I am a hobbyist security researcher, filterlist maintainer, and wannabe law nerd. I help maintain the Actually Legitimate URL Shortener Tool. I post about a variety of topics including cybersecurity, content filtering, law, tech, and trans rights. This is also the best place to find updates on my filterlists, as I often post about bugs and improvements to them.
I am not an expert; do not take anything I toot as truth. Retoot/like != agreement. Not legal/medical advice.
Profile picture: truncated screenshot of a WINE error message. The error message is titled "Download failed". The message reads "Download Failed: Success. Check your connection and click 'Retry' to try downloading the files again, or click 'Next' to continue installing anyway." There is only one button labeled "OK".
Header image: A Windows error message against the default Windows wallpaper. The error message reads "Windows cannot find iam-py-test. Make sure you typed the name correctly, and then try again."
| About me | https://iam-py-test.github.io/about.html |
| GitHub | https://github.com/iam-py-test |
| Pronouns | he/him |
| Dream job title | Head of Security and Hacking (legal and ethical) |
| Testing this out | https://justmytoots.com/@iampytest1@infosec.exchange |
| Note on usage of alt text | I generally add alt text to my own posts, but do boost posts without alt text |
archive.today's domains now show a message claiming they have been seized by the Russian government.
If you have any information about this, please contact me.
Over the last week I have been dealing with a family emergency and haven't been following the archive.today news, so I had no idea this happened.
The page suggests going to blocklist.rkn.gov.ru for more information, which does not load when accessed from the United States.
Back in 2022, I made a simple YARA rule to detect malware disabling or tampering with Windows Defender: https://github.com/iam-py-test/yara-rules/blob/main/rules/generic/windows/disable_defender.yar
Its not that well made, but still manages to detect a ton of malware:
https://bazaar.abuse.ch/browse/yara/Disable_Defender/
I'm not sure how many false positives it has.
If I recall correctly, this rule was based heavily on what I was seeing in people's logs on malware support forums.
Also, its not your place to control your partner.
And not to distract from the abusive behavior of OOP or imply that this would ever be ok, but there isn't anything wrong with adults playing Minecraft.
Anecdotally, the average Minecraft player is an adult or at least an older teen. Its just that Minecraft YouTube content is generally aimed more towards young children, giving a false impression of the age and maturity of the user base (as an aside, most Minecraft YouTube content is garbage which even kids shouldn't watch).
Citation: I'm an adult who plays Minecraft. I started playing Minecraft as an adult, a little less than a year ago.
There are also interesting intersections between Minecraft and more important things like cybersecurity and human rights.
See for example Log4Shell - which impacted MC servers - or the Modrinth censorship.
There is a whole technical side to the game, and I imagine for some kids Minecraft modding is a way to get into programming.
There are criticisms of the game, sure. But ultimately its their decision, especially if it doesn't impact you.
Thanks to Yuki for informing me about this.
Last week, uBlock Origin maintainer RraaLL added filters to uBo's Badware List which display a message on ublockorigin[.]com stating
This is not the official uBlock Origin site.
https://github.com/uBlockOrigin/uAssets/commit/2a69f62ac3c6e70e1d2613f0b03423d5c9e5054f
This comes after the site began promoting a project named uBlockDNS, which is unaffiliated with uBlock Origin. Multiple reports on Reddit show uBlock Origin users installing uBlockDNS under the mistaken impression it is affiliated with uBo.
According to a comment on Reddit by a member of the uBlock Origin team, the status of ublockorigin[.]com was being discussed in internal discussions. It is unclear if this commit is the result of those discussions.
As an aside, yesterday I attempted to fix the graphs for my Blocklist Stats project so they only showed integers on the y-axis (there is no such thing as 0.5 filters), and in doing so broke it.
While the issue has been fixed, data collection yesterday was delayed by several hours.
It is unclear what the cause of the original crash was; it clearly related to my changes, but as the log shows no details on the error, I don't know what went wrong.
https://github.com/iam-py-test/blocklist_stats/commits/main/
FYI @troyhunt
Have I Been Pwned's description for the 2022 CDEK breach contains a typo:
The authenticity of the breach could not be independently established and has been flagged as "unverfieid".
Earlier today, I got a purported Airbnb login code texted to me. I was confused, as I don't even have an Airbnb account.
[Airbnb] Use code [redacted] to confirm your new login. Don't share this code. Airbnb won't call to ask for it.
The code was sent from the phone number (641) 742-8227 - 621 is the area code for the central part of Iowa.
I searched for it, and found several results calling it a scam. Most are on Facebook, but here is one on Reddit: https://www.reddit.com/r/airbnb_hosts/comments/1mf0b78/scam_warning_for_airbnb_hosts_phone_call_phishing/
(here is the Facebook one I screenshotted: https://www.facebook.com/groups/professionalhosts/posts/24361778560158840/)
I have no idea why they targeted me. I checked, and I didn't get any phone call from them. I am not and have never been an Airbnb host. I have had this number since mid-2023, and I have never associated it with an Airbnb account (I don't even have one).
Sadly, they didn't send me a malicious link, so there isn't anything I can do :(
Scammers: send the malicious phone numbers to the malicious phone number people, and send the malicious links to me.
I almost never get scam text messages. I checked, and I think my last one was over a year ago :(
I even got a pig butchering scam once, but blew it by screwing with the scammer rather than pretending to fall for it.
