Posts by tweedge@cybersecurity.theater
 (DIR) Post #AYio3hynVDLsVFQjXE by tweedge@cybersecurity.theater
       2023-08-14T04:26:56Z
       
       1 likes, 1 repeats
       
       I tell ya hwat, I don't think most of the #InfoSec field is ready for a Safety-II mindset. Just look at how differently the human factor is considered in Safety-I and Safety-II ... that certainly rings a bell with all the user-blaming I've seen :/Maybe someday.
       
 (DIR) Post #AYio3jrQVae0KxzsK8 by tweedge@cybersecurity.theater
       2023-08-14T04:27:20Z
       
       0 likes, 0 repeats
       
       More info on the difference between Safety-I and Safety-II: https://skybrary.aero/sites/default/files/bookshelf/2437.pdf
       
 (DIR) Post #AZJNxfMjbWkPq6ibya by tweedge@cybersecurity.theater
       2023-08-31T19:29:20Z
       
       1 likes, 0 repeats
       
       I'm looking into "are deceptive links on social media typically malicious" and the answer is no (of course) and the most popular deception in 2023 by far is still linking to Rick Astley's Never Gonna Give You Up on YouTube (OF COURSE)
       
 (DIR) Post #AZJO3DXxwm89IYcRF2 by tweedge@cybersecurity.theater
       2023-08-31T23:19:02Z
       
       0 likes, 1 repeats
       
       @yojimbo @doot god damn it this got me
       
 (DIR) Post #AZOodL0gGoKKpJjmO8 by tweedge@cybersecurity.theater
       2023-09-02T21:24:57Z
       
       2 likes, 1 repeats
       
       Find of the day - someone dropped an AtlasVPN #0day on Reddit. The AtlasVPN daemon on Linux runs an HTTP server to accept CLI commands, it binds to 127.0.0.1:8076 by default.What's hilarious is that it accepts commands without ANY authentication - so if you open a malicious webpage, that webpage can fire a POST to 127.0.0.1:8076/connection/stop and instantly disconnect your VPN.Utter garbage.Source: https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/Proof below - used AtlasVPN's latest Linux client, version 1.0.3.
       
 (DIR) Post #AZOodMmDhXwqJ2zG7s by tweedge@cybersecurity.theater
       2023-09-02T23:31:47Z
       
       0 likes, 0 repeats
       
       Really great question in the comments - how does this exploit bypass CORS?The request to the AtlasVPN daemon meets the definition of a "simple request" - for legacy/compatibility reasons, servers don't have to "opt in" to receive requests that look like form submissions. :')https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests
       
 (DIR) Post #AaIvljS566haiRFgTQ by tweedge@cybersecurity.theater
       2023-09-30T19:09:09Z
       
       1 likes, 0 repeats
       
       Why does VirusTotal, and everywhere else smart consumers huck untrusted files for a sanity check, still not throw any warning about "hey this file is encrypted and we can't analyze it" (or ask for the password, etc.)?Why is every encrypted zip, unless that *exact* zip has been caught in an attack, titled "No security vendors ... flagged this file as malicious"Are we that worried that consumers will figure out that spending $120/yr for "Norton Antivirus for Gamers" isn't a value add? Come on.
       
 (DIR) Post #AaIvlkoo16TQxCtLX6 by tweedge@cybersecurity.theater
       2023-09-30T19:10:00Z
       
       0 likes, 0 repeats
       
       Don't believe me? Here's an example: https://www.virustotal.com/gui/file/99c37d4005e5c7ca44ce5f46e6ae0c0662c371eeb250849f2faebe1e42c4f4a0/detection
       
 (DIR) Post #AbO4j6pQHX3PgBfpcO by tweedge@cybersecurity.theater
       2023-11-02T04:52:11Z
       
       1 likes, 0 repeats
       
       Resist the urge to dunk on willful, blatant ignorance on Reddit ... resist ...... r e s i s t .........
       
 (DIR) Post #AbcfDVjQZbDqAM6X4K by tweedge@cybersecurity.theater
       2023-11-09T06:33:00Z
       
       1 likes, 0 repeats
       
       @mttaggart yep. unusable. I'm just using my phone whenever I need some tunes.
       
 (DIR) Post #Abq49lEfGg9SdYxTF2 by tweedge@cybersecurity.theater
       2023-11-15T18:21:53Z
       
       1 likes, 0 repeats
       
       @mttaggart Don't care. Also my resume is 2pgs. The only time I would care is if someone had 1pg of content stretched suuuper thin to 2pg - 1pg for students is a good rule, for professionals IMHO it's not.
       
 (DIR) Post #AdDtXQNLqXxK387PkG by tweedge@cybersecurity.theater
       2023-12-27T03:40:54Z
       
       1 likes, 0 repeats
       
       Can't decide if I recommend Framework laptops.On one hand, the one I just bought for my mom wasn't manufactured quite right and the trackpad wasn't registering clicks 100% of the time. Apparently there are a number of possible problems that people have had with their trackpads over the past 2 years. Yikes!!On the other hand, I fucked about for a while until I put some electrical tape under the trackpad  because it felt like it had ~1mm too much flex, and this 100% fixed the issue. Nice!!
       
 (DIR) Post #AdPJfkMGheVu1K2IPQ by tweedge@cybersecurity.theater
       2024-01-01T16:22:21Z
       
       1 likes, 0 repeats
       
       Well, that's certainly one reason to reject a talk :(
       
 (DIR) Post #AhrU1TNbG2T3Y8mQRE by tweedge@cybersecurity.theater
       2024-05-06T04:31:19Z
       
       0 likes, 0 repeats
       
       forgot I had this on my phone, now you can have it on your phone too
       
 (DIR) Post #AhvVsu7FScGCPB0syG by tweedge@cybersecurity.theater
       2024-03-17T02:33:22Z
       
       0 likes, 0 repeats
       
       In case any of yin see the "AI programmer Devyn!!!" hype, here's how I popped that hype balloon ...The same marketing site that claims "Devyn can not just solve coding problems, but create entire applications on its own from prompts" lists its most impressive performance on SWE bench - the ability to solve code problems from a GitHub issue - at 13%.And that's super impressive compared to other LLMs.But if I couldn't solve 87% of documented bugs, I'd be out of a fucking job, y'all.
       
 (DIR) Post #AhvVsveFlOFt9pSl3Q by tweedge@cybersecurity.theater
       2024-03-17T02:34:07Z
       
       0 likes, 0 repeats
       
       Something something smartest guys in the room something something Enron something something
       
 (DIR) Post #AhxV5iUmGVTkUWU5dg by tweedge@cybersecurity.theater
       2024-02-10T18:24:11Z
       
       1 likes, 1 repeats
       
       A friend sent this to me and y'all might enjoy
       
 (DIR) Post #Ai2DqU3IxHalvGaIHQ by tweedge@cybersecurity.theater
       2024-03-21T02:18:42Z
       
       0 likes, 0 repeats
       
       X is distributing their Grok LLM weights through Academic Torrents - though you get no points for figuring out when it went live :)
       
 (DIR) Post #AlZyYF7M93D548brhg by tweedge@cybersecurity.theater
       2024-09-02T02:42:36Z
       
       1 likes, 0 repeats
       
       "RAID is a backup RAID is a backup RAID is a backup" I chant, desperately manifesting a healthy scrub after moving my primary NAS out of my old apartment(it'll be fine, the important stuff is backed up to 2 offsite locations)
       
 (DIR) Post #AlpvejSR403LZGENqS by tweedge@cybersecurity.theater
       2024-09-09T19:06:20Z
       
       1 likes, 0 repeats
       
       @nerdpr0f me seeing network-accessible C code from 1998-2001 in production for the first time, with absolutely no mitigations, mere days into full-time work: "ah."