GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Ben Aveling (benaveling@infosec.exchange)

  1. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 18-Jan-2026 00:30:08 JST Ben Aveling Ben Aveling
    in reply to
    • Franchesca
    • Broadwaybabyto
    • Drumchord

    Relevant: https://jorts.horse/@ecosurrealism/114088955703056555

    @Frantasaur @charleekress @broadwaybabyto

    #aposematism

    In conversation about 6 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: media.jorts.horse
      Degrowth or Extinction (@ecosurrealism@jorts.horse)
      from Degrowth or Extinction
      Attached: 1 image #pwnd #darkwoke #aposematism #predators
  2. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Friday, 16-Jan-2026 04:58:14 JST Ben Aveling Ben Aveling
    in reply to
    • Rich Felker
    • Troy Hunt

    Did you use AI to generate the article? @troyhunt @dalias

    In conversation about 6 months ago from infosec.exchange permalink
  3. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Monday, 21-Apr-2025 19:56:40 JST Ben Aveling Ben Aveling
    in reply to
    • Patrick C Miller :donor:

    @patrickcmiller Need scare quotes around "reasons"

    In conversation about a year ago from infosec.exchange permalink
  4. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 13-Apr-2025 07:37:15 JST Ben Aveling Ben Aveling
    in reply to
    • Poloniousmonk
    • feld

    @Uair @feld cold weather does cause colds, via precisely the mechanism you identified. Old wives are worth listening to.

    In conversation about a year ago from gnusocial.jp permalink
  5. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Saturday, 12-Apr-2025 19:34:44 JST Ben Aveling Ben Aveling

    With apologies to Benjamin Schwartz. #NewYorkerCartoons #NewYorkerCartoonsUpdated #fads #AI #Crypto #Quantum #Hype #VC

    In conversation about a year ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/092/723/821/625/010/original/628e57ec00e76e4b.png
  6. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Friday, 11-Apr-2025 03:05:36 JST Ben Aveling Ben Aveling
    in reply to
    • Adam Shostack :donor: :rebelverified:

    @adamshostack They spend more on lawyers than they spend on security.

    In conversation about a year ago from infosec.exchange permalink
  7. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Thursday, 27-Feb-2025 21:56:11 JST Ben Aveling Ben Aveling
    in reply to
    • Cory Doctorow
    • Björn 🌸 Starkimarm

    @pluralistic @Starkimarm
    Wolf: let me explain why fences are bad for sheep

    In conversation Thursday, 27-Feb-2025 21:56:11 JST from infosec.exchange permalink
  8. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 12-Jan-2025 07:37:59 JST Ben Aveling Ben Aveling
    in reply to
    • Patrick C Miller :donor:

    @patrickcmiller It's almost as if being a Nazi's disqualifies you from having a sense of humour.

    In conversation Sunday, 12-Jan-2025 07:37:59 JST from infosec.exchange permalink
  9. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Monday, 30-Dec-2024 04:31:18 JST Ben Aveling Ben Aveling
    • mekka okereke :verified:
    • Rich Felker
    • hramrach
    • Paul Houle

    @hramrach engagement based on anger is a sugar hit. It’s real, and compelling in the moment. But it also makes visiting whatever site less attractive @mekkaokereke @UP8 @dalias

    In conversation Monday, 30-Dec-2024 04:31:18 JST from infosec.exchange permalink
  10. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 03-Nov-2024 06:36:27 JST Ben Aveling Ben Aveling
    in reply to
    • Graham Sutherland / Polynomial
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc I found it here https://www.manufactum.com/door-mat-wire-mesh-a88879/
    I haven't checked if they'd deliver it to where you are, but I assume you can find something similar locally anyway.
    @gsuberland

    In conversation Sunday, 03-Nov-2024 06:36:27 JST from infosec.exchange permalink

    Attachments


  11. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 03-Nov-2024 06:32:44 JST Ben Aveling Ben Aveling
    in reply to
    • Graham Sutherland / Polynomial
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc I've seen people using a wire mat under a conventional mat.
    But there are also a sort of combined thing available that possibly works better.
    @gsuberland

    In conversation Sunday, 03-Nov-2024 06:32:44 JST from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/415/490/038/970/939/original/fd4fe4822a38931d.jpeg

    2. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/415/496/148/608/412/original/f318a0d399ef6322.png
  12. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Tuesday, 24-Sep-2024 23:28:56 JST Ben Aveling Ben Aveling
    • Kevin Beaumont
    • IAintShootinMis

    @GossiTheDog @iaintshootinmis we’re told there’s some simple mitigations that will be included in the announcement on the 6th.
    Probably worth scheduling someone to watch for those, with stakeholder contact details and access to whatever mgt tooling you use for deploying changes/running commands across the fleet.
    For some companies that means scheduling a change/outage window, so there might be some prep required for that.
    #EvilSocket #EvilSocketVuln

    In conversation Tuesday, 24-Sep-2024 23:28:56 JST from gnusocial.jp permalink
  13. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Tuesday, 27-Aug-2024 04:44:52 JST Ben Aveling Ben Aveling
    in reply to
    • Church of Jeff

    @jeffowski They will never admit they were fooled. They will however magically pivot to never having supported him.

    In conversation Tuesday, 27-Aug-2024 04:44:52 JST from infosec.exchange permalink
  14. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Friday, 23-Aug-2024 02:01:43 JST Ben Aveling Ben Aveling
    in reply to
    • mcc

    @mcc I got a HD in 1st year quantum physics. I understood nothing about quantum physics, but I could apply the formulae.

    In conversation Friday, 23-Aug-2024 02:01:43 JST from infosec.exchange permalink
  15. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Tuesday, 06-Aug-2024 19:21:05 JST Ben Aveling Ben Aveling
    in reply to
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc Looking around, current consensus seems to be that if quantum ever happens, then ECDH is not going to be resistant.
    On the other paw, 1. it's not clear that quantum will happen (because noise) and 2. even if we were sure that quantum will happen, it's not clear that any of the current alternatives are better.
    Perhaps the old adage still holds, the only enduring secret is the one that isn't written down.
    @ada

    In conversation Tuesday, 06-Aug-2024 19:21:05 JST from infosec.exchange permalink
  16. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Monday, 12-Feb-2024 18:53:11 JST Ben Aveling Ben Aveling
    in reply to
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc if you’re mitm’d then it doesn’t matter how good your password is…

    In conversation Monday, 12-Feb-2024 18:53:11 JST from infosec.exchange permalink
  17. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Monday, 12-Feb-2024 05:30:53 JST Ben Aveling Ben Aveling
    in reply to
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc how did we segue to phishing?

    In conversation Monday, 12-Feb-2024 05:30:53 JST from infosec.exchange permalink
  18. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Friday, 09-Feb-2024 20:41:05 JST Ben Aveling Ben Aveling
    in reply to
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc interesting.
    back of the envelope calculation for that attack, assuming 6 letter words, chosen randomly, 3 letters, chosen randomly, 5 guesses, attacker has full knowledge of those 3 letters => almost 70% chance of guessing.
    Much harder if the attacker knows the letters but not the exact locations.
    Also a lot harder if the bank is deliberate in its choosing of letters rather than completely random - many words have some combination of 3 letters that are a complete 100% giveaway and other combinations that are very much not.

    In conversation Friday, 09-Feb-2024 20:41:05 JST from infosec.exchange permalink
  19. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Sunday, 04-Feb-2024 21:23:06 JST Ben Aveling Ben Aveling
    in reply to
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @ryanc … but you only get a few wrong guesses before it locks.

    In conversation Sunday, 04-Feb-2024 21:23:06 JST from infosec.exchange permalink
  20. Embed this notice
    Ben Aveling (benaveling@infosec.exchange)'s status on Thursday, 01-Feb-2024 20:56:34 JST Ben Aveling Ben Aveling
    in reply to
    • Aris Adamantiadis :verified:💲Paid
    • Ryan Castellucci (they/them) :nonbinary_flag:

    @aris @ryanc …implies that it must have happened repeatedly.

    In conversation Thursday, 01-Feb-2024 20:56:34 JST from infosec.exchange permalink

User actions

    Ben Aveling

    Ben Aveling

    The best time to improve your OpSec was a long time ago. The second best time is now.

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          100137
          Member since
          19 Feb 2023
          Notices
          20
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.