Matt Linton 

@amuse@infosec.exchange
1.7K Followers
310 Following
671 Posts

Professional: DFIR / Incident Management lead

Volunteer: Search & Rescue specialist, CERT trainer, Parrot handler

Amateur: Cello & Guitar

(was: 0xMatt on twitter)

Twitter:0xMatt
Website:foofus.com
Keybase:amuse
Show threadMatt Linton 13h ago

@nixCraft 💯

This is why now that I am in a career place that I can do so, I make a point to support foss.

Immich 'supporter level" license, paid adblock, etc.

Show threadMatt Linton 13h ago

@DefectiveWings I don't actually have a very smart house.

Roku + my TV has all its smart features turned off.

Nest cams (outside of the house).

I did enable Wi-Fi feature on my range and oven because that's an ADHD accommodation that will keep the house from burning down 😂

Matt Linton 21h ago
According to my NextDNS analytics and blocklists, something in my home tries to send tracking info about me to the internet on average once every 21 seconds.
Matt Linton 4d ago

NextDNS has been a really great privacy decision. This is ONE day's traffic.

Yeah, I could do all this with Unbound and pushing local DoH servers and maintaining them, but even as much as I love running infrastructure, for $2 a month it's just too easy a win.

Show threadMatt Linton 5d ago
@parkern That's good, assuming that the logs actually show Target domains when that particular list blocks them - but the ux still does feel like a trap :)
Matt Linton 5d ago

This NextDNS blocking UX feels like a trap.

It defaults to "on" and you have to either accept web censorship based on unknown third-party criteria OR essentially say "I DO want to see child abuse material".

It's the "Yes or no: do you still beat your wife?" of UX settings.

Matt Linton 6d ago

Dear streaming customer, as of $very_soon your streaming bundle, $things_you_like will no longer include $main_thing_you_like. To see that you'll need $different_tier.

We value your business, which is why we constantly renege on the deal we made with you.

- Every streamer ever

Show threadMatt Linton Jul 7

@bassthang I definitely didn't mean to imply unaudited access 😁

But this is a great use case. If the attacker potentially accessed pii, then you need your response team to access the pii so that they can notify people that their pii may have been accessed!

Matt Linton Jul 7

I was mulling over a principle of incident response today and wondered what others in my field might think.

Yes or no: "To operate effectively, incident responders need to be able to obtain at least the same level of access to a system as the attacker has potentially obtained."

Matt Linton Jul 6
Sadly I will not be filling out the National Survey on Children's Health questionnaire that the US Census Bureau sent me, because with all the crazy DOGE stuff going on I have no idea how the data will actually be used, and the privacy policy is meaningless garbage.
×
Matt Linton 4d ago

NextDNS has been a really great privacy decision. This is ONE day's traffic.

Yeah, I could do all this with Unbound and pushing local DoH servers and maintaining them, but even as much as I love running infrastructure, for $2 a month it's just too easy a win.

Show threadViss4d ago
@amuse i wish pfblocker or adguard broke stuff down this way