Notices by ❄️☃️Merry Jerry🎄🌲 (jerry@infosec.exchange), page 2

@jernej__s right - you should get a notification each time someone quotes you, so it’s the same sound/experience as when someone mentions you

I've enabled post quoting on infosec.exchange, infosec.space, and convo.casa. On the web interface, the boost icon will now bring up a small menu that will let you either boost or quote. You can only quote posts that the author has granted permission to, and since this is a new feature, there probably won't be too many.

Reminder that most other fedi-software allows quote posting without the mastodon-style consent, as does most mastodon mobile apps, so be aware of that.

Dateline 2039: society has collapsed months after the Y2K38 bug rendered Linux systems inoperable globally. Meanwhile, over on LinkedIn, business continues unabated as all non-AI members of the site had left over 15 years earlier. A new sentient-ish AI CEO recently signed up and posted a job opening for a product manager at their new paperclip factory.

The moon and my first attempts at taking some milk way shots from the beach over the Gulf of Mexico

I rather like the pic I took of my grandkid Onix here.

4000 account passwords changed, 58000 to go 💩

FYI - because of what I saw happening over on mastodon. Social and a few other instances, I am resetting all the password of infosec.exchange users that haven't logged in during the previous 3 months. There's a lot of password stuffing and whatnot going on and I don't want to contribute to the problem of spam/phishing on the fediverse, and this was the best option I could come up with. Each of the accounts whose password is reset will get an email, so if you are here wondering "wtf, dude?", that's why.

@GossiTheDog @Xavier @martijn_grooten yeah, I will probably regret it, but I’d rather have people mad at me about this than others be mad at me for being a source of spam.

I dislike being the same age as the old people at the gym.

@mkj normally I would change to “Scary Jerry” by now but since my name comes up soon for tropical storm names, I feel like I have to honor that until it passes

"It rubs the AI on its skin or it gets the hose again"
CEOs everywhere

Monday is a holiday here in the US, meaning that today is one of the best days of the year to push your untested vibe code to production. Just remember, if the code would have worked when tested, it would work in production, so there's basically no risk.

Yes, there’s another phishing campaign contacting fediverse users to fill out a form to avoid being suspended or whatever. Stay calm and just report them and be sure to check the option to inform their home instance so the account gets suspended for everyone.

Also, please consider enabling moderated signups if you don’t already have them. I get it - signups dropped by >90% when I did it, but there’s very little capability for dealing with bad actors proactively once they have an account. I know it’s not a foolproof way to keep the scammers out, but it is an improvement.

Two days away from the start of a long weekend here in the US. Hopefully everyone is queuing up their untested code changes to go live on Friday. Bonus points if you store your secrets in code hosted on a public GitHub repo.

@kravitz @briankrebs @404mediaco the AI crawlers are making me thoroughly hate running stuff on the internet. My money is on this being crawlers for grok/xAI.

@feld that’s a great question. I’ll ask @Maliciousspawn (my oldest) who works at a baseball stadium and is probably the most knowledgeable person I know about baseball stadiums

@Viss good idea. I’ll see if she can do that or has someone that can help her

A photographer friend of mine had one of her sd memory cards die after a photo shoot. She’s tried Easeus and it can recover about 1300 of 1600 files, but she’s asking if there are other tools/tricks anyone knows from the forensics community that might be able to get the rest. I have a feeling there may just be some dead memory cells, but if there’s any chance to help, I’d like to. Thanks.

@badnetmask @ryne would you believe the shutter speed on that image was 1/200 second? I took that with a 1200J strobe pointed at the droplet landing site with the aperture stopped down to f/40, meaning the image is completely black without the strobe at 1/200. The light from the strobe is exceptionally bright (it noticably warms my skin when it flashes, even though I'm standing off to the side), but it only lasts for about 1/10000th of a second (for the strobe I'm using), so the sensor is basically getting a 1/10000th second view of the image, even though the sensor was active for 1/200th of a second.

I bought a little device from a company called MIOPS that has a resevoir, a valve, and a trigger for my camera. So I trigger the droplet through an app on my phone and the device sends a signal to the camera to take a picture. The camera tells the flash when to fire. It turns out that the connection between the camera and the flash has a bit of slop in it (+/- about 5ms) - and I likely need to find a way to hard wire it to make it more reliable.

This water droplet camera trigger setup is pretty cool. I have something new to subject everyone to...