neurovagrant

jerry , 3 days ago (edited 3 days ago) to random

🤯😱

EDIT: many people have pointed out that the breaker will still trip, and in fact this is actually required by fire code.

alice , 10 days ago to random

I just went on a follow-fest for women with a PhD, but realized I'm already mutuals with almost everyone who shows up in the limited search results 😋

If you're a Dr. Gal or other female science communicator type, pop into the thread, say hi!

I'd love to learn about what you do 💜
(and I'm sure lots of others would too)

#WomenInStem #FollowFriday (on Tuesday) #WomenInMedicine #Dr #PhD

jerry , 16 days ago to random

It’s a rather humbling thing to have the HR person that’s supported me for years ask where I want the box sent so I can return my company laptop and how many days of vacation I took so they can pay out the balance. A rather disappointing end to a 25 year run, first with Netrex that was bought in 1999 by Internet Security Systems, which was bought in 2006 by IBM.

Anyway, here we goooo

jerry , 20 days ago to random

I find it interesting that around 90% of spam account signups on Infosec.exchange use a gmail address to register. Now, that’s partly biased because I’ve blocked most of the junk email services that allow creating email addresses without needing to sign in or register, so I don’t know what it would look like if those were permitted, however it must be quite efficient for people to create large numbers of gmail accounts.

dangoodin , 24 days ago to random

A reminder that if you're a member of a union or consider yourself pro labor you should avoid buying from Amazon whenever possible.

https://www.404media.co/amazons-ai-warehouses-isolate-workers-impact-union-organizing-new-report-finds/

neurovagrant , 26 days ago to random

This is a cool advance, but also some top-notch nightmare fuel.

Makes me think of the chemical the Panther Moderns pretended they put in the Sense/Net building water supply during Molly’s run.

https://au.news.yahoo.com/the-worlds-first-tooth-regrowing-drug-has-been-approved-for-human-trials-174423381.html

jerry , 26 days ago to random

[Thread, post or comment was deleted by the author]

jerry , 1 month ago to random

The sheriff is out doing very low flybys to try to get people out of the water today due to strong rip currents. It’s not working so well.

jerry , 1 month ago to random

Hypothetically speaking, if I needed a university text book on short notice, where could one find those to download? This is totally not because my son forgot to buy a book for an assignment that is due today.

lowqualityfacts , 1 month ago to random

Turned 32 today. I share a birthday with Bob Dylan, John C. Reilly, and billions of ants.

jerry , 1 month ago to random

I do wonder how long till systemd has Recall-like functionality

molly0xfff , 1 month ago to random

back in my day we called this spyware

#AI #privacy #Microsoft

neurovagrant , 1 month ago to random

You'd think Mozilla would work hard to differentiate themselves from other corporations in that sphere, rather than making the same stupid, user-antagonistic choices.

https://blog.mozilla.org/en/products/firefox/firefox-search-update/

Nonya_Bidniss , 1 month ago to random

Why do I keep getting no-follower, locked, French language accounts trying to follow me? Seems like what could be called "inauthentic behavior." I've been blocking them.

lowqualityfacts , 1 month ago to random

Look, I get it. Jack wants the freedom to sport that godawful beard and Twitter is genuinely the only place where wannabe billionaire simps won't roast him for having facial hair that somehow screams "white supremacist billy goat".

Em0nM4stodon , 1 month ago to random

If you are the tech-savvy person within your family or friends group :blobcatcool: :

Never ever shame someone for coming to you for advice after being the victim of a scam, malware, or for using an unsecure product.

If you do this,
they might never come back to you later. They might just feel so ashamed they will just stay alone with their tech problems.

Instead, always tell them:

1. It was a good idea to come to you with this. Be empathetic with them 💚

2. Give them advice on how to minimize the damage now. Actionable advice 🚑

3. Help them harden their security for now and for the future. Recommend better products to them. But be careful not to overwhelm them with advice. One step at the time 🔒

4. Talk to them with respect and empathy. Tell them how the people who abused their trust are horrible and anyone can fall for the right scam. Remind them there are things to do to reduce the risks of being victimized again in the future, and help them slowly implementing these 💪

5. Be thankful they trusted you with this. It means they think highly of you 🥰

#Security #Privacy

jerry , 2 months ago to random

So, it turns out today was “chainsaw adoption day” at Home Depot. I just couldn’t let that poor chainsaw stay homeless.

neurovagrant , 2 months ago to random

"where were you radicalized?"

the iphone i couldn't secure outgoing data on,

the tv i couldn't avoid injected ads on,

the quiet of my own home penetrated by 801 data processing partners

simply for wanting to connect.

neurovagrant , 4 months ago to random

I got to spend a while talking about @pluralistic on the work infosec podcast (his recent article about getting scammed was a fantastic writeup).

As a bonus, I also got to pull in @Wolven 's impressive work on AI as @NotTheLinux and I pondered about the future of scams.

https://www.domaintools.com/resources/podcasts/breaking-badness-cybersecurity-podcast-179-scamily-matters/

neurovagrant , 4 months ago to random

Apple: Hey dude this domain keeps getting contacted by multiple apps, it may be building a profile on you.

Me: Okay so you’re going to let me regulate device traffic to that domain, right?

Apple: uh…

pluralistic , 4 months ago to random

I wuz robbed.

More specifically, I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened. And then he tried to do it again, a week later!

--

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security

1/

neurovagrant , 4 months ago to random

just sayin’

lowqualityfacts , 4 months ago to random

Nicotine withdrawal sounds rough.
https://patreon.com/lowqualityfacts

neurovagrant , 5 months ago to random

Five years ago today, on AI and jobs...

lowqualityfacts , 5 months ago to random

Those were the good old days.
https://patreon.com/lowqualityfacts

neurovagrant , 6 months ago to random

Fortify.

I dig it.

neurovagrant , 10 months ago to random

Hello friends, I've seen the below image come up a few times elsewhere and am going to expound a little!

While the hyperlinks in the image display correctly, those aren't actually the addresses of those sites! Instead, they're the Internationalized Domain Name replacements - examples of what are called IDN Homograph Attacks.

It's incredibly hard to include all characters from all active alphabets in the mechanisms that resolve domain names - so currently that letter set is restricted, and instead uses a translation system called Punycode to move between a visual URL with the correct characters and a domain name your computer can actually resolve to a website.

So while neurovagrant[.]com is fine either way, nӘ̃urovagrant[.]com isn't! The actually domain would be xn--nurovagrant-rkg322d[.]com.

Notice that xn-- ! That's what tells browsers and other software that it's an IDN domain, and to try and translate it.

Attackers use this to their benefit. So:

xn--mcrosoft-security-teams-1ec[.]com can appear in your email, on your twitter feed, in other places visually as: mícrosoft-security-teams[.]com

You may think you're signing in to check your retirement at vanguarɗ[.]com but it's actually sent you to xn--vanguar-4cd[.]com

A link that appears as vḙnmo[.]com actually sends you to the website xn--vnmo-q64a[.]com

They even target kids! Take a look at xn--rblox-jua[.]com - which looks like röblox[.]com in most settings. Note the diacritical mark above the first o.

If anything looks off, there's a reason. Always view links with skepticism, don't click on things unnecessarily, and always sign into the sites you use by going to the domain name you know.

Stay frosty out there, friends.

#cybersecurity #infosec #StayFrosty