@apicultor@hachyderm.io
@apicultor@hachyderm.io avatar

apicultor

@apicultor@hachyderm.io

In a sense, I am a beekeeper, hence the username.

I work in the rail industry trying to secure all the things: tons of legacy infrastructure which is now being networked.

Never forget: there is no cloud, there is only other people's computers.

I break shit for fun. Sometimes I even fix it afterwards!

They say that "life is what happens while we're busy making other plans", and they're right; tot i que la vida m'ha allunyat de Catalunya, tinc moltes ganes de tornar a casa.

Geek. Aspie. Poly.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

patrick, to random
@patrick@mendeddrum.org avatar

@jon @smveerman . Wondering how Amsterdam-Copenhagen would work? Wonder no longer, as GoVolt/FlyWise has just requested it.

apicultor,
@apicultor@hachyderm.io avatar

@patrick @smveerman @jon Why is this a day train? You lose the entire day.

Run it at night instead.

jon, to random
@jon@gruene.social avatar

Damn I am having one of those days on German railways

Dear DB please do tell me how this connection is supposed to work? I arrive after my connecting train will have departed, and that connection does not serve the station I need 😂

apicultor,
@apicultor@hachyderm.io avatar

@greenback @jon

>Many times, the info on the platform is more up to date than the app, or vice versa. Why aren't they both great?

Multiple sources of truth.

arstechnica, to random
@arstechnica@mastodon.social avatar

Nothing’s iMessage app was a security catastrophe, taken down in 24 hours

Nothing promised end-to-end encryption, then stored texts publicly in plain text.

https://arstechnica.com/gadgets/2023/11/nothings-imessage-app-was-a-security-catastrophe-taken-down-in-24-hours/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

apicultor,
@apicultor@hachyderm.io avatar

@arstechnica I wonder how the rest of their software development is. /s

flanker, to random

Finally get around to installing Sonoma, and on first reboot it’s great to see one of the new features immediately announce itself. Never seen it before “upgrading”.
@atpfm @siracusa

apicultor,
@apicultor@hachyderm.io avatar

@flanker @atpfm @siracusa What the fuck is Discord doing? Sparkle.framework || GTFO.

(I don't use Discord, so no experience with it, but apps that self-modify on macOS have been a headache for a very long time now.)

apicultor, to random
@apicultor@hachyderm.io avatar

https://www.railtech.com/all/2023/11/20/fs-introduces-new-night-train-like-hotel-from-rome-to-the-dolomites/

jon, to random
@jon@gruene.social avatar

Of course it's welcome that a bunch of MEPs, national politicians and some associations are saying they want to step up night trains in Europe, but I find this letter a bit wishy-washy, and a bit ill timed https://www.euractiv.com/section/railways/news/eu-commission-urged-to-support-europes-night-train-renaissance/

There's no way Von Der Leyen and Valean will act on this now

The best bet: take a step back, and make sure this is top of the agenda after the EP elections. And start with booking tickets and rolling stock

apicultor,
@apicultor@hachyderm.io avatar

@jon Ticketing, you say?

I just got done buying the last tickets needed for a Christmas tour: Vienna, Prague, Zurich, Paris... including not one, but two, night trains.

I don't have words. It's done, and I got exactly what I wanted (deluxe cabins on both), but it involved all sorts of heroics.

ai6yr, to random
@ai6yr@m.ai6yr.org avatar

Thanks, Wyze camera AI, for recognizing the "pet" in the backyard.

apicultor,
@apicultor@hachyderm.io avatar

@ai6yr Wyze, you say?

https://www.bleepingcomputer.com/news/security/rce-exploit-for-wyze-cam-v3-publicly-released-patch-now/

https://www.theverge.com/23003418/wyze-cam-v1-vulnerability-no-patch-bitdefender-responsible-disclosure

https://www.nytimes.com/wirecutter/blog/wyze-security-breach/

Not just no, hell no.

apicultor,
@apicultor@hachyderm.io avatar

@ai6yr They can be used as pivot points into your network, regardless of whether they're installed indoors or outdoors.

1br0wn, to apple
@1br0wn@eupolicy.social avatar

deleted_by_author

    •
    apicultor,
    @apicultor@hachyderm.io avatar

    @1br0wn >they can’t discriminate against encrypted messages with their green bubbles

    RCS should absolutely be green bubbles since they are not E2EE in the vast majority of cases.

    theautisticcoach, to actuallyautistic

    The French State under Emmanuel Macron unveiled its new “plan” regarding and other humans yesterday.

    More of the same. That is to say, NOTHING.

    A huge 5 year plan about US, without any consultation, whatsoever, with US.

    Anyone who knows the French State knows the HUNDREDS, if not THOUSANDS of hours that went into useless meetings to create this plan. The involvement of THOUSANDS of bureaucrats and “consultants”.

    Yet, the result is more ableism. More silencing of autistic voices. More oppression.

    Where did the 500M+ euros go for the LAST 5 year plan? Nowhere. Into the hands of private companies who seek to profit via the oppression of autistic bodies.

    Where will the 600M+ go now?

    Shameful.

    The Republic has actual autistic advocates and experts living just steps from the Élysée Palace. Organizations that fight for our rights like
    @CLE_Autistes
    . None of us were consulted.

    Who was consulted? Parents groups. Autism groups led and run by non-autistic people. Companies which exist to earn money from the State and autistic people on our backs and commodifying our bodies.

    According to the “new and groundbreaking” plan, autistic adults will receive free support groups (weren’t we already meant to be getting support groups under the last plan?). Said groups are led by non-autistic people who actively promote the pathology paradigm of autism, which is rejected by the vast majority of autistic adults. Not an improvement.

    It will allow certain autistic adults currently institutionalized to live outside and go work. Cute. As if that is a progressive idea!

    What about support for those of us who want a career? A meaningful one? What about support for those of us who cannot work but also do not want to be institutionalized and removed from society, our friends, and families?

    What about support for those of us who do work with need help with day to day things? What about support during autistic burnout?

    Nothing.

    Oh, and the Marianne eugenics project continues on!

    France continues to show itself to be unserious and performative when it comes to the civil and human rights of autistic people. Our humanity today, as yesterday, has been denied by those who purport to support us.

    Shameful and disgraceful.

    @actuallyautistic @disabilityjustice

    https://informations.handicap.fr/a-strategie-tnd-2023-2027-enfin-devoilee-tous-mesures-35859.php

    apicultor,
    @apicultor@hachyderm.io avatar

    @theautisticcoach @actuallyautistic @disabilityjustice >Oh, and the Marianne eugenics project continues on!

    Could you kindly clarify your use of such a loaded term?

    apicultor,
    @apicultor@hachyderm.io avatar

    @cadenza @theautisticcoach @actuallyautistic @disabilityjustice >I said [in French] “Good for you, you old fart,”

    What's the best way to say this? Asking for a friend. 😉

    Tutanota, to random
    @Tutanota@mastodon.social avatar

    deleted_by_author

    •
    apicultor,
    @apicultor@hachyderm.io avatar

    @Tutanota Instead of asking your users to verify connectivity, you should be doing so yourself, ideally on an automated basis.

    May I suggest RIPE Atlas?
    https://atlas.ripe.net/

    If you set up an account there, PM me with the email address you used and I'll arrange for a few million credits to be donated to you to get you started.

    toplesstopics, to random
    @toplesstopics@eldritch.cafe avatar

    Not frustrating at all that I have more accounts that hate-follow me on mainstream social media to leave nasty comments on my post than genuine supporters who say anything at all.

    apicultor,
    @apicultor@hachyderm.io avatar

    @toplesstopics Given how shitty and toxic mainstream social media is, perhaps this shouldn't come as a surprise.

    It doesn't say anything about you, Cleo — rather, it says lots about them. ❤

    0x00string, to random

    deleted_by_author

    •
    apicultor,
    @apicultor@hachyderm.io avatar

    @0x00string This is beautiful. Thank you for sharing it with us! ❤

    apicultor, to Cybersecurity
    @apicultor@hachyderm.io avatar

    The third annual ERA/ENISA conference is underway in sunny Athens. Your correspondent is attending in person.

    Fingers crossed that UNIFE doesn't get their way! 🤞🏼

    https://www.era.europa.eu/content/3rd-era-enisa-conference-cybersecurity-railways

    (Pictures courtesy of ERA.)

    So many people. Sold out with a waiting list!
    ERA/ENISA Collaboration

    apicultor,
    @apicultor@hachyderm.io avatar

    Update: Very glad to be able to report that the UNIFE speaker received a chilly reception from many in the crowd re their bullshit position that the Cyber Resiliency Act should not apply in rail, with special resistance to mandatory supply of patches:

    https://www.unife.org/news/joint-statement-raising-concerns-on-unpatched-vulnerability-reporting-in-the-cyber-resilience-act/

    Their position seems to not have evolved whatsoever since their position paper from September 2021:

    https://www.unife.org/wp-content/uploads/2021/09/UNIFE-Cybersecurity-position-paper.pdf

    @jon @PGLux

    apicultor,
    @apicultor@hachyderm.io avatar

    @Heuvinck @jon @PGLux Hi Laura,

    As a security professional I can confidently say that UNIFE's position is the antithesis of security. Instead, vulnerabilities should be shared under embargo with a vetted group with the need to know. A fixed expiry date attached to the embargo is crucial to prevent foot-dragging (or outright sweeping-under-the-rug), at which time it is made public. In IT this is generally 90 days, occasionally extended to 180+. It might have to start at 180 for OT.

    apicultor,
    @apicultor@hachyderm.io avatar

    @Heuvinck @jon @PGLux But can you blame them? They represent the supply industry, who really doesn't want to be bothered with the hassle of actually designing with security in mind. No wonder they are demanding to be exempt from the Cyber Resilience Act!

    From personal observation, the rail industry in general cares about security ONLY if any of the following 3 conditions are met:

    1⃣ Required by regulation or contract
    2⃣ Shit already hit the fan
    3⃣ Affects the safety case

    Otherwise, forget it. 😔

    0x00string, to random

    deleted_by_author

    •
    apicultor,
    @apicultor@hachyderm.io avatar

    @0x00string wut

    protonvpn, to random
    @protonvpn@mastodon.social avatar

    When we released our new Linux app out of beta, we said we’d quickly follow up with adding Secure Core. We’re happy to announce it’s now available.

    Community feedback is critical – so make sure to leave your thoughts below.

    Find out more here: https://protonvpn.com/blog/vpn-linux-app/

    apicultor,
    @apicultor@hachyderm.io avatar

    @protonvpn @Em0nM4stodon Unfortunately, Proton's links to Tesonet (a data mining company) eliminate Proton from consideration (or recommendation) for myself and many people I know.

    @mullvadnet || GTFO.

    rbidou, to random French

    Hacking Google Bard - From Prompt Injection to Data Exfiltration
    https://bit.ly/463ecxf

    apicultor,
    @apicultor@hachyderm.io avatar

    @rbidou There's no need for URL shorteners on Mastodon, as all URLs count as a fixed number of characters regardless of length.

    Transparency is best! That URL is:

    https://embracethered.com/blog/posts/2023/google-bard-data-exfiltration/

    gsuberland, to random
    @gsuberland@chaos.social avatar

    made pork loin, roast potatoes, roast parsnips, tenderstem broccoli, and carrots and onions cooked in the meat juices. roast seasoned with fresh sage, thyme, rosemary, and flaky salt. super good. now I'm in a food coma.

    apicultor,
    @apicultor@hachyderm.io avatar

    @gsuberland Oh wow. I'll be right over. 🤤

    0x00string, to random

    deleted_by_author

    •
    apicultor,
    @apicultor@hachyderm.io avatar

    @0x00string >i dont want to have a personal trainer, i want like... i personal trainer consultant

    Y'know, now that you mention it, personal trainers ARE consultants: they tell you what needs to be done and how to best go about it, but they don't do any of the actual work.

    gsuberland, to random
    @gsuberland@chaos.social avatar

    just checked a major review site and not a single smart TV was released in the past two years without integrated ads that you can't opt out from or disable. that's depressing.

    apicultor,
    @apicultor@hachyderm.io avatar

    @gsuberland advice

    jon, to random
    @jon@gruene.social avatar

    Write a piece about night trains

    Dozens of answers across different social networks “what you write won’t work for this or that reason”

    All right. But how are you going to put right the problem you raise?

    Part of the mess with the rail industry in general is this mindset. There’s always a technical reason something is impossible. And too few people who want to overcome those hurdles

    apicultor,
    @apicultor@hachyderm.io avatar

    @jon >Part of the mess with the rail industry in general is this mindset. There’s always a technical reason something is impossible. And too few people who want to overcome those hurdles

    Please tell this to my boss. 😭

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • mdbf
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • JUstTest
  • tacticalgear
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • lostlight
  • All magazines
    •