsYou can even automatically send money to every "note" (their equivalent of a Tweet or Toot) that you load!
       
 (DIR) Post #Au64rzyG65Uhq6DlbM by sawaba@infosec.exchange
       2025-05-14T21:18:59Z
       
       1 likes, 0 repeats
       
       @GossiTheDog enshittification
       
 (DIR) Post #Av0IdRCvQvxeugR36u by sawaba@infosec.exchange
       2025-06-10T22:58:06Z
       
       0 likes, 1 repeats
       
       @todb not at all - it appears to be a bug in how Windows handles WebDAV links within internet shortcut files (.URL files in Windows)allows attackers to execute binary EXEs over an external link, hosted by the attacker's malicious webdav serverMy analysis is based on reading the report here: https://research.checkpoint.com/2025/stealth-falcon-zero-day/
       
 (DIR) Post #Av0IdWu0GCOGZjd1Rw by sawaba@infosec.exchange
       2025-06-10T22:59:41Z
       
       0 likes, 0 repeats
       
       @todb seems like the kind of attack vector that should have been sussed out YEARS ago, like malicious autorun.inf files 🤦‍♂️
       
 (DIR) Post #B1HiR9jHsL2exGrZ68 by sawaba@infosec.exchange
       2025-12-15T19:56:10Z
       
       0 likes, 1 repeats
       
       I'm baffled every time someone claims attackers are getting more advanced and sophisticated. They don't need to be, because their targets aren't getting more advanced or sophisticated.Adversaries aren't about doing extra work they don't need to do to achieve their goals.
       
 (DIR) Post #B2VTsOXYqwTCfQU5K4 by sawaba@infosec.exchange
       2026-01-20T00:37:23Z
       
       1 likes, 3 repeats
       
       The enshittification of computer repair is happening.AI has amazingly managed to make repairable computers practically worthless.The increase in memory and storage pricing is destroying the second-hand market for computing hardware and this makes me sad. I watched a video from someone that runs a repair shop, and this is what's happening:The memory/storage alone is worth more than the rest of the computer, so people are stripping them out to sell separately.The second hand market is now flooded with computers that have no memory or storage. Buying new memory or storage to put in these used computers is now more expensive than buying a new computer.So we now suddenly have a giant e-waste problem PLUS a giant problem for repair shops that want to stay in business. In the video, he was basically saying that they have to pivot to the only computers that folks aren't stripping RAM and storage out of - computers that have those things soldered on. The irony here is that repair shops now have to ignore the most repairable computers and focus on the least repairable computers instead.https://www.youtube.com/watch?v=T6eiFyJMWgMcc @pluralistic @iFixit
       
 (DIR) Post #B2VTsTvUpNaRN6ilpA by sawaba@infosec.exchange
       2026-01-20T05:27:55Z
       
       1 likes, 0 repeats
       
       @pluralistic @iFixit It just KILLS me that repairable, modular manufacturers are getting punished here, because they can be more easily stripped for their most valuable parts and then discarded.
       
 (DIR) Post #B2VTsZ2Pp55nE0zrns by sawaba@infosec.exchange
       2026-01-20T05:32:26Z
       
       0 likes, 0 repeats
       
       @pluralistic @iFixit and it’s not even that computer repair was enshittified here - it’s that the sphere of AI enshittification influence has enveloped PC repair and destroyed its margins in a matter of months.
       
 (DIR) Post #B2my5QEVt59VJLZEqO by sawaba@infosec.exchange
       2026-01-29T16:05:13Z
       
       1 likes, 0 repeats
       
       @vitalis the most relatable post today