Martin Schmiedecker

@Fr333k@infosec.exchange
838 Followers
2.2K Following
3.3K Posts
Automotive security by day, online privacy by night. Digital forensics & teaching it in between.
WebsiteSchmiedecker.net
Martin Schmiedecker19h ago
Kevin Beaumont1d ago
Really, if you wanted maximum bang for buck, you probably wouldn’t blow up critical national infrastructure stuff in a traditional sense - you’d blow up one thing, AWS us-east1, and watch everything which depends on it break.
Martin Schmiedecker20h ago
benjojo2d ago

Good news, the Tuscolo CT logs are now "Qualified" (meaning that some of your certs are/will soon be using our CT log!!)

The bad news is that by including our new logs in the well known list of CT logs, some stuff now instantly crashes (seemingly because the array of non "Sunlight" (aka next gen) logs is empty).

Impacted things seem to include:

1. 80% of the food delivery app market in Brazil
2. Lots of banks in India
3. Lowes????
4. Basically any app that uses appmattus/certificatetransparency

Suboptimal.

More info:

1. https://github.com/appmattus/certificatetransparency/issues/143
2. https://github.com/google/certificate-transparency-go/issues/1712

Martin Schmiedecker1d ago
Nikita1d ago

The street that my mum lives in is a one-way street, but wasn't marked as such on #Google Maps. This caused many drivers to drive the wrong way. I have tried to edit it on Google Maps (there is such functionality), but to no avail. No matter how often I submitted a change (with photos of street signs!), Google said "Sorry, we could not verify it".

Solution: Edit the street on #OpenStreetMap! A few months after I did this, Google seems to have stolen the data, as it regularly does, and now the street is correct in both datasets!

Martin Schmiedecker2d ago
Filippo Valsorda 3d ago

Here's something I am very excited about: Photosynthesis! 🌱☀️

A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.

This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC signature sizes in logs and handshakes.

https://mailarchive.ietf.org/arch/msg/tls/6jqhUVz58s4ZgsZ8HvuZftncT9A/

[TLS] Photosynthesis, an update to Merkle Tree Certificates

Search IETF mail list archives

Martin Schmiedecker2d ago
HD Moore2d ago

Do you enjoy guzzling real-time TLS certificate allocations, but don't want to use a third-party service (crt.sh, CertStream, etc.)? Drink straight from the Certificate Transparency log firehose using ctail:

$ go run github.com/hdm/ctail@latest -f -m '^autodiscover\.'

https://github.com/hdm/ctail

Martin Schmiedecker3d ago
Molly3d ago

„Wer ist eigentlich dieser @leyrer?“
-
„Ja der hält seit Jahren immer wieder (auch mehrere Vorträge) bei der #GPN.“
-
„Ne, sagt mir nichts.“
-
„Und verteilt da immer Manner Waffeln.“
-
„Ach so der. Ja, da war ich schon in ein paar Vorträgen.“

#gpn23

Martin Schmiedecker3d ago
c3voc releases3d ago
Ich weiß wo dein Haus wohnt - Grundlagen zu Bluetooth-Trackern has been released on media.ccc.de and YouTube #gpn23 #SoftwareandInfrastructure #ZKMKubus #gpn23deu https://media.ccc.de/v/gpn23-172-ich-wei-wo-dein-haus-wohnt-grundlagen-zu-bluetooth-trackern https://www.youtube.com/watch?v=-kZAGWFTBSM https://cfp.gulas.ch/gpn23/talk/MJAFV9/
Ich weiß wo dein Haus wohnt - Grundlagen zu Bluetooth-Trackern

media.ccc.de
Martin Schmiedecker3d ago
Ariadne Conill 🐰4d ago
happy spacex blew up their entire texas launch facility day for those who celebrate
Martin Schmiedecker3d ago
erdgeist4d ago
Jemand hat sich eine ausgelaufene Domain eines alten Bittorrent-Tracker geschnappt und mal 'nen opentracker laufen lassen. Ergebnis entspricht der Erwartung.

Aus eigener leidvoller Erfahrung von fehlgeleiteten Tracker-Anfragen auf den *WEB*-server des Projekts kann ich bestätigen, dass die Pflege der Listen in alle neuen Torrents eingestreuten Tracker in den Clients echt zu wünschen übrig lässt.

https://kianbradley.com/2025/06/15/resurrecting-a-dead-tracker.html
Resurrecting a dead torrent tracker and finding 3 million peers

So I was uh, downloading some linux isos, like usual. It was going slowly, so I opened up the Trackers tab in qBittorrent and saw the following:

Kian Bradley’s Blog
Martin Schmiedecker5d ago
BeyondMachines 5d ago
"Works on my machine", oil on canvas.
Unknown artist, 2025
×
BeyondMachines 5d ago
"Works on my machine", oil on canvas.
Unknown artist, 2025
Show threadMarc Haber5d ago
@beyondmachines1 The 1990ies want their memes back?
Show threadD25d ago
@Zugschlus @beyondmachines1 oh, honey. Reuse and tweaks are kind of built into the meme concept.
Show threadBeyondMachines 5d ago
@Zugschlus if the shoe fits...
Show threadNathan Schneider5d ago
@beyondmachines1 Reminds me of how often my "digital native" students try to turn in work as local-machine addresses.
Show threadbfuhrman5d ago
@ntnsndr @beyondmachines1 This! After I spend an entire class period showing them how to upload to the LMS and attach a file to their university email…
Show threadBeyondMachines 5d ago

@bfuhrman @ntnsndr

Do you guys remember how many intentional localhost links Elon got as responses to this?

Show threadNoortje Van Leeuwen5d ago
@beyondmachines1 HAHAHAHAHAHAHAHAHAAHHAHAHAHAHAHAHAAHHAHAAHAHHAHAHAHAHAHAHAHAHAHA
Show threaddie_christine5d ago
@beyondmachines1 Best music can be found on 127.0.0.1
Show thread🏳️‍🌈 Dion 🤘🏿🎉5d ago
@die_christine it's true all my favourite music's there!
Show threaddie_christine5d ago
@DionRa Enjoy!
It is all for free!
Show threadkwayk425d ago
@beyondmachines1
Show threadEarthshine5d ago
@beyondmachines1 lmao
Show threadKevin Karhan 5d ago
@beyondmachines1 so much for "#AI" replacing programmers…
Show threadBeyondMachines 5d ago
@kkarhan
Show threadKevin Karhan 5d ago

@beyondmachines1 Depends on the term sheet, but if that payment is not-to-be repaid I'd do it and simply slack off and go about my life with that money.

I don't give a shit about money | Mr. Robot

YouTube
Show threadEarthshine5d ago
@beyondmachines1 🧑‍🍳 👌
Show threadDavid "Dave" Treloar5d ago

@beyondmachines1

127.0.0.1

Show threadKai Ahnung5d ago
@beyondmachines1
An old one, but good one
Show threadticho5d ago

@beyondmachines1 Reminds me of how a friend of mine boasted that he copied over a hundred of computer games onto a single floppy disc.

Turns out all he copied was desktop shortcuts - the disc was full of .lnk files, nothing else. :)

Show threadJon Gerdes5d ago

@ticho @beyondmachines1

Only 100? My Commodore 64 has a 5 1/4" floppy drive. From memory, a single sided low density 5.25" disc stored 360KB.

Oh, my C-64 now has a USB stick in it with multiple GBs available.

That's progress!

Show threadcanleaf08 ⌘ ✅5d ago
@beyondmachines1 Chatted with some Hampton somewhere in North America: « If you are here, here is a list of all places delivering to us: C:\users\jdoe\Documents\delivery-restaurants.pdf »
Show threadcanleaf08 ⌘ ✅5d ago
@beyondmachines1 Here is my website:127.0.0.1
Show threadAlice 🌸 jetzt mit 100% mehr GPN 👀5d ago
@beyondmachines1 “but I don’t have your machine!” “Hold my beer” and that’s how Docker was born, apparently
Show threadالتنينوكس5d ago
@beyondmachines1 The next product would be cloud hosting for AI made websites.
Show threadMrBlizzard5d ago
@beyondmachines1 it's weird that people forgot that WYSIWYG HTML editor's exist. Like why use ai when you can easily drag and drop your items.
Show threadMrBlizzard5d ago
@beyondmachines1 also learning HTML is much easier than you think
Show threadAndrew4d ago
@beyondmachines1 Quick, containerise their computer, shove it in a CI/CD pipeline and deploy to a kubernetes cluster! Job done.
Show threadBeyondMachines 4d ago
@puck What could co wrong
Show threadAndrew4d ago

@beyondmachines1 The AI says nothing, so 🤷‍♂️.

Actually I asked ChatGPT "What could possibly go wrong with deploying a LLM generated web site using JavaScript and npm?". And it actually highlighted a bunch of the risks.