Notices by Tropical Storm Jerry🌀 (jerry@infosec.exchange)

Looks like Tropical Storm Jerry is brewing off the coast of Africa 🎉🌀🎉

I just got an alert that Nvidia’s market cap crossed $4.5T. I know I am mixing elephants and telephone poles here, but it seems weird that the manufacturer of IT components has a market cap that is almost 15% of the GDP of the US for 2025 🤔

The reason for wanting to join infosec.exchange in a recent signup. Yes, it includes the placeholder for the person’s name, which I assume came from ChatGPT or one of the other amazing LLMs. 🚮

Hi, I’m [Your Name]. I have a strong interest in information security, privacy, and technology. I’d like to join infosec.exchange to stay updated, share knowledge to connect with the community

Why, oh why does SNMP need to be exposed to the Internet for everyone to hack?

Y’all - I just heard there’s going to be raptors tomorrow! 🦅 so excited!

@jernej__s @tchambers you can turn the beeps off in the settings at the top of the notifications timeline.

@jernej__s right - you should get a notification each time someone quotes you, so it’s the same sound/experience as when someone mentions you

I've enabled post quoting on infosec.exchange, infosec.space, and convo.casa. On the web interface, the boost icon will now bring up a small menu that will let you either boost or quote. You can only quote posts that the author has granted permission to, and since this is a new feature, there probably won't be too many.

Reminder that most other fedi-software allows quote posting without the mastodon-style consent, as does most mastodon mobile apps, so be aware of that.

Dateline 2039: society has collapsed months after the Y2K38 bug rendered Linux systems inoperable globally. Meanwhile, over on LinkedIn, business continues unabated as all non-AI members of the site had left over 15 years earlier. A new sentient-ish AI CEO recently signed up and posted a job opening for a product manager at their new paperclip factory.

The moon and my first attempts at taking some milk way shots from the beach over the Gulf of Mexico

I rather like the pic I took of my grandkid Onix here.

4000 account passwords changed, 58000 to go 💩

FYI - because of what I saw happening over on mastodon. Social and a few other instances, I am resetting all the password of infosec.exchange users that haven't logged in during the previous 3 months. There's a lot of password stuffing and whatnot going on and I don't want to contribute to the problem of spam/phishing on the fediverse, and this was the best option I could come up with. Each of the accounts whose password is reset will get an email, so if you are here wondering "wtf, dude?", that's why.

@GossiTheDog @Xavier @martijn_grooten yeah, I will probably regret it, but I’d rather have people mad at me about this than others be mad at me for being a source of spam.

I dislike being the same age as the old people at the gym.

@mkj normally I would change to “Scary Jerry” by now but since my name comes up soon for tropical storm names, I feel like I have to honor that until it passes

"It rubs the AI on its skin or it gets the hose again"
CEOs everywhere

Monday is a holiday here in the US, meaning that today is one of the best days of the year to push your untested vibe code to production. Just remember, if the code would have worked when tested, it would work in production, so there's basically no risk.

Yes, there’s another phishing campaign contacting fediverse users to fill out a form to avoid being suspended or whatever. Stay calm and just report them and be sure to check the option to inform their home instance so the account gets suspended for everyone.

Also, please consider enabling moderated signups if you don’t already have them. I get it - signups dropped by >90% when I did it, but there’s very little capability for dealing with bad actors proactively once they have an account. I know it’s not a foolproof way to keep the scammers out, but it is an improvement.

Two days away from the start of a long weekend here in the US. Hopefully everyone is queuing up their untested code changes to go live on Friday. Bonus points if you store your secrets in code hosted on a public GitHub repo.