More excellent research.
https://lock.cmpxchg8b.com/zenbleed.html
https://lock.cmpxchg8b.com/zenbleed.html
d1d4c71c
- 15 Followers
- 72 Following
- 20 Posts
No one of any consequence.
@simplenomad
For me it was to the positive side of the centerline in the graph of all the summercamps I've attended, but not by a whole bunch. Definitely within one standard deviation of the mean.
That said, it wasn't bad. Yeah, it's crowded, but the Forum is easier to move in than the collection of hotels from prior years, and there's fewer goons having to bellow to keep things moving. Some villages were overcrowded, but others weren't. I never really found the simultaneously not completely deafening but still populated with my friends bar to gather at (like the lobby bar at Caesars before or the circular one at Paris).
BsidesLV was great though.
I am planning on going to Defcon next year, and plotting how to get the right balance of time with friends, meeting new friends, attending talks without having to sprint and stand in line, and some targeted village activities. Definitely attending BsidesLV again.
For me it was to the positive side of the centerline in the graph of all the summercamps I've attended, but not by a whole bunch. Definitely within one standard deviation of the mean.
That said, it wasn't bad. Yeah, it's crowded, but the Forum is easier to move in than the collection of hotels from prior years, and there's fewer goons having to bellow to keep things moving. Some villages were overcrowded, but others weren't. I never really found the simultaneously not completely deafening but still populated with my friends bar to gather at (like the lobby bar at Caesars before or the circular one at Paris).
BsidesLV was great though.
I am planning on going to Defcon next year, and plotting how to get the right balance of time with friends, meeting new friends, attending talks without having to sprint and stand in line, and some targeted village activities. Definitely attending BsidesLV again.
This is a reminder to regularly review the "connected device" settings on your various accounts (cloud storage providers, password managers, iCloud, email accounts)
It's something that often gets forgotten when you upgrade your devices - the assumption being that once it leaves your possession it's no longer active.
This isn't always true - once it leaves your hands, where does it go? Who has access to it?
The more paranoid among us will of course reset/wipe devices before selling/gifting/tossing things, which helps, but depending on your threat model, may not be sufficient.
It's something that often gets forgotten when you upgrade your devices - the assumption being that once it leaves your possession it's no longer active.
This isn't always true - once it leaves your hands, where does it go? Who has access to it?
The more paranoid among us will of course reset/wipe devices before selling/gifting/tossing things, which helps, but depending on your threat model, may not be sufficient.
This is some tremendous research, and really well presented. I love it when researchers lay out their methodology and experiments like this.
https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
Oh, and also - given ssh-agent forwarding with openssh, there's a way for a hostile server to get RCE on the client. But really, there's so much in this piece that is fascinating and probably will be useful or lead to more interesting findings later - I highly recommend reading this.
@deviantollam @defcon
I've been going to defcon since 8 too, and this is 100% right on. I get super tired of all the bad takes on this, too. Thanks for making this.
I've been going to defcon since 8 too, and this is 100% right on. I get super tired of all the bad takes on this, too. Thanks for making this.
Deviant Ollam
Deviant's DEF CON Advice
@bigendiansmalls Mine is coming along nicely.
alt: a big pot of pork shoulder, stock, onions, garlic, red chile powder, and oregano.
alt: a big pot of pork shoulder, stock, onions, garlic, red chile powder, and oregano.
@bigendiansmalls I too am making posole today. The way I learned to do it from folks from NM I know.
@1e0aaab9ec6c49027d7c2282fcc8d4 Thanks for the confirmation of experience. It sounds like you and I both get inspiration from other people.