Geoff

@[email protected]
309 Followers
434 Following
35 Posts
BSidesCLE 2026 | ISC2CLE
Cybersecurity | Linux
#InfoSec #Linux #OpenSource #LGBTQ #Vegan
Brain dumps.
GPGhttps://keyoxide.org/hkp/CE4847563563E7211BBB0E8784027CB265892681
Geoff1d ago
Errata:
I previously said AI would continue to improve.
Geoff1d ago
I have had a list of horse quotes for a while. Yeah lists. Yeah horses. A mix of pony, donkey.
But a relatively new one to me,
"If the horse you are riding is dead, get off it." #HorseTheory
Geoff1d ago
AI is like your childhood friend that most of the time they were fine and made general mistakes. Then one day they missed their meds and were hyper, didn't pay attention to anything you said, and broke shit. Then the next day they were fine again and didn't really understand what you meant by asking about "yesterday."
Geoff1d ago
Major Incident Report is an MIR.. not murr.
Geoff2d ago
Kevin Beaumont5d ago

It looks like Microsoft's DevOps libraries for Azure Functions might have been compromised. No statement yet but Github is nuking Microsoft's own repos.

https://opensourcemalware.com/blog/miasma-reaches-azure

The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds

GitHub disabled 73 Microsoft repositories across four of its GitHub organizations — the entire Azure Functions org, the whole Durable Task family, and a row of AI sample apps — in a 105-second sweep on June 5. The recompromised durabletask package sits at the center, and the fingerprints point at the open-sourced Miasma worm.

Geoff3d ago
Finding anti-datacenter petitions at Cleveland Pride were easier than finding the equal rights and marriage equality petitions.
GeoffJun 1
Hacker NewsJun 1
Ohio hits pause on datacenter tax breaks draining its coffers
L: https://www.theregister.com/on-prem/2026/06/01/ohio-hits-pause-on-datacenter-tax-breaks-draining-its-coffers/5249137
C: https://news.ycombinator.com/item?id=48361555
posted on 2026.06.01 at 15:34:47 (c=0, p=4)
Ohio hits pause on datacenter tax breaks draining its coffers

Buckeye State found it had inadvertently joined the billion dollar losers' club

theregister
GeoffJun 1
Is there a synonym for the term "Hash function"?
GeoffJun 1
If a company keeps buying one-trick ponies, no the company will not be a one-trick pony.
GeoffJun 1

Most Linux and UNIX folks are familiar with the "fork bomb" there is a famous Perl example :(){ :|:& };:
This spawns processes in an unending loop until the machine dies.
The Perl notation is famous, the fix is not.

In Linux there used to be just a limits.conf file. Check /etc/security/limits.conf

Now, it's going to be multiple places for systemd.
Check /etc/systemd/system.conf
Then, check recursively the files in
/etc/security/limits.d/ and
/etc/sysctl.d/ and
/etc/systemd/system/

Next, what should the limits be? You want Prod applications to run, but prevent a malicious user forkbomb, or a process going wild and taking down the server.

Maybe try:

# /etc/security/limits.d/10-fork-protection.conf

# Interactive human users for normal work
@interactive hard nproc 2048
@interactive soft nproc 1024

# Unprivileged service accounts that don't need many threads (monitoring agents)
* hard nproc 2048
* soft nproc 1024

# Exemptions for known Prod workloads (tune accordingly)
MyDatabase hard nproc 26536
MyDatabase soft nproc 15536
MyServiceAccount hard nproc 25536
MyServiceAccount soft nproc 15536

# /etc/systemd/logind.conf.d/tasks-limit.conf
[Login]
UserTasksMax=2048

hashtag#InfoSec hashtag#Linux hashtag#BlueTeam hashtag#Protection hashtag#SelfHosting