@Viss@mastodon.social cover
@Viss@mastodon.social avatar

Viss

@Viss@mastodon.social

D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳ
:: Founder, Phobos Group
:: Quad Flooper :: Scoville Addict
:: Public Speaker :: food pornographer
:: Twitter Alum (2011-2012)
:: security longhair :: tattoo'ed nerd

<script>alert(1)</script>
'>"></div><blink><marquee>visit hax.lol for a good time

#startups #security #infosec #redteam #publicspeaking #asm #attacksurfacemanagement #orbital #fundraising #saas
#drones #quads #hotsauce #spices #homeassistant #homeautomation #cartoons #animation

This profile is from a federated server and may be incomplete. For a complete list of posts, browse on the original instance.

jerry , to random
@jerry@infosec.exchange avatar

One thing I did not mention about this morning's outage was how absolutely amazing it was to be able to connect to and manage the server through its IPMI interface. I think I am sold on getting rid of the non-Dell servers after that.

Viss ,
@Viss@mastodon.social avatar

@jerry the supermicro ipmi interface i got on my behemoth server in the colo has saved my ass more than once. its absolutely glorious

jerry , to random
@jerry@infosec.exchange avatar

I just saw a commercial advertising “Freelance AI experts on Fivver”

video/mp4

Viss ,
@Viss@mastodon.social avatar

@jerry that lair-by-gondola lookin pretty great right about now

Viss , to random
@Viss@mastodon.social avatar

@pluralistic would you ever consider aiming your high powered research lasers at why we can buy cornetto practically everywhere in the developed world, but not the US? i can get it in: mexico, canada, england, sweden, norway, australia, malaysia, amsterdam... but not here, even though the good humor / magnum brand is here, this one specific product isnt. i learned this when i got marred like 12 years ago, and its been a splinter in my brain ever since

Viss OP ,
@Viss@mastodon.social avatar

@pluralistic is it hershey/nestle with the chocolate monopoly? is it the brand refusing to cave to americas abject refusal to stop cramming high fructose corn syrup into everyones eyeballs? dmca? patent trolling? the cloud? did an american shit in the wrong cornflakes one day and doom us all?

Viss OP ,
@Viss@mastodon.social avatar

@TerryBTwo @mark_f_lynch @pluralistic my condolences.

if you took a random cadbury bar from the uk and a random hersheys bar rom the us and did a side by side the difference is even more contrasted. its wild.

Viss , to random
@Viss@mastodon.social avatar

i wonder what we're all gonna do when the internet as we know it completely falls apart, because we let a half dozen companies control the entire thing, and now they're done with it and the exsanguination of all the available value has begun

Viss , to random
@Viss@mastodon.social avatar

i dont know how to reconcile these two headlines

image/png

Viss OP ,
@Viss@mastodon.social avatar

@darfplatypus where do I go to sign up for a 56 billion dollar pay package?

where they fuck are they gonna get the money? 56 billion is more than what the entire company makes in 6 months

jerry , to random
@jerry@infosec.exchange avatar

Eevee just got a brother. Welcome to the family, Rayquaza ❤️

Viss ,
@Viss@mastodon.social avatar

@jerry time to exercise that macro lens :D

jerry , to random
@jerry@infosec.exchange avatar

I find it interesting that around 90% of spam account signups on Infosec.exchange use a gmail address to register. Now, that’s partly biased because I’ve blocked most of the junk email services that allow creating email addresses without needing to sign in or register, so I don’t know what it would look like if those were permitted, however it must be quite efficient for people to create large numbers of gmail accounts.

Viss ,
@Viss@mastodon.social avatar

@jerry with mail servers this is called greylisting, and its a thing that totally works to cut down spam

jerry , to random
@jerry@infosec.exchange avatar

So much Wi-Fi enabled smart shit in this world. Why can’t I have a condensate pump that tells me when the drain line is clogged or running slower than normal?

Viss ,
@Viss@mastodon.social avatar

@jerry @munin im willing to bet you can make this happen with home assistant

jerry , to random
@jerry@infosec.exchange avatar

I wonder how many security programs are designed around meeting the expectation of auditors, vs designed to protect the environment which is then inspected by auditors 🤔

Viss ,
@Viss@mastodon.social avatar

@jerry if youre looking at industry verticals and not just inside the security echo chamber? upwards of 80% of em. easily

jerry , to random
@jerry@infosec.exchange avatar

3 weeks and 1 day left. Then I am going cold turkey on sleeping pills. You may see some ugliness from me as I try to reclaim my health.

Viss ,
@Viss@mastodon.social avatar

@jerry better out than in

jerry , to random
@jerry@infosec.exchange avatar

I was thinking that the new omniscient AIs can tell sentiment and mood. What if we don’t let people log in unless they are in a good mood? Log them out if they get into a bad mood.

What if email systems could send real time feedback to the sender in the faces you made while reading their diarrhea of the fingers?

Viss ,
@Viss@mastodon.social avatar

@jerry if you correlate their stress levels with their apple watches (cuz you KNOW those phone home) you dont even need their facial expressions - you can get a read on them before they have a time to grimace :D

Viss ,
@Viss@mastodon.social avatar

@jerry what are the chances those folks dont have 2fa on their icloud accounts? :D :D :D

jerry , to random
@jerry@infosec.exchange avatar

“Zero trust”

Viss ,
@Viss@mastodon.social avatar

@jerry "in our staff"

jerry , to random
@jerry@infosec.exchange avatar

The primary adversary most IT/sec shops are intended to defend against is auditors

Viss ,
@Viss@mastodon.social avatar

@jerry dodge those fines! get cheap insurance! thats the only goal!

jerry , to random
@jerry@infosec.exchange avatar

Don’t worry, our SOC2 report means we are totally secure.

Viss ,
@Viss@mastodon.social avatar

@jerry youre beginning to sound like me :D

infosec george carlin impersonators club! :D

jerry , to random
@jerry@infosec.exchange avatar

I need a cyber nap

Viss ,
@Viss@mastodon.social avatar

@jerry i need a sabbatical

jerry , to random
@jerry@infosec.exchange avatar

We take the security of your data very seriously, which is why we keep all of it forever in a database protected by Fortinet firewalls and accessible only via Invanti Pulse Secure VPN backed up to an s3 storage bucket we promise not to forget about.

Viss ,
@Viss@mastodon.social avatar

@jerry and all our staff is beta testing recall

jerry , to random
@jerry@infosec.exchange avatar

Is your board of directors cybering hard enough?

Viss ,
@Viss@mastodon.social avatar

@jerry a virtual smorgasboard :D

Viss , to random
@Viss@mastodon.social avatar

if anybodys got a handle on that new 361 million cred leak that came out of telegram, i'd appreciate any leads!

jerry , to random
@jerry@infosec.exchange avatar

I still remember a few years back, I had a recruiter chasing me about a CISO job at a company. Traditional CISO, seemed to fit my strengths.

The recruiter asked “do you have a CISSP?”

I said “no, but 30,000 people listen to my podcast each week and claim that time to keep up with their CISSP continuing education requirements”

He responded: “well, it’s kind of a big deal to them. Would you be willing to get that certification?”

I declined - I don’t think I would have been a good personality fit for them.

Viss ,
@Viss@mastodon.social avatar

@jerry woooooow. thats absurd.

like how little critical thinking was involved in that whole transaction, cuz to me that comes across as a dude whos somehow managed to cover his entire body in outward facing landmines

Viss ,
@Viss@mastodon.social avatar

@jerry i refer to that ability to percieve that as 'having whiskers about it', and it would appear yours are quite long

Viss ,
@Viss@mastodon.social avatar

@jerry every once in a while i get a chance to pull out "so my security whiskers are telling me ...."

jerry , to random
@jerry@infosec.exchange avatar

I need to start learning again after my brain has atrophied so I can go find a new job. Ideas on what to study?

Viss ,
@Viss@mastodon.social avatar

@jerry what do you feel like doing?

Viss ,
@Viss@mastodon.social avatar

@jerry well, i still get their spam, so its worth mentioning - harvard online has at-your-own-pace courses for a TON OF SHIT, so if you want to study quantum physics and clownshoes cybercyber law you totally can.

and with your pedigree, you could straight up just boop an llc and start consulting. i would 1000x rather you do a public or private speaking circuit with your intel than someone like mitnick. and every trip book a couple extra days for a photo walk!

jerry , to random
@jerry@infosec.exchange avatar

Update on my dad...

For background, my mid 70's parents drove from ATL to Michigan on Thursday to attend my neice's high school graduation. Friday morning, my dad wasn't feeling well and he kept feeling worse. After convincing himself that it wasn't just indigestion, he went to a local hospital ER. While there, he started developing intense pain in his chest. The ER docs hooked him up to an EKG and ran an enzyme test to see if he had a heart attack. They came back clean. But the pain was worsening. The doc administered some morphine, which apparently did nothing. They hooked him back up to the EKG and monitored him for a bit. While monitoring him, he had a heart attack.

The docs rushed him into surgery where he needed 3 stents to open up an artery that was 99% blocked.

He was moved out of ICU into a regular bed today and expects to be discharged tomorrow. He has to wear a defibrillator vest for the next 3 months, while he is assessed for futher treatments. My dad describes the vest as a "bra with metal pop-tarts all the way around his chest". I had a chance to talk to him today and he says that he feels better than he has in many years, other than the pop tart bra.

The doctor told him that the only real reason he was able to survive was that it happened while he was in the hospital. Apparently this sort of heart attack is not one that people commonly survive otherwise.

I am immensely grateful to the doctors, nurses, scientists, janitors, clerical staff, and so on, that gave me and my family the incredible gift of more time with my dad.

Viss ,
@Viss@mastodon.social avatar

@jerry whoa - glad your dad is ok! what a ride!

jerry , to random
@jerry@infosec.exchange avatar

Hold on to your butts.

Viss ,
@Viss@mastodon.social avatar

@jerry let the disinformation madness begin

Viss ,
@Viss@mastodon.social avatar

@NosirrahSec @jerry orange jumpsuit pics when

vampiress , to random
@vampiress@eigenmagic.net avatar

Ironic punishment idea: the board members of any tech company involved with LLMs are put in submersibles and left at the bottom of the deepest parts of the ocean, their only way to save themselves a terminal with ChatGPT to help guide them through incredibly specific technical challenges.

Viss ,
@Viss@mastodon.social avatar

@vampiress where do i put my money. do you take requests of which execs go first, or in what manner they are abducted?

is there a follow-on betting pool associated with if the submersible caves in, or if they somehow escape?

jerry , to random
@jerry@infosec.exchange avatar

I know it’s hot to hate on AI right now, but I just used the latest version of Lightroom to edit some family pics from the beach last night and… wow. Some of their AI stuff is quite nice.

Viss ,
@Viss@mastodon.social avatar

@jerry i guess thats an example of adobe (who knew?!) actually tuning something for a narrow, specific purpose, as opposed to everyone else, who is trying to staplegun llms into absolutely everything like they triedwith blockchain previously

jerry , to random
@jerry@infosec.exchange avatar

Enterprise VPNs are certainly having their moment in the sun lately. Sadly, the security practices of many security companies means we are probably in for a lot more of this.

Viss ,
@Viss@mastodon.social avatar

@jerry php5, kernel 2.4, 32 bit OS, everything chmod 777..

500k/yr plus support contracts.
if you ssh in it voids the warranty

Viss ,
@Viss@mastodon.social avatar

@jerry no body, no crime!

ashleygjovik , to random
@ashleygjovik@mastodon.social avatar

You guys, I'm still banned forever from Wikipedia (I can't even submit complaints about people harassing me), but Apple's back in my biography article defending toxic waste & calling me a liar. Can someone who is not banned please go report this & try to get the changes reverted?

edits:In 2024, Apple filed a motion to dismiss most of Gjøvik's 15 claims, including her RICO claim, and whistleblower claims under the [[Sarbanes–Oxley]] (SOX) and [[Dodd–Frank Wall Street Reform and Consumer Protection Act|Dodd–Frank Wall Street Reform and Consumer Protection]] Acts. In May, Edward Chen, the presiding judge, dismissed the whistleblower claims [[with prejudice]] because she did not make a valid whistleblower complaint to the SEC. Her allegations around the Stewart 1 office were similarly permanently dismissed for their validity.<ref name="gjovikvapple">{{cite web |last1=Chen |first1=Edward |title=Gjovik v. Apple Inc., 23-cv-04597-EMC|url=https://casetext.com/case/gjovik-v-apple-inc-1 |date=May 20, 2024|access-date=2024-05-25| website=Reuters casetext}}</ref>
ALT
  • Reply
  • Expand (4)
  • Collapse (4)
    • Viss ,
    @Viss@mastodon.social avatar

    @ashleygjovik cc @molly0xfff this seems like maybe something you could help with?

    Viss ,
    @Viss@mastodon.social avatar

    @molly0xfff ah. oops. sorry. i was unaware of the background

    jerry , to random
    @jerry@infosec.exchange avatar

    First beach pic with my new lens

    Viss ,
    @Viss@mastodon.social avatar

    @jerry 300mm prime?

    Viss ,
    @Viss@mastodon.social avatar

    @jerry woooooe! nice!

    jerry , to random
    @jerry@infosec.exchange avatar

    The new Recall features is a good reason to remind everyone to not do personal shit on your work computer. Please.

    Viss ,
    @Viss@mastodon.social avatar

    @jerry and this is even before "if your org hires a redteam, that redteam may end up sifting through your machine during an engagement to leapfrog off your access and WILL ABSOLUTELY FIND YOUR WEIRD KINK DOWNLOADS AND SHIT YOU SHOULDNT HAVE AT WORK, and it may end up in the report as 'users who can be leveraged by ransomware gangs in out-of-band ways' "

    jerry , to random
    @jerry@infosec.exchange avatar

    I found a video of the new Microsoft Recall feature

    video/mp4

    Viss ,
    @Viss@mastodon.social avatar

    @jerry but but but (they'll say)

    ai6yr , to random
    @ai6yr@m.ai6yr.org avatar

    👀 https://lapublicpress.org/2024/05/lasd-deputy-arrested-for-allegedly-smuggling-drugs-into-county-jail/

    Viss ,
    @Viss@mastodon.social avatar

    @ai6yr straight out of the @pluralistic book :D

    jerry , to random
    @jerry@infosec.exchange avatar

    A few more pics from today. Various orchids and another of the red daisy. Any feedback/critiques?

    #bloomscrolling

    image/jpeg
    image/jpeg
    image/jpeg

    Viss ,
    @Viss@mastodon.social avatar

    @jerry back when i was doing the photo thing, i found a cheap glass chessboard and i used it exactly the same way you're using that reflective surface. i used a white background, but the chessboard was using just clear glass for some squares and frosted/sandblasted for the other squares. it looked pretty neat! if you can get your hands on other reflective surfaces its a fun thing to try

    Viss ,
    @Viss@mastodon.social avatar

    @jerry its been years, but i remember something about how black background vs white background can hide different flavors of sins

    jerry , to random
    @jerry@infosec.exchange avatar

    Experimenting….

    #bloomscrolling

    Viss ,
    @Viss@mastodon.social avatar

    @jerry

    Viss ,
    @Viss@mastodon.social avatar

    @jerry this is very well done.

    jerry , to random
    @jerry@infosec.exchange avatar

    Lots of tornados lately. I blame traffic circles.

    Viss ,
    @Viss@mastodon.social avatar

    @jerry

    video/mp4

    rbreich , to random
    @rbreich@masto.ai avatar

    Boeing shareholders approved a $33M pay package for CEO Dave Calhoun, despite overseeing huge losses and safety problems.

    It's the biggest package ever given to a Boeing CEO.

    Calhoun is resigning by year's end. Guess what he gets then?

    A $45 million golden parachute.

    Unreal.

    Viss ,
    @Viss@mastodon.social avatar

    @rbreich how is it ransomware groups arent going after THOSE folks?

    molly0xfff , to random
    @molly0xfff@hachyderm.io avatar

    very cool to see a quote from my recent writing on AI (https://citationneeded.news/ai-isnt-useless/) in a piece by Julia Angwin in the New York Times this morning!

    https://www.nytimes.com/2024/05/15/opinion/artificial-intelligence-ai-openai-chatgpt-overrated-hype.html?unlocked_article_code=1.sE0.SV0g.r4iVMq0NT6z7&smid=nytcore-ios-share&referringSource=articleShare&sgrp=c-cb

    It feels like another sign that A.I. is not even close to living up to its hype. In my eyes, it’s looking less like an all-powerful being and more like a bad intern whose work is so unreliable that it’s often easier to do the task yourself. That realization has real implications for the way we, our employers and our government should deal with Silicon Valley’s latest dazzling new, new thing. Acknowledging A.I.’s flaws could help us invest our resources more efficiently and also allow us to turn our attention toward more realistic solutions. Others voice similar concerns. “I find my feelings about A.I. are actually pretty similar to my feelings about blockchains: They do a poor job of much of what people try to do with them, they can’t do the things their creators claim they one day might, and many of the things they are well suited to do may not be altogether that beneficial,” wrote Molly White, a cryptocurrency researcher and critic, in her newsletter last month. Let’s look at the research.
    ALT
  • Reply
  • Expand (12)
  • Collapse (12)
    • + Npars01
    Viss ,
    @Viss@mastodon.social avatar

    @molly0xfff nice! congrats! thats gotta be a great pat on the back :D

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • worldmews
  • mews
  • All magazines
    •