Notices by Adrian Sanabria (sawaba@infosec.exchange)

@GossiTheDog to be fair, IIRC, Coop Sweden went down because their payment provider used Kaseya.

So, it was ransomware on a fourth party, nothing Coop Sweden had any direct control over

@GossiTheDog if you’re on a box, can’t you just do the equivalent of Recall with malware? It definitely makes the job of an attacker easier and more streamlined, but not sure it adds up to a massive increase in risk.

Also, anyone that figures out how to eliminate that one hour every day the planet spends trying to find stuff on their computer could maybe add 10% to global GDP. How much risk is that worth?

(not that Recall is that solution, but it could be, right?)

@GossiTheDog people already screenshot stuff constantly, Recall is just drawing extra attention to an existing issue

@GossiTheDog please don’t tell me they were converting cash into crypto to pay a ransom

That’s like, incident turducken

@GossiTheDog tl;dr - not a threat, you’ll update it anyway, probably don’t need special tools since we’ve been updating crypto forever

@GossiTheDog doing a webinar in a few weeks, working on the slides

@patrickcmiller infiltrated?

@dalias @hal_pomeranz came here to say this. I remember coming in to work one day at a large payment processor (where I got my start in cybersecurity), and suddenly realizing that most of the people that worked there could just stop coming to the office and there would be zero impact.

Every department had one or two highly competent people that ended up doing 80-100% of the work that had value. It was literally a mirror of doing group projects in HS/Uni

@GossiTheDog LOL, I just downloaded that. Haven't dug in yet though, because deliverables

@patrickcmiller This is fine.

@patrickcmiller a very different kind of breach

@horse oh, no that's perfect! That's exactly what I needed! ?

TYTYTYTYTYTY

@horse I should add I'm using an external mechanical keyboard with the Mac docked - my FN doesn't work the same as the built-in Apple FN, it seems

Is there an easy way to type emoji on a Mac like you can on Windows with WIN+. ?

I'm considering starting a livestream/podcast

will just be me, trying to get random FOSS software working, failing, and losing my shit.

In other, completely unrelated news, I finally have proper window snapping in Fedora 37

Love that Basecamp/37Signals is following up on their October announcement, that they're leaving the cloud, with some actual numbers. It's nicely broken down by AWS billing categories.

Will be interested to see them update these costs again in a year, as they'll have presumably moved out of the cloud by then.

https://dev.37signals.com/our-cloud-spend-in-2022/

@horse I watched F1 Quali today, so I did get my helping of sports in ;)

Seeing if I can score a copy of my ex-Mother-in-Law's recipe, but I know most of it from memory and will make it my own if need be.

I'm jumping around between cooking, cleaning, reading books, and writing a book review today.

I need to get in a grocery trip today or tomorrow, to get stuff I've promised to bring for Thanksgiving/Friendsgiving get-togethers.

Looks like I'll be making Kentucky Bourbon sweet potato casserole, cranberry sauce (from actual cranberries), and popovers.

What are y'all up to today?