GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Security Writer (securitywriter@infosec.exchange)

  1. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Tuesday, 27-May-2025 17:05:07 JST Security Writer Security Writer
    in reply to
    • Krista, Darth Moose Shark

    @grrrr_shark this?

    In conversation about 7 days ago from gnusocial.jp permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/578/752/014/441/206/original/05641c2d3673dba7.png
  2. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Friday, 16-May-2025 07:58:59 JST Security Writer Security Writer
    • Evan Prodromou

    @evan 10-15 years ago I might have said 1m, but today <1s is perfectly achievable, and expected in most cases.

    In conversation about 18 days ago from infosec.exchange permalink
  3. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Tuesday, 13-May-2025 02:58:59 JST Security Writer Security Writer

    It might seem trivial in the grand scheme of things, but this is a beautiful act of malicious compliance and defiance, simultaneously.

    https://apnews.com/article/boise-salt-lake-city-pride-flags-law-13c8f9f7269d1b33daaa7ef041c6c497

    In conversation about 21 days ago from infosec.exchange permalink
  4. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Wednesday, 07-May-2025 01:51:22 JST Security Writer Security Writer
    in reply to
    • Alfred M. Szmidt

    @amszmidt This isn’t something you can explain to me. I literally wrote the book on it.

    In conversation about a month ago from infosec.exchange permalink
  5. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Wednesday, 07-May-2025 01:42:54 JST Security Writer Security Writer
    in reply to
    • Alfred M. Szmidt

    @amszmidt Anybody serious about security cares, and they do this every day, and have done for over a decade. Any discrepancy matters.

    Otherwise how would you monitor changes to systems?

    Every file on every OS is checked against origin, then re-hashed and catalogued, and given a list of interactions it can have with the network, the OS, and other applications at the very least.

    Security is hard, but it isn’t that hard.

    In conversation about a month ago from infosec.exchange permalink
  6. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Wednesday, 07-May-2025 00:24:16 JST Security Writer Security Writer

    I am once again telling vendors, if your software is unsigned, not checksummed, doesn’t have an SBoM or manifest, or that SBoM doesn’t include network destinations and application interactions…

    It’s not running in any environment I look after.

    You made it. You should know how it works. That is nobody’s job but yours. I’ll validate it later.

    In conversation about a month ago from infosec.exchange permalink
  7. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Saturday, 03-May-2025 19:02:08 JST Security Writer Security Writer
    in reply to

    In before “yOu NeEd To ReAd A hIsToRY bOoK”

    I’m a Security Advisor specialising in national security in Europe.

    We read stuff. It’s what we do. Whodathunkit?

    In conversation about a month ago from infosec.exchange permalink
  8. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Saturday, 03-May-2025 19:01:09 JST Security Writer Security Writer
    in reply to

    Lend lease was hugely important to the speed of victory. Not to the victory itself.

    Russia especially would have lost many, many times more people than they did in the twilight years of the war, but they would have still pushed Germany back regardless. You need to remember, Germany, for what it’s worth, was landlocked.

    Now I’ve been using ‘Russia’ as the point of reference, when I should have been saying ‘Soviet Union’. This was intentional. The German push to acquire the ‘Sudetenland’ mean a lot of the Soviet Union was destabilised. But the Soviet Union was MASSIVE. Stretching from the Atlantic to the Pacific, and touching many countries along the way, most of which did more than a little trade with neighbours.

    A war of attrition was not going to be won by Germany. It’s just counting.

    In fact, without lend lease, you could argue that Germany’s defeat would have been even more crushing as other allied forces likely wouldn’t have been able to push that quickly into Germany without lend lease.

    Making the Soviet Union ever larger, and Germany smaller. It is said that due to Germany’s betrayal of the Molotov-Ribbentrop Pact, that Stalin actually wanted all of Germany in retaliation.

    Lend lease probably saved tens of millions of lives. But it didn’t decide the outcome.

    In conversation about a month ago from infosec.exchange permalink

    Attachments


  9. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Saturday, 03-May-2025 19:00:34 JST Security Writer Security Writer

    For Americans needing a history lesson in light of the Orange one’s comments on world wars, specifically the second (important to note, this is not to minimise the US’s contribution and loss, just to ground it in reality)

    The allies would have won the Second World War without US participation. It would have been bloodier, and longer, but won nonetheless. This isn’t really up for debate, and has been explored extensively in academia.

    See, by the time the US had entered the war, Germany was already on the back foot in the east, forced on a rearguard out of its newly claimed territories by Russia which lasted for nearly two years. Germany was running out of resources fast, and people were beginning to starve at home.

    The British had all but defeated Italy, and a strong resistance movement sealed the deal. They’d successfully regained (as if they really lost it) naval supremacy, even with the u-boat threat, essentially blockading Germany from the Atlantic and sinking u-boats at an alarming rate by 1943.

    This would have likely meant the land invasion of Europe would have been through Italy, which initially was the plan. It would have been bloodier, as Hitler was expecting this, but arguably shorter as it stretched Germany’s resources thinner still, all to the periphery of controlled territory, making supply line attacks even more devastating.

    The US would likely have still been at war with Japan (but even this is in doubt due to resources, and if US involvement didn’t feel inevitable at the time) but Japan was already being pushed back by Chinese, British, Dutch, and by Indian forces, who all supported China’s pushback.

    BUT, but, but, lend-lease I hear you ask…

    1/2

    In conversation about a month ago from infosec.exchange permalink
  10. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Thursday, 01-May-2025 18:26:33 JST Security Writer Security Writer

    Just thinking back to how we really did use ‘master’ and ‘slave’ when describing computer components, and people thought this was totally fine. 🙄

    In conversation about a month ago from infosec.exchange permalink
  11. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Thursday, 01-May-2025 08:07:04 JST Security Writer Security Writer

    The thing about using AI to replace jobs, is that you’re starting from a position where management has failed to hire appropriately.

    Because if you’re using AI today to replace people, they have to be terrible at their jobs because AI is objectively bad at *gestures at everything* in a workplace.

    What you’re saying is either your managers hired incompetent people, meaning they’re also incompetent, and their managers are equally incompetent.

    OR AI is shit and you’re trying to save a buck, and this will all fall on your heads.

    In conversation about a month ago from infosec.exchange permalink
  12. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Saturday, 26-Apr-2025 01:09:35 JST Security Writer Security Writer

    Sooo say you’d found a vulnerability with a protocol used by the majority of OT devices of a particular kind…

    How might you disclose that given there’s potentially billions of devices currently use it across thousands of vendors?

    In conversation about a month ago from infosec.exchange permalink
  13. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Friday, 25-Apr-2025 07:06:25 JST Security Writer Security Writer
    in reply to
    • Viss

    @Viss what’s the gl.inet stuff like? Not a brand I’m familiar with, but I’m looking for a new secondary WAN given today’s bullshit

    In conversation about a month ago from infosec.exchange permalink
  14. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Friday, 25-Apr-2025 07:06:23 JST Security Writer Security Writer
    in reply to
    • Viss

    @Viss I’m just looking for a 4/5g connection to the WAN port on my main router. Don’t care if it’s double NAT as I tend to run double NAT with my DMZ anyway.

    In conversation about a month ago from infosec.exchange permalink
  15. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Wednesday, 23-Apr-2025 01:25:10 JST Security Writer Security Writer

    Work begins on my first novel this week.

    It’s probably going to take a very long time, but it’s something I’ve been working on in my head for years.

    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.week.it
      Organizza il tuo Week End con Week.it
      Il portale dei viaggi e del week-end...tante idee per soggiorni in centri benessere, nelle città d'arte, tour enogastronomici, mini crociere e offerte dell'ultimo minuto.
  16. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Tuesday, 22-Apr-2025 02:04:39 JST Security Writer Security Writer

    Just a reminder to do some self care.

    You’re all doing amazing things, but you gotta look after number one or the amazing things stop happening.

    Hydrate, meditate, eat, exercise, have a personal day, whatever it is you need. Make sure you do it.

    I PROMISE you the world won’t stop turning.

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/375/919/705/454/315/original/4bc3e78a7bd6d086.png
  17. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Sunday, 20-Apr-2025 03:18:22 JST Security Writer Security Writer

    Ok. I’m installing Ubuntu on my gaming laptop. This device won’t be a Windows machine ever again.

    If this goes steady for a couple of months, my main gaming rig is making the switch.

    In conversation about a month ago from infosec.exchange permalink
  18. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Sunday, 13-Apr-2025 21:26:06 JST Security Writer Security Writer

    Given the conversations around capital punishment at the moment, it’s worth knowing for any advocates of it:

    1) If guilty people still end up on death row, it’s not a deterrent.

    2) If innocent people still end up on death row, it’s not a deterrent.

    3) If it’s not a deterrent, it’s vengeance.

    4) If your desire for vengeance is so great that you’re willing to kill innocent people for it, it’s time for some serious introspection.

    There is no counter to this, by the way.

    4) If you try argue that *you’re* not seeking vengeance, then it’s the state that’s seeking vengeance.

    5) If you vote for the state to be able to seek arbitrary vengeance against private citizens, it’s time for some serious introspection.

    In conversation about 2 months ago from infosec.exchange permalink
  19. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Friday, 11-Apr-2025 08:17:47 JST Security Writer Security Writer

    All of our US travel has been cancelled for the indefinitely as we’d all probably be detained or shipped who the fuck knows where due to our work and public status.

    Really sucks as I don’t get to meet up with my wonderful friends and colleagues, but beats the alternative.

    In conversation about 2 months ago from infosec.exchange permalink
  20. Embed this notice
    Security Writer (securitywriter@infosec.exchange)'s status on Friday, 11-Apr-2025 07:05:19 JST Security Writer Security Writer

    On the plus side, 125% tariffs on China means a lot fewer Temu IoT devices on domestic networks 🤷

    Ever the optimist.

    In conversation about 2 months ago from infosec.exchange permalink
  • Before

User actions

    Security Writer

    Security Writer

    Multi award-winning Security Advisor. Technical Auditor. Speaker. Author.

I specialise in organisational and operational security. I help people do better. 
Currently clean on OpSec.

Donor: Infosec.exchange :donor:

#Infosec #Philosophy #ADHD #Privacy #MediaPreservation

GNU Terry Pratchett

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          88542
          Member since
          15 Jan 2023
          Notices
          238
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.