Adrian Sanabria

@sawaba@infosec.exchange
1.9K Followers
275 Following
2K Posts

🎙️ Enterprise Weekly Podcast
🤝 Founder @bsidesknoxville
🗣️ Faculty @IANS_Security
🕵️ Security Research
🍳 Cooking
⛰️ Hiking
🏎️ F1

"I rant with data!"

🤝 BSides Knoxvillehttps://bsidesknoxville.com
🎙️ Enterprise Security Weeklyhttps://securityweekly.com/esw
📚️ Cybersecurity Canonhttps://cybercanon.org
💣️ Destroyed by Breach Datasethttps://docs.google.com/spreadsheets/d/15CTPcgZQenWKDLDTQ2ibveUM4i7Of_n20TzdTi23xcg/edit?usp=sharing
Adrian Sanabria1d ago

I feel SO behind and stressed because I haven’t built anything with MCP yet.

The AI bubble could burst any time now and MCP isn’t a year old yet

But I feel like a laggard at this point

Could everything just slow down please?

Adrian Sanabria1d ago
Ian Coldwater 👻🌿2d ago

PSA: go apply the urgent security update to your Apple devices. Don’t wait. Do it right now

https://www.macrumors.com/2025/08/20/ios-18-6-2-vulnerability-fix/

Update Now: iOS 18.6.2 and macOS Sequoia 15.6.1 Fix Actively Exploited Vulnerability

Apple today released new iOS 18.6.2, iPadOS 18.6.2, and macOS Sequoia 15.6.1 updates, and the software addresses a security vulnerability that is...

MacRumors
Adrian Sanabria2d ago
Tod Beardsley2d ago

Hey y'all don't sleep on this one.

Agency Information Collection Activities: Vulnerability Reporting Submission Form

#CISA wants to know what your ideal vulnerability reporting system would look like.

"CISA previously published this ICR in the Federal Register on October 30, 2024, for a 60-day public comment period. CISA received one comment. The purpose of this notice is to allow an additional 30-days for public comments."

Man, remember October, 2024? Things were looking pretty great back then. What a time to be alive.

Anyway, thanks for the extension, Kevin, ya big lug!

https://www.federalregister.gov/documents/2025/08/20/2025-15887/agency-information-collection-activities-vulnerability-reporting-submission-form

Federal Register :: Request Access

Adrian Sanabria4d ago
Joseph Cox4d ago

Grok is exposing the underlying prompts for its AI personas, including such commands as “BE FUCKING UNHINGED AND CRAZY. COME UP WITH INSANE IDEAS. GUYS JERKING OFF, OCCASIONALLY EVEN PUTTING THINGS IN YOUR ASS, WHATEVER IT TAKES TO SURPRISE THE HUMAN.”

https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/

Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ASS’

The website for Elon Musk's Grok is exposing prompts for its anime girl, therapist, and conspiracy theory AI personas.

404 Media
Adrian Sanabria5d ago
Matt Blaze5d ago

I wonder if the federal patrols descending on DC will be including white-collar crime in their crackdown. You know, like pulling over fancy cars and auditing their taxes.

That could have a real impact.

Adrian SanabriaAug 13

My mom is a famous artist and is a guest on a podcast that focuses on the business of art

She also describes some of her art, so if you like Godzilla and phrases like, “projectile vomit, but in the best way possible”, check it out!

https://youtu.be/ptdhilPWEbM?si=V67--b1xTLrRttBX

Increasing Art World Visibility with Denise Stewart-Sanabria - The Professional Artist Podcast

YouTube
Adrian SanabriaAug 9
DaveybotAug 9

Haha! Can't believe it worked!

#photography #Edinburgh #Concrete #CarPark #RedArrows

Adrian SanabriaAug 8
Joseph CoxAug 8
New from 404 Media: Congress has launched a formal investigation into Flock after our articles revealing cops were performing lookups for ICE in its AI-cameras, and that a cop searched the nation's cameras for a woman who had an abortion https://www.404media.co/congress-launches-investigation-into-flock-after-404-media-reporting/
Congress Launches Investigation into Flock After 404 Media Reporting

Congressman Raja Krishnamoorthi's office said this was “a formal investigation into Flock Group Inc. over its role in enabling invasive surveillance practices that threaten the privacy, safety, and civil liberties of women, immigrants, and other vulnerable Americans.”

404 Media
Adrian SanabriaAug 8

Orchids from Vizcaya

#bloomscrolling

Adrian SanabriaAug 7
David AdamAug 3
It's very simple really. There are Drives and Sites. You can find your Sites in Teams where they are called Channels. Or Files in Channels. Sites are also in SharePoint. Drives are also in SharePoint but you can't access them that way except by accident. Libraries are Groups that are also Files (but Teams calls these Knowledge Bases). You can save things in Notebooks which are saved in a Drive but can also contain Drives or Sites (but not Teams, which are what Teams calls Teams and where Channels are stored, which SharePoint and OneDrive call Sites). Copilot is both a way to access Sites and Drives, and a way to produce lies. Nobody knows what 365 means. If all of this is overwhelming, consider speaking to your administrator about whether Microsoft Death is right for you.
×
r҉ustic cy͠be̸rpu̵nk🤠🤖Jul 31
Learning how to #Perl
Show threadvlothonianJul 31
@cypnk
TIMTOWTDI
Show threadTim ChaseJul 31

@cypnk @dexter

I'm getting very @mwl vibes from this 😆

Show threadmillennial falconJul 31
@cypnk 😂😂
Show threadIan WagnerJul 31
@cypnk @dexter 🤣🤪🤣 I’m the British dude every time I see Perl haha.
Show threadnoplasticshowerJul 31
@cypnk let the LLMs beware
Show threadSøren HaveJul 31
@cypnk That hurt. 😬
Show threadPaul_IPv6Jul 31

@cypnk

in the early ISP days, i ran the NOC. we had an excellent coding team but they were always over-booked.

i'd need some tool for the NOC and i'd get "we can get to that in 3 months", etc.

i figured out that if i wrote what i needed in perl, sent them a link to the code, and told them i was about to put it in production, i'd get "we can use that as a functional spec. we can get you code in a week. *please* don't put that perl into production...".

Show threadchronophageJul 31

@cypnk Remember the single greatest optimization you can have for your code is that it runs. Every other performance gain is marginal.

Also... may #Perl never die 🐪

Show threadekariJul 31
@cypnk The best example of write only language I've encountered 
Show threadBill RickerAug 1

@ekari @cypnk
having used most of them (I missed Snowball/Icon some how?), I'd have to agree. Tho' i have some lingering affection for APL/J and FORTH, I'm not /doing/ anything with _them_.

Readable literate Perl is at least possible (and is required in the surviving large Perl shops).

Show threadekariAug 1

@BRicker @cypnk I must clarify that I haven't written a line of Perl in 20+ years. But I do remember, that it always felt easier to start from scratch than to decipher something already written. TIMTOWTDI wasn't great.

With Python everything became simpler.

Show threadBill RickerAug 1

@ekari @cypnk

Yes, those of us still in #Perl world are those who valued TIMTOWTDI.

20 years ago, there was indeed a lot of Perl that wasn't very extensible.
Things have changed (in part because the people writing bad Perl left).

Show threadChris (so far)Aug 1

@BRicker @ekari @cypnk Those who valued TIMTOWTDI but understood BSCINABTE settles the stomach.

(But Sometimes Consistency Is Not A Bad Thing Either, for those who don’t know the acronym)

Show threadBill RickerAug 1

@perigrin @ekari @cypnk
Yeah, in-house consistency is very useful!
Principle of Least Surprise applies to code as well as to UI.

Damian was explicit in _Perl Best Practices_ that internal consistency in a codebase was the prinary goal, that his recommendations were just a starter set (chosen to minimize oopsies) that should be adjusted to local taste. (Uri & I got a couple footnotes and sidebars added in AlphaReading where tastes varied.)

Show threadekariAug 1

@BRicker @cypnk Ouch, I took a hit! 😅

Hmm. Maybe I should take a peek at a modern Perl project. Any suggestions?

Show threadBill RickerAug 1
@ekari @cypnk
For a fun one, Ovid's SciFi MMO-RPG "Tau Station" is a lovely project https://www.youtube.com/watch?v=AWy9bC8lBns .
(He's also the architect of our next, and finally core, OO framework.)
Curtis "Ovid" Poe - "Modeling a Universe in Perl"

YouTube
Show threadBernard QuatermassAug 2

@ekari @BRicker @cypnk I’ll toot my own horn at this point. My current sysadmin utility, built on a whole set of my other crimes. Classes all the way down.

https://code.quatermass.co.uk/toolsmith/perl-App-IPSetMgr

perl-App-IPSetMgr

General IP Set Manager

Code From The Pit
Show threadBill RickerAug 2
@QuatermassTools
Sounds useful, but either you're down for maintenance or using a blocklist that keeps rotating ISP IPs listed too long?
Show threadBernard QuatermassAug 2

@BRicker yup, it’s got a list of 800000 subnets from AI crawlers gathered during a fairly heavy attack back in February, one of the reasons for writing the tool in the first place.

I should be able to clear down the list, probably tomorrow and rebuild now the tool can be used in anger.

Show threadGrowlph IbexJul 31
@cypnk I legit love how Perl celebrates the creativity of finding cursed new ways to do things.
Show threadr҉ustic cy͠be̸rpu̵nk🤠🤖Aug 1
@growlph What is a curse, but a blessing in disguise /ducks
Show threadEndlessMasonAug 1

@cypnk
Are we talking 3 curses in a trench coat, or more of a fake moustache type situation?

@growlph

Show threadr҉ustic cy͠be̸rpu̵nk🤠🤖Aug 1

@EndlessMason
Yes. Otherwise known as /yes/

@growlph

Show threadPaco Hope #resistAug 2

@cypnk It says “two days ago” but I think it means “two decades ago.”

#perl #progtamming

Show threadSREagleAug 3
@paco @cypnk
"two decades ago" rings a bells... Wasn't that around the time when dunking on languages became stale? I vaguely remember reading about those sad practices in some archive, I think. 🤔