@enoclue@ioc.exchange
@enoclue@ioc.exchange avatar

enoclue

@enoclue@ioc.exchange

old ops geek and a researcher focused on routing, routing security, internet measurement, automation, and coffee. trying to learn new tricks but having trouble remembering old ones.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

joebeone, to random
@joebeone@techpolicy.social avatar

"The US Makes a Big Step Toward Better Routing Security" by Ryan Polk @internetsociety https://www.internetsociety.org/blog/2024/05/the-us-makes-a-big-step-toward-better-routing-security/

enoclue,
@enoclue@ioc.exchange avatar

@joebeone for the 903rd time, Route Origin Validation is NOT a security mechanism; it limits the blast radius of fat fingers. that's all.

you can pretty much tell that internet technical clue has left NTIA, etc.

enoclue,
@enoclue@ioc.exchange avatar

@huitema @joebeone yes. that is tantamount to if you do not secure your routers, some attacker can screw you.

fanf, to random
@fanf@mendeddrum.org avatar

oh dear ansible your cryptography never fails to disappoint

def secure_hash_s(data, hash_func=sha1):

enoclue,
@enoclue@ioc.exchange avatar

@fanf ansible is the pearl of devops; write-only, obscure, and cryptic. the problem is that the alternatives suck more.

yesitsanna, to random
@yesitsanna@hachyderm.io avatar

So if 69 is the sex number, and 420 is the drugs number, what’s the rock n roll number?

enoclue,
@enoclue@ioc.exchange avatar

@yesitsanna number nine. number nine. number nine...

jvagle, to random
@jvagle@mastodon.lawprofs.org avatar

We can't continue to rely on luck to ensure cybersecurity.

https://www.justsecurity.org/94918/software-backdoor-is-a-wakeup-call-for-cybersecurity/

enoclue,
@enoclue@ioc.exchange avatar

@jvagle i worry more about the closed source commercial products than the open source. at least the latter can be inspected. cf. crypto ag, netscreen, ...

elb, to random
@elb@mastodon.sdf.org avatar

I just picked up the salt shaker and tried to drink out of it. Guys, I have a Ph.D.

enoclue,
@enoclue@ioc.exchange avatar

@elb My SO has a PhD and can not be trusted to boil water. really.

enoclue, to random
@enoclue@ioc.exchange avatar

resisting opening another sshed xterm to the problematic host in an attempt to make the problem's cause more visible. maybe more coffee instead.

troed, to random
@troed@ioc.exchange avatar

Some poor person's SSH-bot is trying to log into one of my systems.

As root.

fail2ban jails their IPs (a bunch) over and over, and yet they've been at it for two days now.

Somehow I would like to communicate back to them that;

  1. root cannot login remotely. I mean. Come on.

  2. this system only accepts keybased authentication

I'm sure there are other less secure targets they could go spend their resources on. Please, let me help!

enoclue,
@enoclue@ioc.exchange avatar

@troed i view absorbing the ssh dict attackers as a social good, distracting them a little bit from more vulnerable targets.

hacks4pancakes, to random

We need to have a talk, and I’m having a really hard time having it with my awesome hacker friends, because everyone is super duper emotionally invested and is deeply hurt by it.

I hope you all aren’t - because it involves all of us and it’s important. It’s not about any of y’all individually or your hard community work.

The talk is about how to make all of our cybersecurity conferences and events and meetups more accessible and conformable for young hackers because I’mreallysosorry, we’ve somehow become Old, and the stuff that we are ingrained with as “hacker culture” like movies, music, and memes all were created before they were born - and they may or may not have any emotional attachment or enjoyment of them at all.

That’s the conversation we need to have and that we are all responsible for and I swear it’s not aimed at any conference or person because we are all in this filter bubble of watching the Matrix and listening to Prodigy and remembering the hamster dance and all of that stuff while awesome was like a quarter century ago.

Part of building a community is thinking about including everyone and their culture under a mantle of good ethics and goals. So we really, really need to start having a chat about when we lean on the 90s hacker aesthetic and memories to the exclusion of people under 30. I had a wake up call hearing some students complaining about it.

enoclue,
@enoclue@ioc.exchange avatar

@hacks4pancakes for me, it comes down to not being a gatekeeper. be a teacher and enabler.

hywan, to random
@hywan@fosstodon.org avatar

The case for Nushell, https://www.jntrnr.com/case-for-nushell/.

Relevant article about shells, and how Nushell pushes the boundaries further. I highly recommend reading it.

enoclue,
@enoclue@ioc.exchange avatar

@moehrenfeld @cstross @Keltounet @hywan once upon a time, the apple UI was rigidly maintained as uniform, same buttons/gestures worked the same way in all applications, were always in the same places, ... nowadays it is cupertino kiddie chaos.

briankrebs, to random

Has anyone here done a poll recently on how many people scroll up their timelines vs. down? i.e. how many start from oldest first, and vice-versa? I'm a top down guy myself, apparently.

enoclue,
@enoclue@ioc.exchange avatar

@briankrebs i scroll up, oldest first. and the bleeping web interface's interaction with firefox for that model is not great.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • kavyap
  • DreamBathrooms
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • ngwrru68w68
  • Youngstown
  • everett
  • slotface
  • rosin
  • ethstaker
  • Durango
  • GTA5RPClips
  • megavids
  • cubers
  • modclub
  • mdbf
  • khanakhh
  • vwfavf
  • osvaldo12
  • cisconetworking
  • tester
  • Leos
  • tacticalgear
  • anitta
  • normalnudes
  • JUstTest
  • All magazines
    •