Shawn Webb is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Shawn Webb @lattera@mastodon.social

Shawn Webb boosted

TIL that openssl s_client knows a -servername parameter to support SNI towards the server you're connecting to.

(And that, at least in certain configurations, IIS with SNI support enabled doesn't provide any certificate if you don't specifiy a server name.)

Shawn Webb boosted

My phone is now behind . Let's see how this goes.

Hey @Tusky, any plans to support multiple accounts?

Once is available for the Pixel 2 XL, I'll make the switch. I've got it on my tablet and I like it.

Shawn Webb boosted

Greetings everyone, also followed Tinker over from Twitter. I dabble
in a bit of everything, TI, IR, Red, Blue, management, and a bit of python. I manage the SOC, IR and Dev team at a small MSSP. Formally part of the Shadowserver project, VMware CTU, and a stint through the common three letter fed orgs. #introductions

After the commit in linked to below, it'll be time for a new exp-run. If successful, we'll set llvm-ar, llvm-nm, and llvm-objdump as the default ar, nm, and objdump, bringing us one step closer to Cross-DSO CFI in base.

github.com/HardenedBSD/hardene

Shawn Webb boosted

"Can't disable HTTP because too many people around the world have limited internet access" yeah right, mandatory encryption is really limiting 🙄🤔 bugs.freebsd.org/bugzilla/show t.co/CGP86jUbhd

Turns out the handyman we hired to do a few odd jobs around the house is a racist.

He no longer works for us.

I just kicked off a new exp-run for with llvm's nm, ar, and objdump as the base nm, ar, and objdump. This work will enable us to better integrate CFI in our ports tree. It's also needed for Cross-DSO CFI.

Shawn Webb boosted
Received today: the vinyl of "Victor" by Féroces, with some stickers! \o/ #Music #PostRock #Vinyl

Féroces is a instrumental post rock band, from France.

https://feroces.bandcamp.com/
victor-vinyl.jpg

I wonder when we'll see SGX and/or CET instructions as nopsleds on "older" systems.

Shawn Webb boosted

Lenovo OEM-installed crapware comes with a nice Code Execution feature! Could be used to bypass app whitelisting or privesc (guest account to main user) riscy.business/2017/12/lenovos t.co/zP6fSrFgLq

Shawn Webb boosted

's blocking of copy-paste makes people unsafe.

It basically means people cannot use password managers for their GnuPG key passwords. The alternatives for most users are:
- use a shitty password (perhaps re-using it);
- use a key without a password.

The person who came up with this idiotic idea should get drawn and quartered.

My home network now attempts to block unencrypted data. Now to get a burner phone set up on it and tcpdump all it's traffic.

If I can confirm all my data is sent using encrypted comms, I'll switch my regular phone to being behind Tor.

Shawn Webb boosted

Good news: Tusky 1.4.1 is finally available on f-droid!