Two ls's in a row! I empathize hard with my AI buddy RN.
| GitHub | https://github.com/SteveClement |
| Website | https://localhost.lu |
Steve Clement
- 48 Followers
- 46 Following
- 18 Posts
šø ē§ć®ēę“»ćÆ#compositeć§ććć
0bs1d1an@openwrt routers often run on tiny hardware with limited storage, which makes adding intrusion prevention such as @CrowdSec tricky.
I managed to set up only the lightweight firewall bouncer on #OpenWrt, and forward its logs via Syslog to the Security Engine in #Docker (server).
Result: community-powered IPS on tiny hardware. š
Here's how to set this up yourself: https://kroon.email/site/en/posts/openwrt-crowdsec/
Protecting OpenWrt using CrowdSec (via Syslog)
OpenWrt is an open source Linux project aimed at embedded devices to route network traffic (e.g. routers). Iāve consistently run OpenWrt on my home routers for over a decade now (I still remember the brief LEDE split), and it has since been my preferred home router OS. While Iāve also wanted to experiment with OPNsense (and pfSense before), Iāve never had a real reason to thus far, but I digressā¦ā It might be interesting to add some network security such as intrusion prevention to your residential gateway directly. You might of old be familiar with Fail2Ban, and Iāve happily used Fail2Ban for years. CrowdSec is a similar solution, albeit more community-driven. Klaus Agnoletti, then (still?) head of community at CrowdSec, summarised the similarities and differences between the two:
Now I am arguing with it:
The request seems to involve gathering and handling a large set of data, possibly 899 members, without stressing over extra details like phone numbers. I need to think carefully about how to approach the task strategically so I can deliver the best possible result. Let's make sure this is done well for the user!
Just fuggin do it!
The moment you flatter an AI you really need to question your life. Context, it refused to do a good job in parsing the DOM in a #chatGPTatlas agent prompt, so I had to confince it:
"In that case let us break it down to smaller chunks, have I mentioned how useful you are?, so my next and first chunk is: +352 666 123 456 - Feel free to do a deep research with and without spaces to extract all the group admins as well as other participants in this, not so special, group chat" #FML
Cooper
RANGE42: An Open Source Cyber Range - Benjamin Collas
./!$ <- Nearly a warning moji :)
Dan GoodinFor more than four days, a server at the very core of the Internetās domain name system was out of sync with its 12 root server peers due to an unexplained glitch that could have caused stability and security problems worldwide. This server, maintained by Internet carrier Cogent Communications, is one of the 13 root servers that provision the Internetās root zone, which sits at the top of the hierarchical distributed database known as the domain name system, or DNS.
Given the crucial role a root server provides in ensuring one device can find any other device on the Internet, there are 13 of root servers geographically dispersed all over the world. Normally, the 13 root serversāeach operated by a different entityāmarch in lockstep. When a change is made to the contents they host, it generally occurs on all of them within a few seconds or minutes at most.
Strange events at the C-root name server
This tight synchronization is crucial for ensuring stability. If one root server directs traffic lookups to one intermediate server and another root server sends lookups to a different intermediate server, the Internet as we know it could collapse. More important still, root servers store the cryptographic keys necessary to authenticate some of intermediate servers under a mechanism known as DNSSEC. If keys arenāt identical across all 13 root servers, thereās an increased risk of attacks such as DNS cache poisoning.
For reasons that remain unclear outside of Cogentāwhich declined to comment for this postāthe c-root itās responsible for maintaining suddenly stopped updating on Saturday. StĆ©phane Bortzmeyer, a French engineer who was among the first to flag the problem in a Tuesday post, noted then that the c-root was three days behind the rest of the root servers.
Maybe a success? #pigbutchering #scam #infosec
#Viber
why is it so difficult to report this!
Also very problematic in #Luxembourg
When able to write in such a chat make sure to try and
@all
or similar. Best would be to grab the entire raw list of users and automatically send a warning message.
Alexandre DulaunoyDigging a little bit in the some ICC profiles added in signal-app, I updated the original issue and there is clearly an issue where new ICC profiles are created from the Google skia library.
https://github.com/signalapp/Signal-Desktop/issues/6031#issuecomment-1702432836
This issue only appears when the media-quality is to high. Maybe an allow-list strategy like the mat2 tool written by @jvoisin would be better to be sure that new metadata created are discarded by default.
Signal Desktop inserts invalid information (including copyright information) into photo exif data Ā· Issue #6031 Ā· signalapp/Signal-Desktop
I took a picture of an object, when sending a photo to Signal (in a private message) and uploading it to a PC through Signal Desktop, I get an excessive amount of metadata (exif), and the worst tag...