jbaggs

@jbaggs@infosec.exchange
236 Followers
172 Following
144 Posts

I've been in and out of information security professionally, but somehow always have related projects. Mainly working with zeek and network level detection at the moment. SDR, cycling, and climbing enthusiast.

I boost a lot. Topics range far and wide from security and "the cybers" and may include politics, food, humor, science, law, nature, art, and other sundry unsavories. I occasionally post my own projects and thoughts.

Pronounshe / him
Githubhttps://github.com/jbaggs
AgeSomewhere between Bianchi green and Soekris green
Show threadjbaggs5m ago
@ai6yr @jerry I may or may not have a certain large vendor's prototype boxes for one product running completely different software for my home network's security monitoring, but I'm going to invoke the Glomar response there as well.
Show threadjbaggs12m ago
@ai6yr @jerry Can those be re-flashed with something else? (I always hate to throw away salvaged hardware.)
Show threadjbaggs15m ago
@jerry slow clap
jbaggs26m ago
Show threadAI6YR Ben1h ago

Here's the list of wants for anyone in the Conejo Valley who wants to help. The folks there I ran into said a ton of people are donating, they just moved a lot of donations there to make more room.

https://m.ai6yr.org/@conejoclint/114863580281613391

Clint (he/him) (@conejoclint@m.ai6yr.org)

Attached: 1 image DONATIONS NEEDED Food & Toiletries Drive for https://friendsoffieldworkers.org Help Vulnerable Families Needed items: Baby Formula, Bagged Beans, Bagged Rice, Deodorant, Diapers, Dish and Laundry Soap, Feminine Hygiene Products, Paper Towels, Reusable Grocery Bags, Shampoo, Soap and Toilet Paper. Drop inside lobby at 3331 Old Conejo Road, Newbury Park Wednesdays from 10am to 8pm A collection for Friends of Fieldworkers by the Conejo Climate Coalition and the Chalice Climate Action Team #ConejoValley #NewburyPark #ThousandOaks

AI6YR's Mastodon
Show threadjbaggs1h ago

@maritimehackingvillage @defcon

I can't tell what direction that badge is headed.

Show threadjbaggs1h ago
@ai6yr Oh yeah. I didn't see you mentioned it in the original post.
Show threadjbaggs1h ago
@ai6yr It's sitting there with the window partially down?
jbaggs3h ago
Show threadSarah Jamie Lewis3h ago

Anyone working on an isolated VM/app container runtime for a web browser anti-fingerprinting?

I'm not sure such a thing is practical/would see sufficient uptake, but if there is a stand to make, it's probably there. And there is likely some interesting tech there too.

jbaggs5h ago
Adrianna Tan5h ago

i hope this email finds you well

no, it did not find me

i am not well*

*i am okay, but nobody is well after a landlord sends them a lease renewal and then fucking docusign says 'you can ask AI questions about this document'

jbaggs7h ago
Ben Lockwood, PhD1d ago
The fact that I can click on a scientific article link and hit a paywall in 2025–when the scientists were paid with public money, the research conducted in public institutions, and the cost of publication subsidized by public funds–is an abject failure of society.
×
Thomas Fuglseth4d ago

Public service announcement.

(Created by https://bsky.app/profile/campfireharve.st )

Show threadMathias 🏳️‍🌈4d ago

@Uglesett Helt enig, men den utm source er jo ikke så gale da. Tenker da på nyhetspublikasjoner som legger ut linker her på Mastodon, gjerne har utm source = Mastodon. Det er jo greit for å få synliggjort Mastodon som en tjeneste å satse på.

Men det kan vel hende at det blir overflødig med Mastodon versjon 4.4?

https://mikrobloggen.no/@manny/114829010037168753

Manny (admin) ⚡ Mikrobloggen (@manny@mikrobloggen.no)

Attached: 1 image Med Mastodon 4.4 kom også muligheten for en instans til å vises som referanse i Google Analytics og lignende analyseverktøy. Dette gir en økt mulighet for å synliggjøre bruken av Mastodon for markedsførere og lignende, dette kan oppfattes som bra eller dårlig alt etter prioriteringene til instansen. Det er ingenting ved denne nye muligheten som sender videre personlige data utover at kilden er (feks) "mikrobloggen.no". Vi på Mikrobloggen har for øyeblikket valgt å slå denne innstillingen på.

Mikrobloggen
Show thread🏳️‍🌈🎃🇧🇷Luana🇧🇷🎃🏳️‍🌈4d ago

@Uglesett

Everything after the "?" symbol can be removed without issue

Uhhhh not really

That also has stuff like timestamps. And in some links, such as on youtube.com/watch?v=videocode, the actually important part of the link is also after the ? (as opposed to on youtu.be/videocode).

Show thread3A29, raspberry pi in a fox4d ago
@luana @Uglesett yeah was gonna say this too, some shops also use the stuff after the ? for product info etc

cleaning links is good but you have to be slightly more careful than just ditching everything after the ?
Show threadAlice 4d ago
@luana @Uglesett playlist also. So e.g. how would one clean up this link?

https://www.youtube.com/watch?v=IsiKUsrqFkc&list=PLvoAL-KSZ32dRMGLza8Dw4xZK6_1ItjNr&t=52

So much stuff here, but all of it is necessary. v indicates which video it is, list indicates which playlist it is, t indicates the timestamp. Granted, this isn't a youtu.be link, but only because that one already removes playlist, so it's not useful for sharing videos with their context intact.
The Problem with Video Essays

YouTube
Show threadNomdeb4d ago
@alice @Uglesett @luana If you click on the share (just below the youtube video itself) it gives you a link plus ? and tracker.
Show threadAlice 4d ago

@nomdeb @Uglesett @luana

Granted, this isn't a youtu.be link, but only because that one already removes playlist, so it's not useful for sharing videos with their context intact.

Show threadTock4d ago
Ignore me. Check the Edit link for where I fucked up.
Show threadAlice 4d ago
@Tock @Uglesett @luana no, as a matter of fact taking https://www.youtube.com/watch?v=IsiKUsrqFkc&list=PLvoAL-KSZ32dRMGLza8Dw4xZK6_1ItjNr&t=52 and cutting off everything after ? - that is v=IsiKUsrqFkc&list=PLvoAL-KSZ32dRMGLza8Dw4xZK6_1ItjNr&t=52 - will not show the intended video - https://www.youtube.com/watch is not a video URL. Time is also important - I might be linking to a specific point in a 4h video, for example.

Those 4 are safe to cut, yeah, but "just cut off everything after ?" is straight up misinfo - that's how you end up with people sharing broken links
The Problem with Video Essays

YouTube
Show threadTock4d ago

@alice @Uglesett @luana Ah, crap, yeah, you're right. Not the "v"!

Sorry about that. Misread is my fault. Everything including the & and after then?

Show threadAlice 4d ago
@Tock @Uglesett @luana v doesn't have to be the first parameter + again, you stil have time and playlist. Like I said, time is important - maybe you're linking to a specific point in a 4h video essay, for example. Playlist is important if you're , say, sharing a music video from a soundtrack or album split into individual tracks per video rather than a single video for the whole thing.

So - again - you can't blindly remove things - know what is safe to remove and use common sense. Sometimes it's fine to omit both time and playlist (sometimes even desirable), often not.
Show threadTock4d ago
@alice @Uglesett @luana Apologies if I left a bad vibe. I'll leave it alone, no more out of me.
Show threadC++ Wage Slave3d ago

@alice @Uglesett @luana @Tock

This #Firefox extension, #ClearURLs, removes tracking junk from URLs:

https://addons.mozilla.org/en-GB/firefox/addon/clearurls/

It's available both on desktop and on Android.

ClearURLs – Get this Extension for 🦊 Firefox (en-GB)

Download ClearURLs for Firefox. Removes tracking elements from URLs

Show threadAlice 3d ago
@CppGuy @Uglesett @luana @Tock

1. I was not asking for solutions
2. Right click -> copy clean url, no extensions needed
Show threadC++ Wage Slave3d ago

@alice @Uglesett @luana @Tock

You're not the only person in the thread.

Show threadno sauce only ketchup2d ago
@CppGuy You're a godsend, I was literally just wondering if there are extensions for that because I usually remove those identifiers manually 🤭
Show threadSilver Arrows3d ago

@Tock I just change the value after pp= to tiny.

No I'm not 12.

Show threadLin Nah3d ago

@alice @Uglesett
@luana

That's not tracking.

The link to the video is https://www.youtube.com/watch?v=IsiKUsrqFkc

the "&list=" means the video is part of a playlist - there are other videos following it.

t=52 means start the video 52seconds in. If you remove "&t=52" it just starts from the beginning

The Problem with Video Essays

YouTube
Show threadAlice 3d ago
@lin @Uglesett @luana did you read my post? /genq
Show threadcwicseolfor3d ago

@alice @Uglesett @luana With YouTube specifically you need to look for that si= part, the Share ID. In URLs with multiple ampersanded sections you can usually just pull the troublemaker. Unfortunately these are often idiosyncratic to different sites.

Easier: use Firefox, and when you go to grab the link use the “copy clean link” in the right-click menu.

Show threadGhostOnTheHalfShell3d ago

@alice @Uglesett @luana

I post the pure video link, taking the time to strip the way all the the tracking information and what not.

I think the main point of the original post was to make people aware of tracking information in shared links.

Generally, if you click on a share button, it’s going to add tracking information to it.

Show threadAlice 3d ago
@Uglesett @luana wow this is such a honeypot for reply guys

didn't even intend it as such
Show threadYuki Hazuki ·𐑘𐑵𐑒𐑘 ·𐑾𐑨𐑟𐑵𐑒𐑘 葉月膤 ❄️ 🏳️‍⚧️4d ago
@luana @Uglesett well, everything that doesn't look useful, of course you don't want to remove things you know are identifiers like id and v

every good website these days rewrite their URLs to avoid putting these IDs after the ? so on most commercial sites it's mostly for tracking and YouTube is pretty much an exception
Show threadDataline4d ago
@luana this campaign is overall good because oftentimes, this will only discard information that is easily recoverable, and generally we err on the side of privacy. only removing the si= and utm_*= parameters and experimenting to see which parameters you can get away with removing is accessible to anyone who can understand the very simple URI parameters syntax, which my 14yo does. so I think we can just expound on this first pass. my organization has been doing this for years
Show threadHelical = |4d ago
@Uglesett @luana yeah, usually just looking for si or utm or source or ref does the trick those 4 are all ive ever seen lol

Caching servers often need to easily recognize them so they don’t just think a different tracking link means they need to generate a totally new page, so it’s pretty rare for them to be something totally random
Show thread(((Ttown)))🌐✌4d ago
@luana @Uglesett
Desktop Firefox (and if I remember right Vivaldi) will let you copy a 'clean link' if that helps any. Phones, not so much.
Show threadnoodlejetski 3d ago
@Ttown @luana @Uglesett there's the webapp at https://linkcleaner.app/ by @corbin that's quite handy
Link Cleaner

Link Cleaner is a web app for removing tracking code, search parameters, and other junk from URL links.

Show threadTyler 3d ago
@luana @Uglesett yeeeeah I was about to say the same thing. I think it’s better to know what is used to track in urls and know to remove it. In YouTube’s case specifically si.

It’s frustrating that it’s taking a legit important and common part of urls and exploiting them
Show threadсерафими многоꙮчитїи3d ago

@luana @Uglesett I'm glad someone said it! I thought it was an issue, and checked with the share button (producing a youtu.be link) and thought "huh, I must have been wrong, that person on the Internet seems to be saying it with a high degree of confidence and my quick check agrees"

(Obviously I would notice if I was actually editing a YouTube URL and removing all references to what I was linking to, I would hope...)

Show threadAirikr 3d ago
@luana @Uglesett Exactly! I use such variables as settings for some of my projects.
Show threadJonathan Lamothe3d ago
@luana @Uglesett It's also theoretically possible to put tracking data before the ?, though I haven't seen that in the wild.
Show threadclacke: exhausted pixie dream boy 🇸🇪🇭🇰💙💛2d ago

@me @Uglesett @luana Some sites like fb, reddit and stackoverflow produce special share links that aren't just a link to the article, the link is unique to the person sharing it.

When I get a link like that, I'll look up the canonical URL before sharing it further. It's not only a privacy issue, it's a special case of the URL shortener issue and messes up our collective internet heritage, as it is very unlikely that URL will be resolvable ten years from now, and the internet archives and national libraries out there won't know that personalized URL.

Show threadmonkee 4d ago
@Uglesett you can also replace the utm values with fun ones

"utm_source=YourMum" etc.
Show threadaww-yawn4d ago
@monkee @Uglesett i like changing up a few characters from time to time
Show threadFiona   🔜 BornHack3d ago
@monkee @Uglesett Congratulations, now you've linked everyone together who used that same link.

If you can and want to modify it, just delete the parameters. Don't be funny here, if you want privacy!
Show threadBizcochito 4d ago
@Uglesett "all after ? Can be removed" fun misinfo, qnd this does not prevent people from shating tracking like its done in amazon with path params instead of queryparams xD
Show threadCambionn14h ago

@MeDueleLaTeta @Uglesett yeah the "everything after ?" statement isn't exactly correct.

But to your other point. While you won't block all tracking this way (not even close), all bits help. It's not a bad thing to clean links from unneeded parameters.

Show threadnicole mikołajczyk4d ago
@Uglesett you can use a fediverse client that reminds you to remove them ;)
Show threadCarsten Raddatz4d ago
Fortunately, there are Clean URL and Clear URL type browser extensions that help you do this automatically. Check what is available for your browser. :)
Show threadfbievan (powered by REAL polymaths)4d ago
@Uglesett no.
Show threadToni Aittoniemi4d ago
@Uglesett In Youtube links you want to only preserve the ”?v=(randomletters)” part up to the first & sign but not including the &
Show threadTheo Honohan4d ago

@gimulnautti @Uglesett The & is just a delimiter and (as of right now) Youtube will strip a trailing & out. (https://en.wikipedia.org/wiki/Query_string)

As another post has mentioned, there are other parameters you might want to preserve in Youtube links.

Query string - Wikipedia

Show threadMx. Luna Corbden4d ago
@Uglesett @Rozzychan 🫡
Show threadFrost, glow wolf 🐺4d ago
@Uglesett Not everything after a ? can always be removed, for instance with youtube.com/watch?v=(barf) the v=(barf) bit is the video ID and you need that. But most things can go!
Show threadLizzie she/her4d ago
@Uglesett share and practice
Show threadchris actual4d ago

@Uglesett Like the old saying from the 1930's:

"If its after the question mark, yeet it into the dark"

Show threadrakoo4d ago
@Uglesett

You can even do that automatically thanks to uBlock Origin, you need to activate the "AdGuard URL Tracking Protection" list (for some reason it's not activated by default) and all tracking shit in the url is removed
Show threadJuho Mäntysalo3d ago

@rakoo @Uglesett

Where exactly is this setting? I was unable to find it.

Show threadrakoo3d ago
@iju

You need to go to filters list in the settings tab dashboard
@Uglesett
Show threadJuho Mäntysalo3d ago

@rakoo @Uglesett

Found the filter description on the manual, but not in the settings. Perhaps it isn't included on the mobile version?

Show threadrakoo3d ago
@iju

weird I can see it on mobile as well...
Show threadJuho Mäntysalo3d ago

@rakoo

In that case, screenshot would be appreciated.

Show threadOsteopenia Powers ,4d ago
@Uglesett
Thank you for this clear explainer. Yes! Remove the tracking gibberish in URLs you post.
Show threadIAintShootinMis4d ago
@Uglesett I leave it if it's mastodon just for the benefit of knowing brands should know I'm here and I care about democratization of tech
Show threadJuno Jove4d ago

@Uglesett this is not correct, you usually can't remove everything behind the ?...

But you can and should remove utm and si.

Show threadSunny4d ago

@Uglesett

Or, select, then right-click and choose "copy clean link" instead of just doing "copy", or cntl-C, or cmd-C?

Great information... thanks for re-posting it here.

Show threadirelephant4d ago
Also: when sharing reddit links, make sure they're normal links and not /s/ links (eg, reddit.com/s/efFde3FS vs https://www.reddit.com/r/Lemmy/comments/14h88gb/ )
Show threadStellae Alis 4d ago
@Uglesett Enough people have already mentioned that you can NOT just remove everything after "?", but there's more wrong here.

While YouTubes "si" query parameter can track you and who you send a link to, that is NOT true for static parameters like "utm_source" with "newsletter" or "utm_medium" with "email". All they tell the website operator is that the link was clicked X times from within the newsletter and Y times from an e-mail, but it's impossible to draw any connection here between two individuals that shared this link in some way.

These parameters aren't only important to advertisers (they usually aren't at all), but they are important to the website operator, especially if it's a small business with limited resources. It shows them if a newsletter is actually read or how many clicks they received from Mastodon and so on. It shows them that the mediums they are using are actually worth pursuing or if they should focus their attention on something else.