C-Keen is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

C-Keen @ckeen@mastodon.social

Pinned toot
Pinned toot

In other words, to disagree well you must first understand well. You have to read deeply, listen carefully, watch closely. You need to grant your adversary moral respect; give him the intellectual benefit of doubt; have sympathy for his motives and participate empathically with his line of reasoning. And you need to allow for the possibility that you might yet be persuaded of what he has to say.


I need to desolder a usb connector off a teensy board. Any hints on how to do tihs best? I should probably get the hot air station from the fablab for this job...

C-Keen boosted

I should upgrade this mailserver tonight...

The business squad: A boss, a project manager and the expert.

C-Keen boosted
C-Keen boosted

I'm glad #KRACK was disclosed responsibly, with a 3-month embargo, so that vendors could prepare fixes and have them ready in time for the public announcement.

C-Keen boosted

My other car is a well funded public transit system

Dear mainling list manager maintainers: it would be an awesome feature if you would include a 'permalink' to the mail archives if it exists to each mail, either in the footer or in an X-Header so I can link to it from my mail reader.

To be fair, while WPA2 being broken a bit does quite distract from the fact that after your router there is a rather hostile place called the internet where every spook and big corp of this planet is rather interested in your traffic.

Industry strength mitm proxies and DPI equipment kinda make the 'hacker in your home network' look like lil' bobby tables from next door who accidentally ran a little script he found on pastebin.

Even if there's no WPA2 flaw and you patched everything: use E2E!

C-Keen boosted

I wonder how many years it will be before a majority of Android devices will be updated to fix the WPA2 key reinstallation flaw.

Periodic reminder of the absurdity of allowing vendors to distribute known trivially-exploitable software without being held to any level of liability: emptywheel.net/2017/09/14/soft

Gah schon wieder Reifen kaputt, nehmt doch die Hipster Räder neben meinem Schrottbike ey

C-Keen boosted
#OPSEC: Wenn der Drogenhändler alles haarklein speichert, wird das nichts.

gah I am a short attention span developer today...

C-Keen boosted

@kellerfuchs @phessler Or maybe just not moving the goal posts on disclosure? *did* honor the original embargo. They did not agree to another extension. Even so, they left out parts of the patch that explained it until the extension ended.

C-Keen boosted

@ckeen 1/2 I've been investigating on that. for the last two hours (procrastination, procrastination)

Seems you are exposed to this UDP vulnerability only if you use udp_recv() call with the MSG_PEEK flag.

After adb'ing my /system/bin phone directory and greping the source code of these binaries, I only found 1 potentially vulnarable software: dnsmasq ( github.com/guns/dnsmasq/blob/f )

DNSMasq is alive only while tethering a connection (it is used as a DHCP server).

So I guess you are safe as long

I would appreciate a nice cup of coffee

Heh on the mastodon web ui some of my posts stick to the top of the federated timeline for some reason... @Gargron

I will probably need a dumb phone without wifi... or a linux kernel for that.

✅ Train Tickets
✅ Hotel Reservation