parties candidating for the great mastodon election:
- gargamel party
- mike cole dot co
- witches coalition
- random ancap party
- party for people that have "after dark" accounts
- [This party was blocked on your instance. They're probably nazis. ]
- [This party was blocked on your instance. collateral damage. ]
+ 56 bigger parties that have their names in japanese
Anyway, I'm into:
#infosec - I like #reversing (or #reverseengineering ?) and #exploitdev
#gaming - I rather like #pokemon #pokémon :)
And probably some other assorted things I forget.
I just got an email from "Apple Support <firstname.lastname@example.org>"
do you think it's legit
At least it's very well detected by antivirus engines. https://www.virustotal.com/#/file/dd44b2ab72f74e4452c1cd0589950efb88253dfaa26e8862b330754ce84f810d/detection
It seems Chinese skids are just as hilarious as Western skids when it comes to shitty malware. I've just reversed a Chinese bot:
- Download+exec is broken (URL, not dl path, passed to WinExec)
- Various pacotes functions that seem copypasted from elsewhere, one leaks ~64kb memory per thread.
- Totally broken functionality to add a privileged user thanks to misunderstanding of MultiByteToWideChar
- Requires admin privs, no UAC bypass.
so fediverse alt accounts are basically horcruxes yeah?
500 characters is supposed to mean we can explore topics in depth while using about 1/5 of the posts we would need on birbsite
What it actually means is that I once posted a root of 500 emojis
This "Advanced Protection" thing. https://motherboard.vice.com/en_us/article/kz74ym/google-gmail-advanced-protection-security-keys-yubikey
It's a good idea, but I immediately thought of attackers putting Google accounts to ransom by obtaining access to them, turning the feature on, then offering to send the real user the Yubikeys for some amount of money... Kinda like that thing done with remotely locking iOS devices...
So, I've come back to Mastodon after a few months.
My home timeline is empty for some reason?!
Doesn't seem to be a good sign.
Somebody help me.
I went back to birdsite because of teh greater influence!!!11 and I got used to a mere one hundred and forty characters again.
And then I stopped coming here, very much the greater place if I can be bothered to put the time in.
Why won't the aviary just die already? There's an instance for everybody.
If anyone wants the source to my implementation of mpscript, just ask and I'll give it. The reason why it's not in the archive is mainly because it's full of dirty hacks -- but I guess anything that interfaces to closed-source binaries in this way would be, so...
Hey #infosec guys and any interested reversers/others,
Here it is, along with an almost year-old MpEngine.dll (obviously vulnerable to the bug that GP0 found, in case anybody wants to investigate that further).
Private symbols are included for both binaries. (~Year-old Windows private symbols sets leaked somewhat recently.)
Mirror far and wide. https://rol.im/mpscript.rar
Hey #infosec -
Intel AMT has some issues. It's a way of doing out of band management of hardware. Most of you probably don't care about it, but there's going to be some hardware type patches soonish.
In the meantime, set your firewalls to deny port 623, 664, and 16992 - 16995 at your gateways, and set your IDS to look for that traffic originating from any systems other than those specifically authorized.
Or disable AMT entirely.
Google and QUIC Show more
Overview: Google is now serving ads over the experimental QUIC protocol, which runs over UDP. Browser plugins that rely on webRequestin Chrome - like ad blockers - can't (and have never been able to) address UDP.
My initial impulse is to blame this on one hand not knowing what the other is doing, not on malice. I suspect that the ads team is doing their part by using the new protocol, and the browser team hasn't caught up.
But I'm not at Google, so what do I know?