justsomeadvice0
No user record in our sample, but justsomeadvice0 has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
No user record in our sample, but justsomeadvice0 has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
I think GP intended to convey "under the price in the article" ($83/kwhr).
IIRC macOS got rid of privileged ports for these reasons. Dunno about iOS... But in any case what cell provider is going to let you handle inbound traffic? Most of the wifi networks you are on are NAT'd, etc. At best…
Yea, agree with this guy. Anyways I took "novel attack vector" to just mean "first time we've heard of using SSPR against AD". They even used the existing acronym "SSPR", so they're not claiming to have discovered the…
They just claim to have identified abuse of an "SSPR" attack happening against Azure AD in the wild. What part is a lie?
While you can't memorize it (memorizing a fair amount of entropy would take an intelligent human quite some time), you can of course store them offline (it's just a key). Today's initial implementation on macOS…
A long time ago I wrote a variant of this - the signup page would generate a token, place it in a hidden password field, submit a hidden form, and instruct the user to click the "Save password" dialog in their browser.…
> doing basic entropy checks on a user-provided password pretty much solves the issue anyways. No it does not. Users will find one high-enough-entropy variant of their password, and reuse it across all sites for life. >…
You can use mTLS client certificates (kept in the system key store) in browsers this way; but the UX is pretty hard to get right, and certificates nearly always have to have an expiry date to deal with the…
Lots of people end up with AgentForward on by default as a sort of "make it work" fix, and lots of people use `git+ssh` on untrusted servers. Here's an example: https://abyssdomain.expert/@filippo/109659699817863532 TBF…
> Social media networks with over 100,000,000 daily active users should not be considered as "private companies with a right to free speech through censorship". They are effectively public squares that we have all…
It took me a while to understand what you were talking about at the end there. I think the author is referring to a grammatical period ('sorry' vs 'sorry.'), not the menstrual kind, lol.
This strikes me as a very strange opinion, especially now when Threads has 100M users 5 days out and is expected to support ActivityPub. In any case: since the beginning, pointing and laughing at Mastodon (a single AP…
Trying to be fair here - it's technically not linked to any blockchains. It's just (ab)using the cryptographic primitives provided by the Metamask wallet app to sign things with a key stored in the wallet. That key…
Because they clicked a button in this incredibly intuitive UX that said "Sign wiki edit", and then clicked "Confirm". I think you massively overestimate most users' grasp on cryptographic primitives...
I have never tried Waze, forgot there was a third option. Will have to give it a try after reading this thread; maybe it avoids some of the bugs in gmaps I keep running into
Sorry, but this is an absolutely terrible idea. Signing things is cool. Humans on the internet should sign more things. But why in the world would you want to use the same key that can instantaneously shred the dollars…
Agree the quality of Apple Maps has improved to the point of acceptability in my experience. In addition to privacy reasons, I end up using Apple Maps because Google Maps has been having a lot of really terrible bugs…
That sounds horrible and I would immediately quit the ecosystem... I have never experienced this in nearly a decade of use, but I also pay for TV+; is it possible you got the bad luck of getting a terrible A/B test or…
Yea, I gave up after: > Sure, the MacBook Pro I’m writing this article on works incredibly well — it’s objectively the best laptop I’ve ever owned — but it’s also the same thing everyone else has. The VPR Matrix laptop…
To my knowledge all modern DCs have out-of-band networks for this sort of thing that provide serial access to the BMC chip, nothing old school about that. Old school is having to submit a ticket to Jerry in the DC to…
If you are split-cloud under a homogenous puppet master without homogeneous break-glass SSH access (which would be crazy) then probably your best bet is to just re-kick the world. But the scaling factor for this sort of…
Been there before, we did exactly this; except over OOB+reboot-into-single-user (because SELinux). Took us a few days (~5k servers) but managed to get out of it with no public-facing downtime. The other way would have…
It's about cutting off any free exit ramps (people that use bots to xpost and tools that allow you to find/follow friends on new platforms), same as before. Then you make people choose: Twitter or "them".
Lots of folks can make the hop from SRE to pentesting; much of the knowledge space - especially post-exploitation - is very similar! You have the advantage that you know how to operate on a production box without…
good point