lippard✅

@[email protected]
749 Followers
1.5K Following
2.8K Posts
former infosec career @ financial services, healthcare, and telecoms; threat intel, cyber exercises, secops, et al. fan of history and philosophy of science, epistemology, law, logic, critical thinking. Worked on two Ph.D. programs w/o completing; former Multician.
Lippard Bloghttps://lippard.blogspot.com/
GitHubhttps://github.com/lippard661
lippard✅6h ago
The Shadowserver Foundation6h ago

Heads up FortiClient EMS users! CVE-2026-35616 (new) & CVE-2026-21643 - both unauthenticated RCE observed to be exploited in the wild! We fingerprint about 2000 instances globally, see public Dashboard: https://dashboard.shadowserver.org/statistics/iot-devices/time-series/?date_range=30&vendor=fortinet&model=forticlient+enterprise+management+server+%28ems%29&dataset=count&limit=100&group_by=geo&stacking=stacked&auto_update=on

Top affected: US & Germany https://dashboard.shadowserver.org/statistics/iot-devices/map/?date_range=1&vendor=fortinet&model=forticlient+enterprise+management+server+%28ems%29&data_set=count&scale=log&auto_update=on

Raw IP data shared in our Device ID reporting https://www.shadowserver.org/what-we-do/network-reporting/device-identification-report/
If you receive data from us on exposed instances, check for compromise & patch!

Patch info:
CVE-2026-35616 (0day reported by Defused Cyber): https://fortiguard.fortinet.com/psirt/FG-IR-26-099
CVE-2026-21643: https://fortiguard.fortinet.com/psirt/FG-IR-25-1142

Show threadlippard✅4d ago
That "was" doesn't mean is no longer, but just when I knew him. I was sad to see him leave Multics in 1980 before I started working there (in 1983), but I did get to meet him in Cambridge when he was at Symbolics. https://en.wikipedia.org/wiki/Bernard_Greenberg
Bernard Greenberg - Wikipedia

Show threadlippard✅4d ago
Bernie was an incredibly generous man who helped me get emacs working on my home terminal, which wasn't previously supported -- an enormous CDC713 that I found used somewhere, and initially was used with a 300 baud modem. Looked a lot like this: https://deskthority.net/viewtopic.php?t=11496
Control Data Corporation CC609D terminal - deskthority

lippard✅4d ago
Bernie Greenberg (bsg) on the development of Multics emacs. https://github.com/larsbrinkhoff/emacs-history/blob/sources/docs/Bernard-Greenberg-interview.org
Show threadlippard✅5d ago
Also related: https://www.phoenixnewtimes.com/news/hacker-cracker-watchman-spy-6422898/
Hacker, Cracker, Watchman, Spy

Like a lot of thieves, Gambit only works at night. It's half past 10 in Phoenix when he boots up his laptop. Darth Vader's voice intones "What is thy bidding, my master?" Gambit double-clicks on a desktop icon shaped like a chess queen and offers no reply. He's about to...

Phoenix New Times
Show threadlippard✅5d ago
Related to the part that starts about 1:06:00 in: https://www.reddit.com/r/amiga/comments/wgk6yk/any_phoenix_area_amiga_bbs_users_from_the_mid90s/
lippard✅5d ago
Finally listened to this episode of Where Warlocks Stay Up Late: https://wherewarlocksstayuplate.com/interview/mohammed-bagha/
Episode 8: Mohammed Bagha aka "MB" - WWSUL

Mohammed Bagha, who keeps his hacker handles anonymous, was one of the most feared hackers of the 1990s, with a larger-than-life online persona and the skills to back it up.

WWSUL
Show threadlippard✅6d ago
On a side note, I finally got around to playing with the Multics simulator, which runs on DPS8 hardware emulation. I easily got it running on macOS and on OpenBSD. I see some of my old colleagues have been busy making changes.
Show threadlippard✅6d ago
We will, I think, eventually get serious about mathematically provable security, langsec, and using specialized systems, at least in areas where security and safety are critical.
Show threadlippard✅6d ago
He writes of this as a totally failed approach vs. open source UNIX. There's no denying that Unix became far, far more commercially successful and widespread, but it also has been a source of major security issues that persist to this day.