Martin SutherlandSo, I rented a FLIR thermal imaging camera for the weekend, for the serious purpose of checking the windows and overall insulation of our house.
But you can also take cat pictures with this thing.
Nightyear
- 204 Followers
- 185 Following
- 2.1K Posts
InfoSec practitioner, photographer, untier of knots
Philip Mallegol-HansenPermanent DST is only slightly less of an abomination than changing the clock twice a year.
The sun should be highest (roughly) at noon you fools.
I will take no input in this matter, thank you for your attention.
Guillaume Ross
sͧb̴ͫƸ̴gͬᵉJust had a #Duhpiphany, something completely obvious once realised: #BrandolinisLaw applies in full when substituting in secure/refute, and insecure #AI/bullshit.
The #infosec debt we're running up right now is a bit worrying.
The #infosec debt we're running up right now is a bit worrying.
Scary AustinI've helped fellow travelers in fluent French, okay Spanish, and even my sketchy Russian, but I will never be as badass as this person.
halcy 
Nonya BidnissLate, but check out this valentine from Seattle & King County Public Health Dept., Washington
Inspirational Skeletor💀
~nBoost Security open sourced and released `bagel` - a tool to identify dangerous secrets and configurations on "developer laptops".
Solving these types of issues makes malicious packages (Shai Hulud style) have a much harder time spreading and impacting real environments.
For a few clients I'm already working on something similar, going as far as to denying ability to SSO from developers with clear text secrets, until they fix it.
Unveiling Bagel: Why Your Developer's Laptop is the Softest Target in Your Supply Chain | BoostSecurity Labs
We're releasing bagel, an open-source CLI that inventories security-relevant metadata on developer workstations. Credentials, misconfigs, and exposed secrets. It's cross-platform, privacy-first, and designed to help security teams understand the attack surface that modern supply chain adversaries are actively exploiting. Stay tuned for more exciting news about how Boost works to secure every part of the modern software factory (developer endpoints included).