Did you know, on Zyxel GS1200-5 switches they use a crappy admin password encoding algorithm that makes the password “Password6” interchangeable with “p5ssWor8b”? It ignores case and overlaps characters a-e with 5-9. Also, shout out to @hdm and @runZeroInc for including zyxel’s info disclosing system_data.js data in their runZero scan results! Read all about my adventures bug hunting this switch. This is my nemesis project and has taught me so much about #reverseengineering and #hardwarehacking. https://medium.com/@gerrygosselin/project-zyxel-gs1200-5-part-1-c79db5148956
But if you would ever consider writing a scientific paper, this is the best way to do so: https://psyarxiv.com/2uxwk/download
I point this situation out whenever people say Blue Checks have nothing to do with social status:
Richard Spencer, the white supremacist, was once a Blue Check. What's more people demanded that his Blue Check be removed—not because the Twitter account in question was an imposter. There was no doubt the account was verified, that was not up for debate.
The Blue Check was removed because Twitter wanted to revoke the social status that came with the it.
The appeal is social status.
@sj Oh, and that reminds me of the time a client asked me to audit an app they hired another company to write. So the person paying for the audit was not the person who wrote the code.
One requirement was 256-bit AES in transit. The devs couldn't figure out hire to get any DH exchange working, so they just had each side generate and send the AES key.
I kid you not.
My report reflected they did not initially meet that security goal, but we helped them meet it by the end.
@sj sounds fun.
Look at the SMTP headers from services like PhishMe and you can write a rule that guarantees the user will pass all phishing tests. Roll that out and security will be measurably beter. 😂🤣
The difference between what is being required or measured is worth higlighting.
I consider it a very under-appeciated fact that Xiaomi was caught red-handed spying on their users from their default browser. And by that I mean: exfiltrating the entire browsing history and more, sending the data to their servers.
Then there was an outrage and they “fixed” the issue. If you enable “Incognito Mode” but leave “Enhanced Incognito Mode” off, this exact settings combination will make them stop collecting your data. It’s so self-explaining that they in fact don’t bother explaining it.
And everybody is just fine with that. Tech publications review their devices by their hardware merits. People keep buying them. The topic is over.
ICYMI Some of the ML work I did on threat detection from net flow and graph features got published in the IEEE International Conference on Computing, Communication, and Intelligent Systems. Basically autoencoders on some good datasets & feature engineering
@Lee_Holmes those are nice, but it reminds me of all the pain that Metasploit went through trying to scale Ruby, very painful issues when the thread count started increasing. Lots of recopying strings. GIL. It can be done, usually passing a lot of things through sockets to other processes. One can dream of a rusty, truly parallelized solution that avoids all that CPU and IPC.
Every post about fiddling with process count configs etc to scale mastodon feels extremely wrong. I mean, sure, there's probably a setting that will work for a given site, but the process not being able to efficiently scale multithreading itself is a huge arch/efficiency red flag. I wonder if anybody has taken on polishing up rustodon lately.
Everyone loves https://canary.tools and I wholeheartedly recommend that you take a look (and adopt the free tokens if nothing else); but there is another amazing free+awesome toolkit that most companies would benefit from without a privacy audit requirement: https://healthchecks.io - they do exactly what they say, really well, and are both cost-conscious and nerd-savvy. This is almost the opposite of a canary - it reports things that didn't fire - you can find all kinds of creative ways to make this security relevant while staying super inexpensive.