Aaron Soto

@surefire@infosec.exchange
175 Followers
521 Following
6.1K Posts

Teaching was my first love. Packets were my second.

I make classes to teach people how to defend themselves against hackers. In my spare time, I teach college students to compete in cybersecurity competitions, or try to take back my home automation from the cloud.

he/him 🏳️‍🌈 ❤️💜💙

(Profile banner is a sunset sky from underneath a bridge with kayakers and the edge of the Austin city skyline)

Twitter@_surefire_
Githubhttps://github.com/sure-fire

Fuck this "you're on the wrong side of history" bullshit. How about "you're on the wrong side of now, mother fucker"?

Or how we used to say in the good ol' days, "you ain't right".

This is an impressive purely-local web app from @soapdog. Upload a folder containing a book manuscript in Markdown; get back an EPUB and a website as a zip file. All done locally in the user's browser. https://little.webby.press/
Little Webby Press

It doesn't matter if they are ever coming for you. It was always ever already too much that they were coming for anyone.

I've spent not-insignificant amount of time at protests in the US, looking for signs of IMSI catchers and never found anything, so when I saw this, my ears perked up:

https://san.com/cc/exclusive-evidence-of-cell-phone-surveillance-detected-at-anti-ice-protest/

Exclusive: Evidence of cell phone surveillance detected at anti-ICE protest

Mobile network anomalies consistent with cell phone surveillance were detected at a July 4 protest at an ICE field office in Washington state.

Straight Arrow News
If you can’t say something not AI-generated, don’t say anything at all.
Litigious Company Demands Removal Of A Tweet Linking To An Article About How Litigious They Are

It’s not every day you watch a company faceplant so theatrically in public, but Cloud Innovation’s latest stunt deserves a slow clap. Cloud Innovation, which you’d probably never heard of unless yo…

Techdirt

“Noem didn’t authorize FEMA’s deployment of Urban Search and Rescue teams until Monday, more than 72 hours after the flooding began, multiple sources told CNN.”

The conclusion has to be that ICE Barbie left people to die.

https://www.cnn.com/2025/07/09/politics/fema-texas-flood-noem?cid=ios_app

FEMA’s response to Texas flood slowed by Noem’s cost controls

As monstrous floodwaters surged across central Texas late last week, officials at the Federal Emergency Management Agency leapt into action, preparing to deploy critical search and rescue teams and life-saving resources, like they have in countless past disasters.

CNN

@sarahtaber

As a kid that grew up on a farm this needs to be said louder. AG labor not only takes real skills and knowledge but also a dedication to work long hours when the weather is right for planting/harvesting and the endurance to do it. It also can be a job with zero days off. Ask the average dairy farmer what the weekend or a vacation is and they'll look at you cross-eyed.

If we want a 100% US AG Workforce than let's create a path to citizenship for the people that want to do the work. The immigrant harvesting the fields or working a meat packing plant is not a threat to our nation but not having them is.

And while we're at it let's break up the big AG monopolies so that small family farms and small AG businesses can compete.

A 5-month-old puppy saved 67 people from a devastating landslide in India. This is Rocky. In the early hours of June 30th, he was sleeping on the ground floor of his home in Siyathi village as torrential rains poured down outside. Rocky woke up, began barking, and got the attention of his human, Lalit Kumar. “I was woken by my dog’s strange barking, as if he was trying to warn me. When I reached him, I saw a huge crack in the wall and water pouring in,” Kumar said. Thanks to Rocky’s early warning, Kumar was able to wake up the others in the village, encouraging 22 families to evacuate to safety. Soon after, nearly a dozen houses were flattened as a landslide struck the village. Rocky has only been with Kumar for three months, but he’s already an extremely valued member of his community, having helped save the lives of all of his neighbors. 15/10

🐦🔗: https://nitter.oksocial.net/dog_rates/status/1943073696723181620#m

[2025/07/09 22:24]

FreeBSD 15 recently gained a nice feature called "exterr”, which allows syscalls to return an error message string in addition to an errno value.

that's nice for lots of things, but particularly for things like if_bridge that have a lot of error cases that return EINVAL and it's not really clear what's going on.

old behaviour:

# ifconfig bridge1 untagged epair2a 20
ifconfig: BRDGSIFPVID 20: Invalid argument

new behaviour:

# ifconfig bridge1 untagged epair2a 20
ifconfig: BRDGSIFPVID 20: Invalid argument (extended error VLAN filtering not enabled)

this only works for syscalls which have specifically added support for it, so it'll take a while for everything to get the new errors.

#freebsd

×
Chandler Sobel-Sorenson of the University of Arizona Genomics Institute decided to triple down on his rudeness this morning, so he has earned the honor of being publicly named and shamed.
His previous two rude emails were sent to me from his work email address, Chandler@genome.arizona.edu, but apparently he thought it unwise to send an overtly abusive email from that address, so this morning he sent me the abusive message below from his private email, scar@riseup.net.
#FOSS #NameAndShame
@jik Except my first two emails were anything but rude. Why don't you post them so everyone can see how polite and professional I was, and how rude your second response was and how delusional you are? I don't see anything in this message associated with my employer, which is easy for anyone to look up due to my unique name and try and threaten to use against me.
@scar I am happy to share our entire email exchange, including the last email which you sent me after the message below, which unlike your marginally polite public posting, was once again overtly abusive, thus demonstrating for the second time (the first being when you switched from your work to your personal email) that you KNOW you're being an asshole to me privately and are therefore behaving differently when there is an audience.
@scar Here's the first email in which you acknowledge you've read the release notes in which I explicitly say Betterbird is not supported and yet you're asking me for help with Betterbird anyway.

@scar Here's my reply, in which I reminded you, politely, that I do not support Betterbird.

"Thank you for the offer of help with an Exchange account, but I actually do currently have access to one and I'm in the process of debugging and fixing the Exchange issues, so I don't currently need another account.

Regarding the issue you are seeing, I am sorry, but I do not currently have the capacity to support Send Later in Betterbird."

@scar Most people, after having been told _twice_ that help is unavailable, would stop asking. But nope, you kept going. Your _words_ here are polite, but _what you are asking_ is rude.
@scar Here's my reply in which I pointed that out. Note: no swearing, no name-calling. Just you're being rude, please stop.
@scar And here's where you switched to your personal email account and got abusive, presumably because a little voice in the back of your head told you it might be a bad idea to be abusive to people from your work email.
@scar Here's my reply to that. Again, no swearing or name-calling.
@scar And here's your last reply to me, which is totally normal and not at all the type of reply you get from an internet kook (ooh, a lawsuit threat! how original and not something I've ever encountered before, having been active under my own name on the internet since 1987!).
@scar As for why I took the time to send you my last email above? Again, not that it is any of your business, but I sometimes like to give people who are rude to me a chance to reconsider their life choices and learn something from the exchange.
On one or two occasions, this has even resulted in an apology.
You chose a different path.
I'll give you a couple days to reconsider before I forward our entire exchange to your employer, as I said I would if you continued to abuse me.
@scar However, anything more you have to say to me, you'll have to say here rather than in email, because I've blocked both of your email addresses.
And if you double down here and continue to insist you've done nothing wrong, I'll block you here as well.
Your choice.
@jik Ask a disinterested third party then: https://pastebin.com/nYhnV4H5
Analysis of the ExchangeIt appears that both parties contributed to the esca - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.

Pastebin
@scar Seems pretty accurate and totally unbiased and disinterested! lol
@scar And with this, your most recent response, you've made it 100% clear that you are totally invested in not admitting any fault here or learning anything from this exchange, and therefore there no longer anything to be gained from my interacting with you, so 👋. *plonk*

@jik Gotta love the classic misinterpretation of the first amendment as well.

It means I can be a dick to you and you have to take it (No, because you aren’t the government limiting his speech), but it doesn’t mean you are allowed to complain to my employer (Of course you can).

@philip Yes, this guy managed to hit quite a few of the butthurt internet kook greatest hits.

@jik Two other things come to mind:

The use of snowflake as an insult to me implies something about the person's political allegiances.

1. I wonder if he realizes that FOSS is itself a political movement, one that may be incongruent with his other views.

2. If not for the fact that they're an active threat to life, it would be hilarious that the people who use snowflake as an insult seem to be the ones to stomp their feet like a child when they don't get what they want.

@philip @jik@federate.social Actually it means I can't be punished by my employer for being a dick in personal time, to someone who was first being a dick to me. It doesn't give Jonathan a right to complain in a malicious attempt to interfere in my job, that's likely illegal. Yes anyone can break the law & cause serious damage to the victim in the process. It's shortsighted however & the punishment in return is severe, albeit slow. Your encouragement to break laws likely violates Mastodon's TOS, as well.

@scar Yawn, I'm going to go ahead and use the block button now.

I suppose that stifles your speech on MY server too right?

@jik This is just confusing… I know I’m using an unsupported configuration, but maybe just assume I’m using a totally different piece of software, and then debug my issue for me with that assumption.

Wat.

@philip "Maybe if I ask the question in some weird, verbose, convoluted way, he won't notice that I'm asking him to help me with something that he's already told me twice he isn't going to help me with."
Honestly, I'm 99% certain that (a) if I were female-presenting, at least one of his emails would have called me a bitch, and (b) he has told a girl on the bus at least once that she should smile more and gotten angry at her when she refused to talk to him.

@jik
STG, I meet people sometimes who make me think the only way they were able to get a PhD was bc they had people doing literally every other thing in their lives for them, bc they know their field, but can’t think their way out of a paper bag.

No means no. How hard is that? What does it say about a person that they can’t hear it without unleashing righteousness indignation and abuse on the person who said it. It doesn’t matter ONE BIT that they think the no is unreasonable.

@jik You’d think that anyone thoughtful enough to know that they need to stop being rude from their workplace would also have the presence of mind to realize that such screeds never have any positive effects.
I especially don’t get being so entitled and upset over a TBird plugin. I’m sure SendLater is doing good work for people who like it but I can’t imagine getting so worked up about losing it.