hakologist @hakologist@qoto.org

The best way say goodbye: “take care of yourself, and if you can, someone else too” #freakonomicsradio

If a tree doesn’t fall in the internet, and big brother wants you to think it has, does that mean that it fell?

If a tree falls in the internet, and big brother doesn’t want you to hear it, does it make a sound?

Public figures can’t use plausible deniability as a reason for not supporting something that would benefit the taxpayer & consumer.

“The Cloud” is the thing that evaporates your data & makes it rain dollars in the location that is most beneficial to your gods.

You are better off dating a divorce attorney than someone with family ties to government.

@nixCraft shouldn’t systems be designed with enough forethought that they are able to incentivize against this?

@lucifargundam I don’t get the reference/abstraction

@lucifargundam @peterdrake data logging is only as strong as your ability to organize it. Data can’t be owned - only known. If it’s not organized, it can become forgotten. #securityByObfuscation?

@lucifargundam I’ll correct myself before you or somebody else does, as there is “usually always” this other option:

@lucifargundam In this sense, “unsupervised” doesn’t mean that it doesn’t get updated - it means that the model is looking for signals (malicious traffic) without being previously informed as to what those packets look like. If you had a list of malicious fingerprints, you’d run deep packet inspection. But without this, the only option that comes to mind is the “top down” approach (with aggressive logging) - fitting a model to the steady/normal state & using that to identify anomalies.

@lucifargundam I think I just described what it’s like to run a snooping Tor exit node (not to mention an everyday VPN/ISP)…or perhaps a full blockchain node that caches/correlates queries from upstream lite nodes (not to mention an everyday Coinbase/centralized exchange)…

@lucifargundam I use aggressive containerization and encrypt outbound traffic. But short of requiring manual airgapped decryption, I can’t guarantee that packets aren’t compromised at the destination. I also can’t promise that all inbound traffic has been encrypted from the source. But the bigger issue is the sheer volume of packets traversing my gateway, to which I have to rely on a single Pi2 running unsupervised ML in order to identify the malicious signals amongst all the noise.

@lucifargundam these worms use TCP or UDP? Can I block the port?

I do not consent to AI mining my thoughts.