versed_perception

@versed_perception@infosec.exchange

System Engineer, Network Engineer, Storage Engineer, Security Engineer, Database Administrator and Performance tuning Engineer, Compliance Management

This profile is from a federated server and may be incomplete. Browse more on the original instance.

stopthatgirl7, to random
@stopthatgirl7@famichiki.jp avatar

If buying isn’t owning then pirating isn’t stealing.

Sony is erasing digital libraries that were supposed to be accessible “forever”

https://arstechnica.com/culture/2024/02/funimation-dvds-included-forever-available-digital-copies-forever-ends-april-2/

versed_perception,

@stopthatgirl7 It's time - https://www.wongfleming.com/digital-media-ownership-what-does-it-mean-to-purchase-or-buy-digital-media/

https://topclassactions.com/lawsuit-settlements/lawsuit-news/amazon-class-action-lawsuit-and-settlement-news/judge-dismisses-amazon-class-action-lawsuit-over-video-ownership/

Key Take away: "“Here there is only one jurisdictional fact the court need consider, and that is the undisputed fact that Caudel has never lost access to any of the videos she purchased,” the dismissal states."

Someone needs to revitalize that class action, and bring it against Sony. (Caudel-v-Amazon)

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

deleted_by_author

    •
    versed_perception,

    @hacks4pancakes @mathaetaes @GossiTheDog Reminds me of the morons playing Pokemon GO when it first released while driving, on the freeways. Randomly coming to a dead stop in the middle lane on a freeway posted at 75MPH, "because Squirtle".

    josephcox, to random

    New from 404 Media: people are distraught that current VR porn does not work on the $3,500 Apple Vision Pro https://www.404media.co/a-3-500-chastity-belt-early-apple-vision-pro-adopters-alarmed-to-learn-vr-porn-doesnt-work/

    versed_perception,

    @josephcox "Apple Porn"

    hacks4pancakes, to random

    Everyone keeps sending me that news article about the German railway trying to hire a DOS and Windows 3.1 expert. You don’t understand- that is my whole job. That’s literally my normal day to day cybersecurity career.

    versed_perception,

    @hacks4pancakes It's 2012, we had an AS/400 with a T1 for a Point to Point to a Parts ordering system for HVAC. During this time is when the main power switch on the server failed. We ended up finding 2 complete units on Ebay that we bought and pulled in for parts.

    The client side was a custom DOS client that would connect to the service running on WInNT on the AS. The crap we had to do to get it working on Windows 10 and 11...

    The parts ordering vendor finally adopted support for a web client ordering solution in 2018 that was...Java Based. Then in 2019 JRE licensing changed.

    Bottom line, it the CFO knew about the java changes inbound they would have never approved retiring that AS/400 box. The cost was insane post JAVA licensing changes compared to maintaining that old T1 Point to Point.

    jerry, to random

    Been thinking about piecing together a desktop PC for photoshop, Lightroom, podcasting, et al. I have a decent laptop, but it seems quite slow for the likes of photoshop. Are desktop processors that much faster than mobile processors these days?

    versed_perception,

    @jerry Depending on the OEM build of said laptop, mobile and desktop CPUs can be on par today. its down to firmware cTDP controls and thermal headroom. But the main issue, you never know what you get for limits on the laptop until its in your hands.

    But ask yourself, do you want a hot potato? If not, then build that desktop anyway.

    arstechnica, to random
    @arstechnica@mastodon.social avatar

    Cops arrest 17-year-old suspected of hundreds of swattings nationwide

    Police traced swatting calls to teen’s home IP addresses.

    https://arstechnica.com/tech-policy/2024/02/cops-arrest-17-year-old-suspected-of-hundreds-of-swattings-nationwide/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

    versed_perception,

    @arstechnica whythefuckwouldyoudothis?!!?!

    hacks4pancakes, to random

    Let us have a little chat about the person who accused @brysonbort of gaming RSA talk submissions by submitting a talk with me by "playing the diversity card" to get accepted. And all the people thinking it and simmering.

    Thank you kindly for completely devaluing my expertise in my field, which I have worked in daily for over a decade and a half, served as a senior NCO in the military doing, teach, and speak on globally. Whether you consciously intended it or not, you implied I am a diversity token and not an expert in cybersecurity incident response.

    It's actually good to purposefully share the stage with underrepresented voices in technology, because we still routinely have entire tech conferences that are 100% white and male speakers because of bad CFP boards and management. That was RSA keynotes, within my professional lifetime. It cost me and my colleagues a lot of goodwill calling them out at the time.

    When I am "handed" a speaking slot explicitly because I am not a straight white man, it's usually on a droll topic I am totally unqualified to speak on, like "TeLL uS abOUT beINg a WomAN in TEch" that also devalues my expertise. Side note - this has turned out to be a huge red flag. Often done by people who go on to do Bad Stuff to women.

    You, yes you are a prime reason women and nonbinary people don't want to submit to conferences.

    Reference (in image):
    https://x.com/brysonbort/status/1752474954975637699?s=20

    versed_perception,

    @hacks4pancakes @brysonbort ..and white men wonder why so many hate...white men. It's really tiring being a white man with so much white trash men about.

    jerry, to random

    Holy sh*t what a week. 😰

    versed_perception,

    @jerry Micrsoft locking out accounts along side that huge team outage, masked as a technical issue turning out to be a cross tenant breach at a very high level?

    Viss, to random
    @Viss@mastodon.social avatar

    "if it aint broke, dont fix it" would dictacte:

    • you need to wait for your engine to seize up completely before you think about changing your oil

    • wait for all your plants to die before watering them

    • wait for your house to be robbed to install a security system

    • wait for the tumor in your skull to kill you before treating it.

    anybody using that phrase in the context of technology should be relieved of duty immediately. they are openly planning for failure.

    versed_perception,

    @Viss I agree 100% but what about those that are "its broke, lets still not fix it" :)

    They are one in the same!

    versed_perception,

    @Viss that is not what I am talking about though. I have dealt with the "let it burn" as a lesson more then a few times over the years.

    But what I am talking about are systematic issues that go unfixed and create 'complacent users' because of it.

    versed_perception,

    @Viss ah, thats more like "we dont want to upset very old users" and "we cant patch because we are not entitled to" I've sadly experienced both.

    versed_perception,

    @Viss I worked at an org, that migrated to O365 and enabled MFA for every user but the 60year old+ staff (this was a large portion of the org) and did not do a password change on these users. Some of the passwords had tokens that were from 1997....and this was in 2020. Yes, they were breached. yes they did not disclose the breach. Yes millions of damages to their clients occurred because of it.

    dangoodin, to random

    Does anyone know of any attacks, either PoC or in the wild, that use malicious printer cartridges to infect printers? I saw this article from 2022

    https://www.action-intell.com/2022/10/05/hp-bug-bounty-program-finds-reprogrammable-chips-open-printers-to-malware/

    It says that HP's Bug Bounty program found such attacks are possible, but there are no details about who reported the bug that made such attacks possible. I remain skeptical about the accuracy.

    Any help from experts in the form of pointers to attacks or analysis about whether printer cartridges are a viable infection vector would be much appreciated.

    versed_perception,

    @dangoodin If HP Ink cartridges were not chipped in the first place....It's one thing to have ink level sensors that integrate with thee HP monitoring sub system, but something entirely different when you serialize, EEPROM, and SOC these fucking Ink cartridges.

    But no, there is not a single POC attack vector that I am aware of facing HP ink in any shape or form. Maybe Defcon 2024 will say differently after the HP CEO's bullshit statement...

    jerry, to random

    Holy moly - 179 US congress people signed an Amicus brief in Trump’s appeal to the US SCOTUS in the Colorado 14th amendment eligibility case, claiming that the the President doesn’t have a duty to uphold the US constitution.

    versed_perception,

    @lapt0r @Viss @jerry Oh I dunno about that...it all depends on how we define the other duties, such as preserve

    versed_perception,

    @jerry Maybe this is more about defining what the office is more then upholding something. So if their fat bastard gets in, they can work the continuing loop holes to try and crown the fucker.

    jerry, to random

    Good news for the day: we found a new insurance company for my beach place and the cost only went up 35%

    The bad news is that my condo dues also went up 50%, though I am fairly glad that the otherwise inept Florida government is forcing condos to take maintenance seriously to prevent other situations like Surfside. Watching what my condo went through to do something as simple as resurfacing the pool deck was painful and I can certainly see how condos would ignore maintenance costs to placate owners who don’t want to incur any additional costs.

    versed_perception,

    @jerry Curious, what are your dues if they are +50% now.

    My condo was in major disrepair, HOA got sued over it (Fiduciary) and have been retro fitting buildings, replacing main lines,...etc. To make it work the dues went up 89% and we had two special assessments over the last 5 years.

    But we are finally above water on repairs and serviceability and each unit's value went up 40% in the last 24months, making it a sound investment.

    versed_perception,

    @jerry Ok, thats what I thought. Ours are getting up there. We are at 725/month now. We have 2 more buildings to repair then one more year of high dues for reserves then they are dropping back down.

    It's been a wild ride, but its one of the best communities in the area and totally worth the investment. Wife and I are thinking of trading up to a larger unit 😆​

    versed_perception,

    @jerry Oh tell me about it. I've been looking at housing in the area too. It's still cheaper to own a condo over 30 years with the current dues then buying a house without an HOA here. Mainly because you don't know if you are staying the full 30 😂​

    SwiftOnSecurity, to random

    (This did not happen)

    versed_perception,

    @SwiftOnSecurity Computer science in 2023, teaching students how to craft viruses and malware /s

    RickiTarr, to random
    @RickiTarr@beige.party avatar

    Okay, all Superheros are, at least, marginally problematic, but what Superhero do you think is the most problematic, and why?

    versed_perception,

    @RickiTarr Homelander...🤣​

    versed_perception, to random

    Just a reminder, if you work in/out of California and have a 'noncompete' they are no longer lawful. Additionally, if your "noncompete" was paired on the same document as your NDA, your NDA is also null and void as of Jan 1st 2024. Employers will be required to issue new NDA's that also contained noncompetes this year.

    SB 699 prohibits employers from entering into or attempting to enforce noncompete agreements with employees. The new law establishes that noncompete agreements are void in California regardless of where the employee worked when the employee entered into the agreement and/or where the employee signed the agreement.

    Additionally, newly signed AB 1076 requires employers to notify current employees and former employees (employed after January 1, 2022) in writing by February 14, 2024, that any noncompete agreements they may have signed are void.

    Legal text - https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202320240SB699

    0xabad1dea, to random

    “oh, is our website serving 5xx errors? have you considered updating your local Java installation and rebooting?”

    versed_perception,

    @0xabad1dea Wonder if Oracle sees this and if they are paying for JRE rights 🤣​

    SecureOwl, to infosec

    By default, Azure allows non-admin users in an organization to explore the Azure portal, which includes access to explore Entra ID (Active Directory, basically).

    Within Entra ID you can get a ton of info as unprivileged user, like a list of all the SAML apps the org uses, the AD structure, machines in AD and their OS version. Seems weird that they’d give all this away for free.

    Anyway, the red team hates this one weird trick:

    Entra ID -> User Settings -> Restrict access to Azure AD administration portal.

    versed_perception,

    @SecureOwl Entrar, Entra for short, is just MSFT's way of saying "Free to Enter", while hoping no one notices.

    hacks4pancakes, to random

    Hi from casa Pancakes, where I stayed at home on Zoom all day and -every single one of my mentee sessions no-showed and no-messaged-.

    Sometimes I feel like not only is my kindness taken for granted, but I'm also seen as not even a human with a life.

    versed_perception,

    @hacks4pancakes I would say that this disqualifies them. Communication should be at the top of their lists, if they cant be bothered they will not go very far.

    SecureOwl, to random

    least privilege, or

    versed_perception,

    @SecureOwl @leerayl Unless its not spelled wrong, and the position enforces the CISO's standards/stances based on Information Security Principle. (Yes, I have seen a counter position setup just like this more then a few times over the years).

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • modclub
  • everett
  • rosin
  • Youngstown
  • slotface
  • ethstaker
  • mdbf
  • kavyap
  • osvaldo12
  • DreamBathrooms
  • anitta
  • Durango
  • ngwrru68w68
  • tester
  • khanakhh
  • love
  • tacticalgear
  • cubers
  • GTA5RPClips
  • Leos
  • normalnudes
  • provamag3
  • cisconetworking
  • JUstTest
  • All magazines
    •