NineTailedFox

@[email protected]
16 Followers
48 Following
85 Posts

Cybersecurity student, penetration tester, gamer and more normal things like music and some good photography.

He/him, singleclub

#Cyberpunk and other dystopians enjoyer.

Professional shitposter ofc.

Languagesen/de/ru
AgeSomewhere beetween 20s and 30s
Show threadNineTailedFoxMar 31, 2025
@vncresolver Now I've seen it all
NineTailedFoxJul 11, 2024

The internet is dead, we killed it.

Not yesterday, not month ago. Not specifically you or me. We did it, as a humanity. We had our space, our place where we can put our thoughts for everyone to discover. Our sanctuary. We created it with this intent. With cool and interesting connections, people to meet, thoughts to think about, talks to virtually attend to. Now its gone. You will tell this cool story about place where we were connected once upon a time. And that you witnessed the end of it. You watched the place burn, and you could do nothing about it. What happened? Someone dropped a nuke onto us, apes. GenAI is not just "harmful", it's a disease that we can't stop. Even if we, the conscious few, will try. We just can enjoy the last moments here, before it gets unbearable and we will be locked inside our small community of friends, our impenetrable bunkers. But even then, what will we trust? I don't know. Nothing, perhaps, only our thoughts, our mind, our physical interactions. Go buy some physical stuff, that was created by a human, until it's too late. Until we won't be able to differentiate between the work of art and a randomized strings of 1s and 0s. Peace.
#GenAI #ai

Show threadNineTailedFoxJun 3, 2024
@404mediaco There is no company that tries to kill all the trust in Google other than Google himself. Fascinating.
NineTailedFoxJun 3, 2024
404 MediaJun 3, 2024

We obtained an internal database of employee-reported privacy incidents at Google that shows the huge breadth of data it has and the run-of-the-mill and spectacular ways it mishandles it all the time

https://www.404media.co/google-leak-reveals-thousands-of-privacy-incidents/

Google Leak Reveals Thousands of Privacy Incidents

An internal Google database obtained by 404 Media shows Google recording childrens' voices, saving license plates from Street View, and many other self-reported incidents, large and small.

404 Media
NineTailedFoxJun 3, 2024
Google AI search is such a gem. Who would've known, that training your LLM on a set of random Reddit answers could lead to that?? (We all knew)
#googleai #meme
Show threadNineTailedFoxMay 28, 2024
@rvps2001
Yeah, but that, sadly or not, works both ways, as the Ukrainian side also uses Telegram to recruit Russian "activists". So, as I see that, this messenger is really another field of battle between two sides. Cyberwar, but here not only cybersecurity experts are taking part in it, but rather all Ru/Ua users, that are using this app.
NineTailedFoxMay 28, 2024
Use #Firefox, my dudes, it's not gay to be anticorpo.
NineTailedFoxMay 26, 2024
Mark SaltveitMay 23, 2024

Microsoft Recall is even worse than you think.

It has apparently been snuck into the Edge web browser even if you don't have the Windows version that adds it.

h/t @laimis who pointed out to me that #Recall starts with Windows 11 24H2; I only have 23H2.

BUT I found it in my Edge Browser which updated today to Version 125.0.2535.51.
The setting is:
{3 dots button} =>
Settings =>
Privacy Search and Services =>
Save screenshots of sites for history
(all the way down, default on).

#Microsoft

NineTailedFoxMay 24, 2024
VessOnSecurityMay 24, 2024

Oh, cool somebody finally figured it out...

As you probably know, the Microsoft Security Center has an API that lets you query which AV is installed and whether it is up-to-date.

What is less well-known, is that it also has another, not publicly known API, that lets you tell it "I'm installing another AV now, please disable Defender". This is what all other AV products use. Microsoft has provided to them documentation of this API but under NDA.

Many years ago, I made a proof-of-concept - a small VBScript script that would use this API via WMI to "install" an imaginary AV, thus turning off Defender - but since it was based on information learned under NDA, I obviously couldn't make it public.

Now somebody has reverse-engineered the API from AVAST and has done pretty much the same (albeit a bit over-complicated) in C++:

https://github.com/es3n1n/no-defender

GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender + firewall. (through the WSC api)

A slightly more fun way to disable windows defender + firewall. (through the WSC api) - es3n1n/no-defender

GitHub
NineTailedFoxMay 23, 2024
Show threadKevin BeaumontMay 23, 2024

I got ahold of the Copilot+ software.

Recall uses a bunch of services themed CAP - Core AI Platform. Enabled by default.

It spits constant screenshots (the product brands then “snapshots”, but they’re hooked screenshots) into the current user’s AppData as part of image storage.

The NPU processes them and extracts text, into a database file.

The database is SQLite, and you can access it as the user including programmatically. It 100% does not need physical access and can be stolen.