Notices by da_667 (da_667@infosec.exchange), page 2

You look like you lack shitposts.
I can fix that.

the 667 part of my handle is about as "weeb shit" as you can get.

The original end of evangelion had a commentary track. There was a part of the movie where characters were in a parking lot... in spot 667. One of the voiceover people just exclaimed 667! Neighbor of the beast!

#OriginStories

When AWS-USeast-1 is down

Time for me to reiterate why I think DOH is fucking garbage. This is the cliffnotes version:

-If you read the RFC, never once is privacy listed as a goal for the protocol
-Ostensibly, you get some privacy on the first hop, but from there, you have zero guarantees on literally anything. You have promises from various companies, but that doesn't mean jack shit.
-I'd like you to consider that cloudflare doesn't have a good track record of policing abuse of their platforms, they tacitly support white supremecists and terrorists, they've been known to forward abuse requests containing personal information of those who have submitted them to their abusers, and they have zero financial incentive to stop the flow of traffic. THIS INCLUDES MALWARE, THERE IS SO MUCH FUCKING MALWARE USING CLOUDFLARE. They are a default DoH provider choice in the major browsers that support it.
-Transaction ID is always set to zero for DoH requests to improve caching. This is actually written into the protocol. Y'all know why the transaction ID/DNS ID exists, right? This opens up attack paths for man in the middle attacks. Think QUANTUM and PRISM-type bullshit, where the answer to your DNS query is changed but you'll never know.
-The only goal of the protocol was to move DNS resolution to the browser, so that the browser is cognizant of how domains are being resolved. Its anti-adblocking tech.
-Think about who the major players are behind DoH - It was driven by Cloudflare, Mozilla, and Google. and while I like Firefox, they all have financial incentive to see how domain resolution is occuring and ensure ads are delivered to clients. Y'all are aware of google's Web Integrity web DRM shit, right? How much you wanna bet that if it becomes a standard, there will be websites popping up whereby resolution via DoH is required for viewing the content? I wonder why that would be?
-Flow analysis easily reveals which HTTPS traffic is likely to be DoH traffic. You can't hide connection metadata.
-Several tools have been developed to used DoH as C2, and even file storage, if you're brave enough.

@cR0w @catsalad @prettygood @Dio9sys

witness a miracle tonight. I ordered broasted chicken for dinner tonight. It's one of Henry's favorite meals, because I share with the dogs.

I don't know what he was thinking, but he got out of his dog bed, and walked out into the hallway. to get his share of the chicken when I wasn't looking.

Y'all, its only been four days since surgery. Obviously, we don't want him doing this unattended, but that he did it anyway was nothing short of amazing.

what's broasted chicken?

I'm not sure if it exists outside of Michigan, but broasters are essentially pressure cookers for chicken. Imagine the crispiest and juiciest fried chicken you've ever had and that's basically broasted chicken every time you order it.

dawn of a new day, bright and full of possibility

slams the shades shut

:eyes_squint:

@FritzAdalis @tinker @LPerry2 @bsidesnova I can confirm 11 IoT edition removes most of the odious shit you have to deal with on a W11 install

• no bing search on the start menu
• notifications are muted
• from my experience, local accounts are still allowed
• No windows store
• No windows store apps
• No stupid ass app recommendations
• One drive nag on the taskbar is gone
• Onenote spam is gone

This is the third time I've gotten a phishing exercise e-mail, in which this has happened, and its hilarious every single time because I get to map your company's entirely list of phishing domains.

DA, you loveable scamp, how is this done?

grab the e-mail address/domain from the suspected phishing e-mail, input it into virustotal. Click on details for the domain, and pay attention to the "Last HTTPS Certificate" section. See if the Subject Alternate Name section looks like war and peace.

Done deal.

Phishing exercise orgs are the only ones who do this, because bad guys just use lets encrypt.

How to tell a phishing exercise domain is a phishing exercise domain: The SSL certificate specifies a Subject Alternative Names list that is a fucking novel.

Remember certification camps?

It's that, except its 2025, and you're trying to get in on the bubble Before it bursts, but you're threading the needle, because you're an inflation fetishist.

doing a windows 11 IoT Edition install. It's hilarious how much better this experience is over the standard Enterprise edition, and I've barely done anything on it so far.

Installed 24H2

• The start menu isn't trying to call out to bing when I search for shit on the desktop. That's right! THERE IS NO DEFAULT SEARCHING FOR SHIT ON THE INTERNET IN THE START MENU
• There is no embedded weatherbar/weather app in the taskbar
• Pictured is the complete list of installed apps currently:

Holy shit this really is a de-shittified W11 install.

I don't have either enabled for the proxmox VM I've set up. The only hard requirement I've seen so far is that your box has to have at least two cores.

oh yeah, forgot to mention that IoT Edition doesn't require TPM2.0 or EFI for that matter. Hilarious

• I was able to configure a local user when the network drivers (virtio) weren't found
• No nagware tray icon for OneDrive
• Notifications are muted by default
• No microsoft store

Gonna apply 24h2, and see what that does.

search and connected experiences still needs to be thoroughly disabled

search suggestions needs disabling.

appearance > co-pilot and sidebar needs to be disabled.

privacy search and security > use secure DNS (DoH) still needs to be disabled.