tweedge

tweedge, 10 months ago to random

Just checked my seedbox and found that someone downloaded a file I wasn't expecting would ~ever be downloaded, lol

Whoever is out there that actually downloaded the full genome sequence of my cat Aida (a whopping 30GB of data) that I published exclusively on Mastodon, you're my role model <3

And yes, this is real. Thread: https://cybersecurity.theater/@tweedge/108298759311976108

tweedge, 3 months ago to random

A friend sent this to me and y'all might enjoy

tweedge, 11 months ago to reddit

This is going to burst some bubbles, but traffic levels on #Reddit (AFAIK) appear to be close to normal, including mobile traffic. Data is from r/cybersecurity and may not be representative, would love to see other mods post data.

Those that left will be paving the way for a content-filled threadiverse - we'll see if the next wave of enshittification is as-tolerated if there are more lively alternatives.

tweedge, 9 months ago to random

Find of the day - someone dropped an AtlasVPN #0day on Reddit. The AtlasVPN daemon on Linux runs an HTTP server to accept CLI commands, it binds to 127.0.0.1:8076 by default.

What's hilarious is that it accepts commands without ANY authentication - so if you open a malicious webpage, that webpage can fire a POST to 127.0.0.1:8076/connection/stop and instantly disconnect your VPN.

Utter garbage.

Source: https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/

Proof below - used AtlasVPN's latest Linux client, version 1.0.3.

AtlasVPN 1.0.3 0day demonstration where I start their VPN client, connect, and confirm my IP is now hidden. I then visit a malicious page that disconnects me from AtlasVPN, revealing my original IP.

tweedge, 11 months ago to random

"The average consumer just doesn't need symmetric upload bandwidth" - ISPs

Mhm mhm yep yes and you've repeated that for 30+ years, creating a wider and wider moat between download and upload speeds, and now my parents are backing up 1.6TB of family photos/videos over a "10 Mbit" upload connection that shits itself if you push 8 Mbit. But at least they have 300 Mbit download, of which they rarely utilize more than 20%.

ugh.

tweedge, 9 months ago to random

Idea: an extension that configurably flags/deprioritizes/blocks results from your search engine of choice that may be ML-generated. Even blocks at the domain/company level for infringements would be OK for me, such as blocking all content from "news" companies that decided "news" was just too gosh dang difficult to produce & have been experimenting with ML to replace reporters.

Or better yet, a search engine that implements that natively, but that's a much higher bar of investment ...

tweedge, 4 months ago to random

I'm teaching an intro to cybersecurity course starting next week, and I'm looking for ~challenging extra credit ideas that get students real-world experience they could put on a resume (mostly IT/security folks). Any fun thoughts and suggestions? Some ideas I've been mulling:

• Dump a malware sample into an (instructor provided) interactive sandbox, write up the behavior
• Review an existing writeup, write Suricata rules for the traffic, contribute signatures to Emerging Threats

...cont'd

tweedge, 8 months ago to random

Alright. Fuckit. What's the real benefit of serving #malware samples in an encrypted zip with a password of "infected" ?

Protecting morons from themselves: they'd unzip and run, and disable AV/un-quarantine files/etc. if blocked anyway

Protecting against misclicks: people are going to unzip/unpack, then same issue

Malware downloads a second stage from a sample website: decrypts it seamlessly

Evading firewalls/etc: people will have to disable their protections anyway ...

What am I missing?

tweedge, 7 months ago to random

Maybe it's just the data hoarder in me but seeing Mastodon purge 200GB (700k objects) and counting from the media cache is deeply unsettling

tweedge, 3 months ago to random

About the vibrator that allegedly had malware on it 2wks ago... I found a seller and bought one. Say hi!

The people on the thread who pointed out that there wasn't any evidence tying the vibrator to the Redditor's malware download were - of course - downvoted.

And ... so far there are no signs of malware. It doesn't register as a HID or present any storage (therefore it has no autorun.inf). I'll be doing some more setup so I can plug it in and monitor it for an extended period of time.

tweedge, 4 months ago to random

The whole "you must buy a new phone every 3-4 years" thing has created some interesting authentication flows.

For example: scanning a QR code on my old device was enough to

• Log in a new device to my account without prompting 2FA
• That new device, using only my password (no 2FA again) was able to port over my phone number from my carrier by issuing itself an eSIM tied to my account
• I was not notified via email, text, etc. about either the new device sign-in or number transfer

tweedge, 8 months ago to email

Curiosity got the better of me and I just picked up a really cool domain, used to be a mailserver. Already getting a bunch of spam and the domain's hardly been registered for 30 minutes...

Anyone out there in the fediverse that works on #email #spam and has recommendations for software to scalably collect and store a bunch of emails? I'm using Amazon SES, which is already running me about $12/mo and looks like it could balloon here.

tweedge, 11 months ago to random

Testing out XReal Air "AR" (read: not really AR) glasses as a portable monitor solution that doesn't break the bank and isn't a huge pain to lug around.

I've tested them for about 3 hours now (painless, plug & play experience on Linux - yay) and while it's a bit of pressure on my temples, this is way better than how my neck usually feels looking down at my laptop for the same amount of time.

A full VR headset would be a better visual experience by far but the cost and bulk is too much for me!

tweedge, 9 months ago to infosec

I tell ya hwat, I don't think most of the #InfoSec field is ready for a Safety-II mindset. Just look at how differently the human factor is considered in Safety-I and Safety-II ... that certainly rings a bell with all the user-blaming I've seen :/

Maybe someday.

tweedge, 1 year ago to random

Cutting down the cost of some personal projects - today I've nuked $22/mo off my bottom line and the replacements are either equal or superior to the originals.

• Swapped S3 providers to a lower cost option (Wasabi -> IDrive E2)
• Killed one EC2 instance and replaced it with a microVM on Fly.io
• Expanded use of Google Cloud to run a small instance covered by their free plan in us-central1

Pretty sure I can do the same by tomorrow but we'll see...

tweedge, 2 years ago to random

This #caturday I have a little something special. Source material.

Everyone reading: "What?"

Source material - that is to say, 30.3 GB of whole genome sequencing results for my cat, Aida.

tweedge, 5 months ago to random

Hit ctrl+c on the wrong window and killed a long running script, fUCK

tweedge, 7 months ago to infosec

Hot #InfoSec news - SEC charged SolarWinds and their CISO with fraud: https://www.sec.gov/news/press-release/2023-227

“We allege that, for years, SolarWinds and Brown ignored repeated red flags about SolarWinds’ cyber risks, which were well known throughout the company and led one of Brown’s subordinates to conclude: ‘We’re so far from being a security minded company.’”

tweedge, 8 months ago to infosec

Is it general knowledge in the #InfoSec community that publisher #Packt solicits fraudulent reviews to boost their products?

Usually they're better at feigning that they want "unbiased" reviews in exchange for free products, but not today. https://web.archive.org/web/20231007040533/https%3A%2F%2Fold.reddit.com%2Fr%2Fcybersecurity%2Fcomments%2F171tzby%2Fbook_reviewing_opportunity%2F

This isn't a one-off either - extensive history from other "DevRel Marketing Executives" on Reddit include guerrilla marketing from u/Namita_Packt & soliciting reviews from u/Ankur_Packt + u/Royreddituser3 + u/kunal_packtpub + etc.

tweedge, 9 months ago to random

Hi @kudue @BobEvans @ivo @ben ! Welcome to cybersecurity.theater

This is a small and independently moderated instance. If you run into any undesirable content, please smash that report button. Also, the server will periodically restart to apply pending updates because I'm not buying KernelCare lol.

Because this is a small instance, the "Local" feed is going to be quiet. Be sure to follow a lot of accounts from other servers! You can always unfollow later. :)

Ping me if you need anything!

tweedge, 10 months ago to random

Doing my part to influence corporate decision-making by responding to recruiters promptly and politely on LinkedIn, even when I'm not looking for a job, informing them:

1. Fully remote work must be supported for engineering roles
2. Salary range needs to be disclosed up-front
3. The salary range is too low for the role description

Probably doesn't really do anything but it's fun to imagine that if enough people did this, it could help nudge the market in the right direction.

tweedge, 9 months ago to random

I'm looking into "are deceptive links on social media typically malicious" and the answer is no (of course) and the most popular deception in 2023 by far is still linking to Rick Astley's Never Gonna Give You Up on YouTube (OF COURSE)

tweedge, 2 months ago to random

If your company or marketing team or whatever sends me spam emails, I'm "that guy" that jumps through all the spam report/abuse report/etc. hoops to get you booted off whatever email service you're using. Fuck spam and fuck you. 😘

tweedge, 5 months ago to random

Well, that's certainly one reason to reject a talk :(

tweedge, 1 month ago to random

Now that my class is wrapping up, time to try out some Seagate MACH.2 (read: dual actuator!) HDDs. The performance from these has been crazy - over 500 MB/s sustained sequential reads per drive. Comes with more power consumption, heat, and I assume failure rate... But looking forward to seeing how these perform in the real world.