Notices by Lee Holmes :donor: (lee_holmes@infosec.exchange)

@paulasadoorian Looks like you've got the color wheel covered :) Glow in the dark filaments are fun. If you have a 3d printer that can swap colors, I'd also look into soluble support.

@sj I wonder if instead the study had asked: "What is the positive predictive value of this test?" or even "How accurately does this test predict the existence of the thing being tested?" - would the results have been more accurate?

LOL, just when you thought you've seen "bad security" just saw this password being used:

Summer2017

TIL how crazy the "BD+" BluRay copy protection mechanism is. BluRay discs ship actual executable programs written for a custom virtual machine that can execute arbitrary code??!!

Also LOL:
"The copy protection scheme was to take "10 years" to crack, according to Richard Doherty, an analyst with Envisioneering Group".

Oct 2007: The first discs with BD+ encryption are released
March 2008: AnyDVD HD released, allowing the full decryption of BD+, allowing not only the viewing of the film itself but also playing and copying disks with third-party software.

https://en.wikipedia.org/wiki/BD%2B

Pebble Watches are coming back! https://ericmigi.com/blog/why-were-bringing-pebble-back

Had an interesting situation where AI coding helped make something _more_ secure.

I was writing a tool to connect to Azure AI, which requires an auth key. Some example code had this coming from an environment variable, which is a super common practice. So I asked AI if there was a way to make this more secure.

I was using Cursor, so it recommended (and implemented) a version where it securely prompted for the string at first launch and then stored the secret via keyring (Credential Manager on Windows).

Storing in keyring is far more secure, but realistically most people wouldn't do it by hand because the environment variable approach is "good enough." But because AI made it so easy, it actually got done.

I know AI doomerism is fun and calling LLMs stupid autocomplete is fun. But damn, was this easier than typing it in all by hand.

@horse "I'm sorry, I'm not at my fax right now. Please try my secondary fax. Failing that, try one of those inter-office air delivery tubes."

This address book column chooser is like a graveyard of old tech.

@SwiftOnSecurity @SwiftOnSecurity Watching that is definitely on my to do list. Did you see his one about the SAT? https://infosec.exchange/@Lee_Holmes/111506430074413132

@horse Get-Verb :)

@horse @Viss Yup, and 'echo' in PowerShell also does the right thing :)

¯\_(ツ)_/¯

Make Mastodon the social network you pay for because it's something you believe in: https://liberapay.com/Infosec.exchange/

Humans during a time change: "UGH, I lost an hour of sleep last night!"
Animals during a time change: "F* YES! We get fed an hour earlier now!"

Having one of my open source pet projects get engagement from other devs for the first time has been an interesting experience. Good to see the project help others out - and especially when it engages them enough to submit a meaty PR!