Mastodawn

I wish people would stop overhyping this story – there are like over a million IP addresses, it would take forever to try typing those all in. And then there are over 9000 different ports, which are like passwords!

https://techcrunch.com/2023/02/21/sensitive-united-states-military-emails-spill-online/

TechCrunch is part of the Yahoo family of brands

Show thread

Renée Feb 25, 2023

@SwiftOnSecurity I have a new idea, you get a million monkeys running a million rootkits...

Show thread

Mark Britten Feb 25, 2023

@SwiftOnSecurity still a demonstration of poor security by the government.

Show thread

Smoljaguar Feb 25, 2023

@lemonflavoured @SwiftOnSecurity If you didn't get the joke: these days almost anybody who knows what they're doing can scan all of that in under a day, and with tools like shodan.io, you don't even have to do the scanning yourself, so this is a very big story because it means basically anyone could have seen the emails

Show thread

Mark Britten Feb 25, 2023

@Smoljaguar @SwiftOnSecurity I figured that, but I think the fact that governments are still doing dumb things with security is worth pointing out regardless.

Show thread

Wawik

Feb 25, 2023

@SwiftOnSecurity But what if someone, say, used some Legos to build a machine to do that instead of a human typing, or if some state actor got an infinite number of monkeys and an infinite number of keyboards? The implications!

Show thread

theM0ntarCann0n Feb 25, 2023

@SwiftOnSecurity
Have you heard about Shodan? https://shodan.io

Shodan

Search engine of Internet-connected devices. Create a free account to get started.

Shodan

Show thread

JDN6 Ⓥ Feb 25, 2023

@SwiftOnSecurity
If only there were some sort of box with stuff inside, or some kind of machine we could use to automate that process….
Something that would systematically try every combination of the variables while we sit and play Halo and drink out venti iced caramel frap double shot no whip and munch on something crunchy.
Maybe some sort of written directions that happen repeatedly - and it could write a thing that tells us the results - we could filter those results to another thing that gives us all the good info….

Hmmmm……

Imma go do a Google thing and see if I can figure something out - better yet maybe I can ask a bingbot chatGTA to give me some ideas of what that might look like - just to see if it’s possible, hypothetically

It would be like a puzzle….

Show thread

unixsh.it Feb 25, 2023

@SwiftOnSecurity if you think about it there are billions of numbers between 0 and 1 which suggests the number of possible IPv4 addresses is pretty much infinite.

Show thread

SpaceLifeForm Feb 26, 2023

@unixsh_it @SwiftOnSecurity

Nope. While there an infinity between zero and one, there is not when limited to a fixed amount of bits.

Show thread

unixsh.it Feb 26, 2023

@SpaceLifeForm @SwiftOnSecurity i didn't claim there was infinite numbers been 0 and 1. i said there is billions of numbers been 0 and 1! but all of it was suppose to be in jest and not taken seriously.

Show thread

Greg Feb 25, 2023

@SwiftOnSecurity ah... This reminds me of a story I read somewhere (Medium? Twitter?) about an incident responder that had to inspect every single device on the network at some huge Army testing/training facility because someone plugged a classified laptop into an unclassified network or vice-versa. It was a good read and now I can't find it. Anyone remember?

Show thread