Scott Miller

@[email protected]
77 Followers
65 Following
599 Posts
www.millergeek.xyz
Scott MillerFeb 6, 2018

Everyone go subscribe to Wired! They're giving away free YubiKeys! https://subscribe.wired.com/subscribe/wired/

#yubike #2fa #mfa #security #infosec

WIRED Subscription

Scott MillerJan 4, 2018
So, do the #meltdown and #spectre vulns create avenues for container or VM escape?
Scott MillerDec 28, 2017

Thanks for the help everyone! Ultimately I'm pretty sure I'd need to use ARP poisoning, which is definitely out of scope as this isn't a sanctioned exercise. Alternately from an insider threat perspective I could capture traffic on the insecure servers, but I'm gonna call that out of scope for now as well.

Pleasantly surprised to find the problem isn't quite as bad as I expected, but still not great.

Scott MillerDec 28, 2017
Hey guys, what tools would you recommend for capturing credentials sent over http on a local network? I need to make a point at work
Scott MillerDec 20, 2017
Boing BoingDec 20, 2017
The new Portal is a bridge-building puzzle game, and it looks AMAZING https://boingboing.net/2017/12/20/bridge-constructor-portal.html #bridgeconstructor #youtube #glados #portal #videos #Video #Games
The new Portal is a bridge-building puzzle game, and it looks AMAZING

The new Portal is a bridge-building puzzle game, and it looks AMAZING

Boing Boing
Scott MillerDec 20, 2017
projectgusDec 20, 2017
An "NSA backdoor" proposed TLS extension finally turns up inthe wild: in random Canon printers that fail to work with TLS 1.3...
https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
As the blog post points out at length, gee this spy stuff can be super mundane.
The strange story of “Extended Random”

Yesterday, David Benjamin posted a pretty esoteric note on the IETF’s TLS mailing list. At a superficial level, the post describes some seizure-inducingly boring flaws in older Canon printers…

A Few Thoughts on Cryptographic Engineering
Scott MillerDec 15, 2017
Show threadDJ SundogDec 15, 2017
@Miller_Geek @icefox there's a huge environmental component imo - it's one of the reasons that I try to be more vocal about how sparse my knowledge is on some of the things I work on, to try and help destigmatize not knowing now kinda
Scott MillerDec 15, 2017
Public records can be creepy. I found the home phone number for the guy that owns the LLC that pays the taxes on an abandoned property near me.
Scott MillerDec 15, 2017
Show threadftl ✅Dec 15, 2017

@Elizafox If we had a fairer justice system, where the death penalty was being applied to Hitler or Bin Laden or Mengele, sure. But our justice system sucks.

I buy that it's a waste of time to try to rehabilitate some people. But to me, the potential extra "justice" from death penalty rather than life in prison, even when warranted, is a lot less than the extra injustice from the death penalty being applied far too often.

Scott MillerDec 15, 2017
So...I might be getting Gigabit internet. Any ideas for what to do with that much bandwidth?