Non Hypergolic @lazzarello@qoto.org
Flyin' stuff in space with @momentusspace@twitter.com. Playin' classical piano for fun. Making music as Griftmarket.
Joined Nov 2022
Robot car: Vanilla Skylark
TIL: Google Cloud Platform blocks outbound email outside of a project's firewall rules. There is no way for a user to unblock it. Makes it difficult to set up email for a small #mastodon server.
@justin thanks for the GCP setup guide! I was stuck on the cloud storage part. Almost done.
Reading this book about a Soviet sausage magnate and a depressed communist drop-out. Thanks @WhiskeyTitBooks@twitter.com
Non Hypergolic
boosted
Now when you do a Google search for “Tesla crash” the search algorithms have to decide if you’re asking about the cars or the share price ⚖️
Another day, another failure of Tesla!
Proud boys be like, ABS (always be snitching)
Non Hypergolic
boosted
“Going down the path of segmentation and zero trust is a heavy operational lift,” Schell says. “I highly recommend a very automated approach that incorporates a lot of orchestration capabilities for consistency in deploying policies and gives you far greater capabilities in how you monitor, manage and audit the networks.”
2023 goals: get dinosaur IT to at least operate software automation tools without fear. I've never met a single IT person in my industry who knows what Ansible or Terraform means. When I do a demo, I can see the fear in their eyes and hear the fear in their voices.
This must be the kind of trade publication many IT directors and CISO types read. Why not focus on application security? It's very frustrating when a whole security team only focuses on network firewalls and VPNs.
Non Hypergolic
boosted
Non Hypergolic
boosted
A look at Flipper Zero, a $200 portable security penetration testing tool for hackers of all levels to intercept and replay signals from IoT sensors and more (Dhruv Mehrotra/Wired)
https://www.wired.com/story/what-is-flipper-zero-tiktok/
http://www.techmeme.com/221225/p5#a221225p5
Five Android apps to choose from for Mastodon. A bit of a tragedy of the commons. What about one that does all the things?
A former colleague @Stevewyshy is the DP for this short film Die Surely. A send up of the democratic party donor class who hang signs like "in this house, we believe water is life" in their windows.
As a San Francisco resident with a neighbor who literally has this sign in their window, I have the feelings. Check it out it's funny!
All the talented hackers posting about discoveries they made from the LastPass breach make me miss working in infosec as one of the good guys.
Non Hypergolic
boosted
I have found the first of will likely be many non-expiring password reset URLs that you may have had stored in #LastPass
If you had a maxmind.com URL in LastPass that included set-password?token= in the parameters, I just tested and those do not expire... Possession of the URL is all you need in order to change the password.
Shame shame, Maxmind.
Want to hunt for your own possibly sensitive URLs? Start with this against your vault export.
cat lastpass_export.csv | cut -d',' -f 1 | grep -a -i -e '^http' | grep -v 'http://sn' | egrep -i '(api|password|reset|secret|token)'
Non Hypergolic
boosted
Sam Bankman-Fried's old friends and former execs at FTX / Alameda Research, Caroline Ellison and Gary Wang, have pleaded guilty to fraud charges and are cooperating with the feds. #FTX #crypto #SBF .
According to the Washington Post they're facing 110 years and 50 years, respectively... So yeah I see why they started snitching real fast.
Flyin' stuff in space with @momentusspace@twitter.com. Playin' classical piano for fun. Making music as Griftmarket.
Joined Nov 2022
