Notices by VessOnSecurity (bontchev@infosec.exchange)

@GossiTheDog You "scanned the internet". Lucky you. I couldn't get permission to scan even my own organization. 😢

The cybersecurity awareness month is over. You may resume using your dog's name as your password. Just make sure to use a different dog for each account and also use a dog manager.

How do I enter the BIOS setup??

@patrickcmiller Why exactly does a nuclear weapons plant need SharePoint?!

@lorenzofb There is a HUGE difference between the two.

One is "The Swiss courts, under whose jurisdiction we are, received a request from a Spanish court and ordered us to do this", the other is "Some shmucks from the Korean CERT who had no clue what they were doing complained to us that they didn't like somebody, so we suspended his account". The first was proper and unavoidable, the second was Proton being idiots.

Also, note that in no case was the contents of the encrypted e-mail compromised - only the sender was identified in one case and his account suspended in the other.

"Undocumented Radios Found in Solar-Powered Devices":

https://www.darkreading.com/ics-ot-security/undocumented-radios-found-solar-powered-devices

@GossiTheDog I wonder how big the ransom was...

"New Banksy mural appears at Royal Courts of Justice":

https://www.bbc.com/news/articles/cgrq0r0y878o

"The artwork was quickly covered up by large sheets of plastic and metal barriers. Court officials told the BBC the work would be removed."

"From drones to nukes: North Korea pushes AI military modernization plan":

https://www.dailynk.com/english/from-drones-to-nukes-north-korea-pushes-ai-military-modernization-plan/

James Cameron: Don't give an AI control of the nukes.
North Korea: Let's give control of the nukes to an AI.

What could possibly go wrong?

@GossiTheDog Man, 20C is fucking COLD! My ideal room temperature is 24C, although anything in the range 22-28C is fine.

"Four-year-old girl dies of hunger in Gaza as Israel throttles food supply":

https://edition.cnn.com/2025/07/20/middleeast/gaza-girl-food-crisis-intl

@ryanc Wait until you need to convert pounds per square inch into newtons per square meter...

@GossiTheDog Yeah, how very inconsiderate... Truth-seeking, jokes-making, telling stuff like it is, and being skeptical and neutral - that's literally Hitler.

@GossiTheDog Ahh, I finally succeeded!

You wouldn't believe what the trick was... I manually reduced the default GoFundMe "tip" from 14.5% to zero. 🤣

Bomb science 101:

So, when are people going to start praising Musk for opposing Trump's Big Ugly Bill and Trump taking revenge on him?

https://www.nbcnews.com/business/business-news/trump-musk-contracts-subsidies-budget-cuts-rcna211288

@FediThing @lauren @baldur These wrong answers lead me to the right answer faster than a google search, for instance, so yes, it's beneficial since it saves me time. As long as you've learned not to trust is blindly - which is why I said that we should teach how to use it properly.

@lauren @FediThing @baldur I am not talking about teaching them how AI tech works. We don't teach everybody how the internals of the computer work. I am talking about teaching them how to *use* AI properly - just like we teach kids how to use computers.

What is the alternative? Not teach them how to use AI properly and let them try to figure it out themselves and fall for hallucinations and other bullshit?

Oh, and you just blamed the users, BTW, by saying that they can't use security properly. Which they indeed can't - but it's our fault, not theirs, because so far we have failed to figure out how to make computer use for sensitive stuff both secure and intuitive.

@GossiTheDog At least they have the option to pay. Can you imagine of paying the ransom had been made illegal?

@GossiTheDog
In case you missed it in the actual article:

"The hacker was able to access data that the app captured intermittently for debugging purposes, and would not have been able to capture every single message or piece of data that passes through TeleMessage’s service."

That is, this was only debug data, not actual logged messages. As far as I understand, the actual logs are encrypted with a password - although that probably doesn't amount to much, since the password seems to be hard-coded in the app.

Also, you have to pick one:

- Trump's government is bad because they use Signal's disappearing messages to avoid scrutiny

or

- Trump's government is bad because they complied with a judge's order to log Signal messages.

You can't criticize them for both simultaneously and still have any credibility that your reasoning isn't obscured by your politics.

Oh, and Telemessage was procured by the Biden administration - it is not a Trump thing. They just used it to comply with the judge's order.