Mastodawn

S10k

@macilath@infosec.exchange

12 Followers

85 Following

48 Posts

SWE getting involved with Security engineering. Learning stuff about #AppSec and #CloudSecurity.

do not turn off the bus.

S10k Dec 16, 2024

Hello friends and happy #CyberMentoringMonday!
I have been recently promoted to managing the dev team I am on, and am seeking a #mentor or #advice on navigating this change.
I’d also like to eventually find a mentor or coach for furthering my career to enter the security side of cybersecurity.

S10k Dec 6, 2024

Tixie Salander Dec 6, 2024

Doctor: "you definitely have clinical burnout."
Me: "Oh man. Well, how long is that going to take to fix, because I've got a _lot_ of stuff that needs doing."
Doctor: …
Me:
Me: what?

S10k Nov 25, 2024

Royce Williams Nov 25, 2024

Potentially unpopular take:

Attribution is a distraction.

Most orgs are not mature enough for attribution to actually differentiate response (just like honeypots).

Layer 8 is obsessed with attribution -- perhaps to make things more dramatic / urgent? -- so it persists.

So such things get chased, to the detriment of the basics.

S10k Nov 21, 2024

Here's a bit of a peek into what I've been working on. Yes, this is a UI only an engineer could love.

Introducing Venture, a cross-platform Windows Event Log viewer written in Tauri (Rust + React). Venture allows you to review Windows log files on any platform you like, with easier search/filtering than the existing event viewer.

It's still early days, but I'm excited by what we have so far. It's also very fast, which I know evtvwr users will appreciate.

Still to do: make it pretty, add export options, and add tagging/flagging for events for easy review and reporting.

S10k Nov 20, 2024

Sophie Nov 20, 2024

Mastodon: Bluesky is Bad, actually
Bluesky: Mastodon is Bad, actually

It’s like a shit version of West Side Story. how long before a Mastodon user and a Bluesky user fall in love while communicating exclusively over the fedi bridge

S10k Nov 6, 2024

Very Hairy Jerry Nov 6, 2024

I feel like I shouldn’t have to say this, but now is really not the time to be assholes to other people. And no, your hot take on who screwed up or what went wrong is probably not helping in any way.

S10k Oct 31, 2024

Ian Coldwater 👻🌿Oct 31, 2024

I don’t know who needs to see this, but here is a baby lamb

S10k Oct 23, 2024

BrianKrebs Oct 23, 2024

Other reporting on this:

404 Media's take: https://www.404media.co/inside-the-u-s-government-bought-tool-that-can-track-phones-at-abortion-clinics/

NOTUS: https://www.notus.org/technology/cell-phone-tracking-law-enforcement-abortion-clinic

Haaretz (English version should be available in a few hours): https://www.haaretz.co.il/news/security/2024-10-23/ty-article-magazine/.premium/00000192-b90c-dc97-a593-f96f50800000

Not sure when the NYT will be publishing. My impression was they were planning to cover the regulatory side of this in detail.

Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion Clinics

Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant.

404 Media

S10k Sep 27, 2024

Very Hairy Jerry Sep 27, 2024

@GossiTheDog MY VULNERABILITY IS SEVERE!!1 WHY ARENT YOU PANICKING?!?!?

×

do not turn off the bus.

Martin Costello 🏳️‍🌈🇪🇺🪿Mar 13

It is now safe to turn off your bus.

cliffordheath Mar 13

@repeattofade Hope they don't encounter any detours, or the bus will have to turn off

@repeattofade If this bus moves more than 5% per hour, it's rigged to explode!

Multi Purr Puss

@repeattofade they need to polish their in-flight infotainment tech. 😅 (do you have a [rough] geo loc?)

David J. Atkinson Mar 16

@platymew @repeattofade Cellige, Texas (you can see it in the log)

Dr Alice Violett Mar 14

@repeattofade this Speed remake is a bit low-stakes.

@alicemcalicepants @repeattofade The bus explodes if the firmware download speed drops below 50mbit/s. Keanu plays an overworked SRE trying to keep machines and networks from getting bogged down while 1000s of other buses also are attempting to update at the same time. Sandra Bullock gets bored and simply walks off the bus while the firmware update is happening.

@repeattofade
Please tell me the bus was not in service when the photo was taken.

@repeattofade Speed 3 is a weird movie

The Turtle Mar 14

@repeattofade what if the bus... crashes?

Maxi 11x 💉Mar 14

@repeattofade
It’s now safe to turn off your bus.

Jochen Marschall Mar 14

@repeattofade
@bitsundso seid ihr das?

Dim Simple Mar 14

@repeattofade Speed 3 just dropped.

Irenes (many)Mar 14

@repeattofade amazing

fossilite Mar 14

@repeattofade you can go to prison if you flash your BIOS on the bus.

Marcus Adams Mar 14

@repeattofade Surprised they don't have it hard wired to the battery with a sense wire connected to accessory power. That way it could sense when the bus is off and go to sleep under normal conditions, with the option of staying powered on long enough to finish updates in a situation like this.

[object Object]Mar 14

@gerowen @repeattofade Two months ago we learned that flight data and cockpit voice recorders aren't connected to a battery on Boeing 737. I'd give the bus a pass.

Rupert Reynolds Mar 14

@gerowen @repeattofade That would need people to PLAN their systems and for the implementation to be GOOD. And PLAN and GOOD are 4-letter words; -)

@gerowen @repeattofade

In Germany, I occasionally see a city bus or long-distance train unable to continue after a stop and the only (and officially determined) remedy is for the driver to mechanically disconnect the battery from the circuit, forcing a cold start of the entire electronic system.

dr 🛠️🛰️📡🎧

blobfoxcomputer

@gerowen @repeattofade My laptop doesn't do this, so why would vendor-lock-in bus video software do it?

Marcus Adams Mar 14

@davidr @repeattofade I dunno; it was just a thought, though to be fair your laptop's battery can't be accidentally disconnected while a process is running except under specific circumstances like you holding the power button or running it completely dead.

Deborah Pickett Mar 14

@repeattofade Everyone's too young, no one's made a joke about "bus error: core dumped" yet.

Ian K Tindale Mar 14

@futzle @repeattofade these buses come along one after the other and they’re also suitable for almost any bus route you wish to apply them to

MomentRabbit, variant.Mar 14

@futzle @repeattofade

I was just wondering if this was the fabled S100 bus.

@futzle @repeattofade Yep, SIGBUS incoming!

@futzle @repeattofade And if it was an army vehicle...

SIGBUS: corps dumped

Where is General Panic when needed?

Vixens (Back to Smut reading)Mar 14

@repeattofade hmm, bet someone turned off the bus too... just seems like something that would happen.. I mean how many people turn off their computers during a windows update, and then get confused as to why their computer wont boot next time... enough that ms built the recovery program directly into the os instead of the install media (that most people either lose, or never get in the first place)

Dawn Tåke 🌙

@repeattofade
Bus driver instructions now 4% more munbly.

@repeattofade that is the worst thing to see on a bus

@repeattofade @MeierSchulze 😄

poulpomancien Mar 14

@repeattofade is it using DBus? 😜

@repeattofade Must be an update of the universal serial bus driver 😆

@repeattofade lol that’s great. Does the bus run Windows though?? (Looks like a Windows progress bar)

@codecat @repeattofade By the look of the filename, it's a .ihex file which is an Intel HEX object file, so I'm guessing it's probably running on a RISC-V ARM based CPU with Oracle Linux.

@Alkaris ohh good investigative work!

@Alkaris @codecat @repeattofade Risc-v? 🤓 And which SoC from whom would they be using...? 🤔

@repeattofade
SIGBUS. Update failed. 😸

madame poolhair Mar 14

@repeattofade 😂😂😂🚌🚍🙋‍♀️

Alexander Knochel Mar 14

@repeattofade Speed : the 2025 remake

Alexander Knochel Mar 14

@repeattofade A bus full of passengers is forced to race across the continent while a crucial software update is progressing, putting everyone aboard, and the future of mankind, in peril. (featuring Leni Klum and Justin Long)

Krystian Majewski Mar 14

@repeattofade That is what happens when you switch to the Universal Serial Bus and get rid of all of the drivers

Pteryx the Puzzle Secretary Mar 14

@repeattofade Hopefully that's not the update to allow ICE to remotely hijack the bus to auto-drive it to a detention center...

christian mock Mar 14

@repeattofade Having built a software update system for public transport signage myself, I know it can be done better -- where the upgrade runs in the background, is failsafe, and the only thing you see on the display is the reboot at the end. I've even done a writeup of the interesting parts: https://www.tahina.priv.at/hacks/there-be-dragons.html

there-be-dragons

@repeattofade sorry boss, can't make it to work today, firmware update bricked my bus.

@repeattofade I'm a download a bus today

@repeattofade If the updates arrive on a thumb drive, is it a universal serial bus bus?

@repeattofade also, please don't turn ON the bus

Nafeon (Main)Mar 14

@repeattofade 🎶🎶🎶 Keep rollin', rollin', rollin', rollin' (Come on) 🎶🎶🎶

@repeattofade I imagine @askarel 's bus like that xD

Rupert Reynolds Mar 14

@repeattofade Meanwhile, the driver has been told to turn off the bus if it's expected to be stationary for more than a minute or two...

Mind you, I've never seen those screens display anything useful and accurate, so why worry? :-)

fedithom Mar 14

@repeattofade love it

Ingmar Spit Mar 14

wall-e / Daniel Mar 14

@repeattofade make that "do not slow down the bus" and you've got a 90's action movie :D

@repeattofade do not turn off dbus

@repeattofade New driver update

Clic 🌱Mar 14

@repeattofade
Hé, @gee, encore un coup de la Geekette, comme dans un des GKND ? 😀
#GBplusde10ans

gee Ⓐ⚑Mar 14

@clic héhé, du coup plus #GKND que #GB 😛