In case you happen to find yourself wanting to request that Paramount/CBS, and the companies they own, to purge https://privacy.paramount.com/consumer
| [email protected] | |
| Website | https://www.cynicalsignals.com |
| GitHub | https://github.com/ickfosec |
[ick] 
- 149 Followers
- 215 Following
- 703 Posts
President of Ghost Planet Industries. Dumpster diving for hamscraps as a six piece chicken McNobody. #threathunting & #incidentresponse @ #fintech
LukasMildly cursed factoid about UNC paths:
- UNC Paths can contain IP addresses such as \\192.168.1.1\share
- IPv6 addresses are supported as well
- IPv6 addresses contain colons
- can't have colons in Windows paths since colons are reserved for drive letters
So Microsoft came up with the the ipv6-literal.net domain that's special-cased by Windows so you can to write IPv6 addresses in UNC paths as 2a0e-3c0--21.ipv6-literal.net without it hitting any resolvers.
Whoever was flying DTW -> BOS, I received your message via Meshastic 😊
PloopyThis incredible #Ploopy Adept mod was completed by u/Dexter_Lim (on Reddit). Is uses a larger, 55mm ball and has thin bezels for a stylish, compact look. It can also have Lego pieces attached to it. Great work, u/Dexter_Lim!
Original post: https://www.reddit.com/r/ploopy/comments/1jvrpkg/finally_completed_btu_mode/#lightbox
Github link: https://github.com/adept-anyball/mod/tree/master/50-55mm%20ball%20(short%2C%20thin%20bezel)
Greg K-HFor 2025, here is a updated and hopefully-useful notice about Linux kernel security issues, as it seems like this knowledge isn't distributed very widely based on the number of emails I still get on a weekly basis:
- The Linux kernel security team does not have any "early notice" announcement list for security fixes for anyone, as that would only make things more insecure for everyone. The number of organizations that fail to understand this is way too high.
- The kernel community DOES assign CVEs, as we are a CNA, please see https://www.kernel.org/doc/html/latest/process/cve.html for how they are handled and assigned. Side note, we were #2 in quantity for CVE assignments in 2024 despite only doing so for 10 1/2 months, averaging about 10 CVEs per day. Any process you might have where you feel you need to research each CVE on an individual basis manually is going to be a major time suck, automate it! All CVE entries are provided with proper git commit ids for the vulnerable release ranges for you to check yourself, AND we have tools and other formats that you can use to check this yourself. See https://git.kernel.org/pub/scm/linux/security/vulns.git/ for the tools and raw data for you to pull from directly if you don't want to deal with the cve.org json feed.
- Kernel CVE entries are constantly updated over time, you can not just look a them only when created, and then ignore all updates. Too many groups are missing revoked CVE entries and tightening of vulnerable kernel ranges that we are updating on a weekly basis. By ignoring the updates, you are causing yourself more work, not less. cve.org provides an "updated" feed in their git tree, use it!
- Along the lines of the huge number of recorded CVEs, you HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system, and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss it with them as to how they achieve this result as this is what you are paying for. If you aren't paying for it, just use Debian, they know what they are doing and track the stable kernels and have a larger installed base than any other Linux distro. For embedded, use Yocto, they track the stable releases, or keep your own buildroot-based system up to date with the new releases.
- Test all stable/LTS releases on your workload and hardware before putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about 1.5mil lines of code, embedded runs about 3.5mil lines of code, your mileage will vary). If you can't test releases before moving them into production, you might want to solve that problem first.
- A fix for a known bug is better than the potential of a fix causing a future problem as future problems, when found, will be fixed then.
- The Linux kernel security team does not have any "early notice" announcement list for security fixes for anyone, as that would only make things more insecure for everyone. The number of organizations that fail to understand this is way too high.
- The kernel community DOES assign CVEs, as we are a CNA, please see https://www.kernel.org/doc/html/latest/process/cve.html for how they are handled and assigned. Side note, we were #2 in quantity for CVE assignments in 2024 despite only doing so for 10 1/2 months, averaging about 10 CVEs per day. Any process you might have where you feel you need to research each CVE on an individual basis manually is going to be a major time suck, automate it! All CVE entries are provided with proper git commit ids for the vulnerable release ranges for you to check yourself, AND we have tools and other formats that you can use to check this yourself. See https://git.kernel.org/pub/scm/linux/security/vulns.git/ for the tools and raw data for you to pull from directly if you don't want to deal with the cve.org json feed.
- Kernel CVE entries are constantly updated over time, you can not just look a them only when created, and then ignore all updates. Too many groups are missing revoked CVE entries and tightening of vulnerable kernel ranges that we are updating on a weekly basis. By ignoring the updates, you are causing yourself more work, not less. cve.org provides an "updated" feed in their git tree, use it!
- Along the lines of the huge number of recorded CVEs, you HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system, and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss it with them as to how they achieve this result as this is what you are paying for. If you aren't paying for it, just use Debian, they know what they are doing and track the stable kernels and have a larger installed base than any other Linux distro. For embedded, use Yocto, they track the stable releases, or keep your own buildroot-based system up to date with the new releases.
- Test all stable/LTS releases on your workload and hardware before putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about 1.5mil lines of code, embedded runs about 3.5mil lines of code, your mileage will vary). If you can't test releases before moving them into production, you might want to solve that problem first.
- A fix for a known bug is better than the potential of a fix causing a future problem as future problems, when found, will be fixed then.
Pixelfed & Loops: Authentic Sharing, Reimagined
https://www.kickstarter.com/projects/pixelfed/pixelfed-foundation-2024-real-ethical-social-networks
https://www.kickstarter.com/projects/pixelfed/pixelfed-foundation-2024-real-ethical-social-networks
Jerry 🦙💝🦙On this week's Getting Defensive Podcast, @lerg and I interview the most awesome @mttaggart about his work on improving adult learning, the Taggart Institute, and his work in healthcare security.
Listen to/watch it here: https://gettingdefensive.com/getting-defensive-with-michael-taggart/ - also available on most podcast platforms.
This afternoon I installed @CachyOS on my gaming desktop. So far a very pleasant experience.