simplenomad, 6 days ago to infosec

Hey #infosec and various old school #hacker types out there. Ages ago I read a tale about a print server that was the source of an intrusion into some system that the author of this tale was trying to secure. In other words, the print server (at some ISP in Australia) had been popped and from there the attacker was getting into other systems. If you were around in the last century and involved in tech and security you might have read this in some zine or blog. A pointer to a copy of this tale would be appreciated, and you will be rewarded in a large quantity of Zorkmids. And if you get the Zorkmids reference, surely you might recall this tale. Boosts appreciated.

simplenomad, 14 days ago to infosec

I recently deployed Wireguard, and have a blog post about it. It's more of a "real world" blog post than instructional, but I do enclose details about what I did and how I did it.

https://www.markloveless.net/blog/2024/5/14/installing-wireguard

#infosec #HackerLife #hacker #security #OldManYellsAtCloudflare

simplenomad, 1 month ago to infosec

I sort of have opinions about TikTok and the ban, but not like everyone else...

https://www.markloveless.net/blog/2024/4/25/the-tiktok-implications

#infosec #apt #TinFoilHat #privacy

simplenomad, 1 month ago to tech

If you're looking for a way to irritate other #nerds, particularly #tech nerds, just say "What's the big deal about Al? Always in the headlines, who's Al anyway?" And don't say #AI as in "ai" say Al like "Al Capone".

simplenomad, 1 month ago to random

The good news about AI is the attention to its potential, which BTW has been there for years if not really decades. The bad news is that everyone assumes the LLM approach is the universal way to go. LLMs can serve a purpose in specific use cases quite well but certainly in not all the ways the people hyping it are.

I think once we get back to specific models for specific tasks, like we were doing previously before LLMs came along and began being “startup funded”, we will truly start seeing the real benefits.

And yes, we’ve all been using those limited AI/ML setups in tech for ages, we should just set up better models for those use cases and things could get REALLY cool.

simplenomad, 1 month ago to Dog

"It stopped raining!"

Thunderstorms and in general just constant rain for today, but in the middle of morning yoga there was a short window for the rain-averse #dog to get in short walk. We got about a 1/4 mile in, not much but enough to motivate a ceremonial dump on a neighbor's lawn that I bagged up (and no, dark-humored smartass, it was a dog dump not a people one).

For the #weather nerds, nothing of note from this area in Texas, mainly just rain.

simplenomad, 1 month ago to random

A sad day yes. Not because it is #Monday but because it is #taxday here in the USA.

simplenomad, 1 month ago to security

My employer #GitLab is hiring, specifically in the Security division. Security Identity Management is the area, so if you're into #Security and #IAM and you're qualified, apply. If not, a few other positions are available, feel free to poke around. Fully remote. I'm not shopping for a referral, I'm shopping for a work colleague, so apply!

#FediHire #infosec

https://boards.greenhouse.io/gitlab/jobs/7294564002

simplenomad, 1 month ago to solar

So. That was impressive. Here’s a quick sample from the backyard. Of note: temperature drop from 79.3 to 74.8, #solar production from the panels dropped to 0 and the house draw from the grid was the usual constant 420 watts, once the sun started coming back out the panels ramped back up, the temperature continued to drop for a few minutes to 74.5 but finally started edging up, and the dog could give a shit and just wandered around sniffing like usual.

Wow. The pictures don’t do it justice. Jupiter was visible to the left and Venus to the right (not in picture).

#eclipse #totality #texas #eclipse2024

Solar eclipse under way, minor experimenting with lens selection from iPhone 15 Pro Max. Held an ISO 12302-12 eclipse glasses lens in front of the camera.
Solar eclipse under way, minor experimenting with lens selection from iPhone 15 Pro Max. No eclipse glasses lens this time.

simplenomad, 1 month ago to infosec

Hmm. People are speculating on the nation state that’s behind the #xzbackdoor and seem to be taking a decidedly Western perspective on this. The suspected threat actors they’re naming are typically Russia, China, Iran, and North Korea.

Folks, I just want to point out that you shouldn’t exclude UK, Israel, France, USA, and many others who are more than capable of this as well. And yes, this could have also been some black hat or even a commercial spyware shop doing this to later sell to the highest bidder.

#infosec #xz #HackerLife #threatintel

simplenomad, 1 month ago to earthquake

I'm going to guess I was not the only person who thought it was cool that I heard all about the east coast #earthquake from Mastodon instead of some other social media outlet. I mean, I hope there was no damage and everyone is okay, but other than that, cool! Heard it here first.

FYI, I did NOT feel it here in Texas, and if I had I would have assumed it was fracking....

simplenomad, 1 month ago to Weather

Ah the glory of the month's first Wednesday and the testing of the emergency sirens aka the "tornado sirens". They are slightly staggered for easier monitoring purposes (I assume that's why) so it's interesting to hear nearby ones power down and ones that are further away ramp up. As a person who grew up in Oklahoma this was a rather feared sound, so there is a nostalgic familiarity coupled with remembered fright whenever I hear them.

#weather #OldManYellsAtSirens

simplenomad, 1 month ago to infosec

The latest episode of the #osspodcast appropriately named "XZ Bonus Spectacular Episode" was informative, and while they made it abundantly clear there is not currently (possibly never in the current state of "things") a fix-all be-all solution, it is always fun to hear my fave #infosec old married couple bicker about OSS. And I am not just saying this because of the shout-outs (including the cell phone story), but because it helped emphasize an important thing I didn't realize - Debian's response to this was absolutely spectacular. I dare any commercially sponsored distro to do the same.

Debian seriously just when up in my book, and if you know me, that's something.

Anyway... check out https://opensourcesecurity.io/

simplenomad, 1 month ago to security

I remember when buffer overflows became a thing, and how since it was being discussed on the open Internet in #security circles that it got a lot of attention. Seemed so bleeding edge and exciting back then, now it's just a thing we deal with.

I wonder if this whole #xz thing is similar - in that an attacker has embedded a payload that triggers via a specific key pair. It's so clever and exciting, I mean all the calls are already inside of ssh for the key pair processing, I mean what a perfect way to implement it. Yes it is scary, but from an attacker perspective I think every #hacker on the planet is slightly envious and wishes they had thought of it first.

Now imagine a day when this is the new normal. What a time to be alive.

#infosec #backdoor

simplenomad, 1 month ago to infosec

This xz backdoor thing reminds me of a story I heard from friends that worked at a tech company that made cell phones. They had a great coder that worked on the project, he had put in work as a contractor for a few months, and due to the quality of his work he was hired in full time. After two months he simply stopped showing up to the office.

An investigation turned up the following interesting items. His account had accessed all files including source code to all cellular projects - in that he had apparently downloaded a copy of everything. He had committed a large amount of contributions to the project he was assigned to. None of his paychecks were ever cashed. A wellness check to the house he had rented was performed and the house was completely empty. Per the landlord he'd paid for 6 months rent in advance in cash. Apparently he never physically moved in. No record for him nor his social security number seemed to check out. The guy was a ghost.

I was asked about recommendations on future prevention by friends who worked there - no idea how far they got in their investigation, if backdoors were ever found or even existed, or if the Feds were ever involved. The punch line? This was probably a couple of decades ago.

This shit is real, and it has been going on for a long time.

#infosec

simplenomad, 1 month ago to random

I live in Texas, and you're not going to believe this, but Texas is so big that Texas fits inside of it. Yes. It's that big.

Fine, I may have had too much caffeine.

simplenomad, 2 months ago to random

Instead of explaining memory allocation, resource usage, and so on, when a non-technical friend asks why powering it off and back on seems to fix things so much I typically make something up. Current fave is coronal mass ejection, what about you?

simplenomad, 2 months ago to infosec

I think one of the problems with Twitter was that I had to follow a TON of accounts to get to the information I wanted. I was dealing with the algorithm or whatever, so to get a relevant post or thread a chunk of something had to float by, so I had to cast a wide net. Here on Mastodon I’m following less than half the number of accounts, I have a quarter of the followers, but a high level of signal and way more engagement.

I’m glad I deleted the bird site account, and while it is possible that some time in the future Mastodon might evolve into something less useful (thinking the equivalent of The September That Never Ended for you old school folks), for now I am enjoying the hell out of it and hope this lasts a long time.

#infosec #nerds

simplenomad, 2 months ago to infosec

So work has been interesting as of late. Have you ever been told your job is evolving/changing yet when you look over what you are going to be doing, you're fundamentally going to be doing the exact same thing? I think the only difference is that I will have slightly more freedom. Yes #infosec seemed like there is always going to be work and challenges, but if you like the work AND they give you more freedom, well that's awesome.

simplenomad, 2 months ago to solar

Just watched the latest video from @mattferrell which is extremely timely for me. I posted a blog post earlier today where I mentioned I was wanting to get a heat pump water heater, and a few hours later Matt posted this: https://youtu.be/abGiNL9IT54?si=w_GyCuD47w4Yn-H4

My blog post from earlier: https://www.markloveless.net/blog/2024/2/27/solar-adventures-continue

#solar #solarenergy #greenenergy #heatpump

simplenomad, 3 months ago to infosec

The AT&T #outage is region by region being corrected so now it is our job as #infosec nerds to wildly speculate on the cause. While I think it is most likely a corrupt config/routing table update, an expired domain, or the usual DNS thing, my personal wild guess is the Chinese government testing their backdoors. Anyone else have a “good” guess? Bonus points for an extraterrestrial scenario.

simplenomad, 3 months ago to TeslaMotors

IF I were paying for electricity for charging my #ev it would still be less than half the cost to fuel my old hybrid (which got 50 mpg), but I only charge on sunny days and I make sure the draw by the charger doesn’t exceed the energy of the panels. Benefits of a #smarthome setup for the #solar and the EV charger. Thank you Ra, Sun God, whose existence I now believe in because you almighty Ra fuel my trips to Starbucks.

simplenomad, 3 months ago to fediverse

So here's what I've been doing about the spam. I immediately report and block the sender, and if I get a 404 when trying to create the report, this typically means the account has already been deleted on the remote end (good). But if not I then take a look at the instance in question in a new tab.

I look at the version of Mastodon and the user count, if it is an older version vulnerable to security flaws with a low user count, that is a serious strike. I check the profiles directory on the instance looking at that instance only and check recently active and new arrivals, noting if yggwe is there (the spammer may not show up here). If the dates on regular users are quite old since their last post and they are following a handful of people, I suspend the instance, as I have no patience.

However if the site is active, with recent posts from regular users, I send a DM to the admin account. This does take a bit to do all this, but it is worth it. Here's the template I use when contacting the instance:

Hey <@ admin> there is a user/bot on your instance named <xxx> who is sending out a lot of spam. <optional>Additionally there is an account on your system called yqqwe whose presence is a type of "hobo sign" for bot accounts.

After you've deactivated/deleted those accounts, here are steps to prevent spammers:

1. Log in on your server's website
2. Go to Preferences
3. Go to Administration
4. Go to Server Settings
5. Click the Registrations tab at the top
6. In the "Who can sign up" menu select "Approval required for sign-up" (optionally also tick the box for requiring a reason)
7. Click "Save Changes" button

Spammers can exploit servers with instant signups.

Thanks for being here in the fediverse, and good luck!

#fediverse #moderation #administration #fediadmin

simplenomad, 3 months ago to fediverse

Hmmm, every server I'm getting spam from has a new user in their public directory named yqqwe, and each one of these users is following mastodon_admin_yggwe on a single-user instance mastodon.tinynews.org. One can look at the 924 followers of this admin and they all are named yqqwe and they are all on servers I've been getting #spam from. #fediverse #moderation #administration

simplenomad, 3 months ago to random

I saw someone recently talking about how when they were young, there weren't school shootings and whatnot. I'd say that yes, things have increased in the number of events, but I do remember being shot at as a kid on a school trip. Yes, I was on one of the buses back in 1975 although not one of the injured. It did happen, just not as frequently.

https://www.nytimes.com/1975/05/19/archives/highway-sniper-fire-a-puzzle-in-texas.html

Full text in attached pic.