Schwa

@[email protected]
34 Followers
93 Following
79 Posts
Tech dork doing tech things
SchwaOct 6, 2024

So I'm reading @adamshostack's book "Threats: What Every Engineer Should Learn From Star Wars" and I came across this paragraph.

___________

Today's many voice-controlled devices have no accounts or authentication. When they do, it's likely they'll be set up to be forgiving to reduce frustration. It won't be like the movie Sneakers where much effort was required to tape (!) Robert Redford saying, "My voice is my password; verify me."

____________

This movie is too good to let this pair of errors go unaddressed.

1) It was not Robert Redford's character being taped saying that line. It was the character of Dr. Werner Brandes

2) His voice was definitely not his password. It was his...

SchwaAug 6, 2024
geekystevenAug 6, 2024
Harris choosing Tim Walz as her running mate sets a dangerous precedent that Democrats might do cool shit that voters love
SchwaJul 25, 2024

WTF?

https://rollcall.com/2024/07/23/house-spending-bill-would-clip-ftcs-reach-in-mgm-cyber-probe/

House spending bill would clip FTC’s reach in MGM cyber probe - Roll Call

A policy rider in the House fiscal 2025 Financial Services spending bill would curtail a FTC probe of a cyberattack last year at MGM Resorts. 

Roll Call
SchwaJun 20, 2024
Ars TechnicaJun 20, 2024

Nearly half of Dell’s workforce refused to return to the office

Workers stayed remote even when told they could no longer be promoted.

https://arstechnica.com/gadgets/2024/06/nearly-half-of-dells-workforce-refused-to-return-to-the-office/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

Dell said return to the office or else—nearly half of workers chose “or else”

Workers stayed remote even when told they could no longer be promoted.

Ars Technica
SchwaNov 7, 2023

No matter how many times in my career, after however many years... any time I make a mistake and break prod, I beat myself up about it.

I constantly tell young engineers that it happens to everyone, and not to beat yourself up. And yet, I still do it.

SchwaOct 25, 2023
I just wrote a firewall policy I really, REALLY hate, and vehemently protested against implementing. Ask me nothing.
SchwaOct 17, 2023
hrbrmstr 🇺🇦 🇬🇱 🇨🇦Oct 17, 2023

🚨We ( @greynoise ) are seeing initial scans looking for compromised Cisco IOS devices (CVE-2023-20198): https://viz.greynoise.io/query?gnql=tags:%22Cisco%20IOS%20XE%20CVE-2023-20198%20Scanner%22

^^ hit most of the fleet. Looks like there may be a second IP using a slight variant of the path/query string (investigating it now).

@vulncheck has a great blog indicating scores of impacted devices in the wild: https://vulncheck.com/blog/cisco-implants

SchwaOct 17, 2023
Do you know how much better my life would be if CS programs required a Network Fundamentals course in year 1? Or you know... at all.
SchwaOct 11, 2023
Glad to see the `curl` vuln wasn't as bad as I'd feared.
SchwaOct 11, 2023
Happy curl day to those who celebrate!