GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Lee Holmes :donor: (lee_holmes@infosec.exchange)

  1. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Friday, 30-May-2025 01:21:20 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj If you were to design a system to favor those who will generate profit, would you pick those metrics? I think I would add things like:

    - Average length of debt holding ("Our research shows that people who hold debt for a long time and pay it off slowly can be depended on to do so for new loans and are therefore less risky"). Note that this would have to be different than the current metric of "Length of Credit History", since the current metric includes non-debt accounts like utility bills.
    - Use of high-interest debt ("Consumers that demonstrate the skill to leverage high-interest debt when needed are more likely to be trustworthy with new debt")

    I know somebody that had perfect credit (850) where their only debt-based accounts were a mortgage and a credit card that they paid off monthly, so 🤔

    In conversation about 4 hours ago from infosec.exchange permalink
  2. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Thursday, 29-May-2025 10:38:55 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj Alternatively, having no debt could be a sign that you haven't proven you can manage a debt load and are therefore more risky.

    As far as I understand, you get dinged from not having enough and also dinged for having too much.

    Whether you believe what the lion says or not, this is what the lion says :) It does appear more biased toward risk than whether you carry balances: https://www.experian.com/blogs/ask-experian/credit-education/score-basics/what-affects-your-credit-scores/

    In conversation about 19 hours ago from infosec.exchange permalink

    Attachments


    1. Domain not in remote thumbnail source whitelist: www.experian.com
      What Affects Your Credit Scores?
      Credit scoring software combs and analyzes credit reports to evaluate how you manage credit, with particular focus on just a handful of factors.
  3. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Thursday, 29-May-2025 06:56:16 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj Credit scores don't account for income / assets though.

    In conversation about a day ago from infosec.exchange permalink
  4. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 10-May-2025 16:58:20 JST Lee Holmes :donor: Lee Holmes :donor:

    It makes me super uncomfortable that globbing in Bash can turn into code execution. The fact that the name of a file can change the behavior of ls is scary. This also works for other commands that you tend to glob with, such as rm.

    In conversation about 20 days ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/473/365/560/779/121/original/e99ebbf9bf333d0f.png
  5. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 10-May-2025 16:58:19 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to

    I'm sure there's something here, but I don't have the patience to find it :)

    In conversation about 20 days ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/473/501/074/152/027/original/68ca177c0aeea792.png
  6. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Friday, 02-May-2025 03:36:27 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj Congrats! Does Aurora also drive while under big doses of amphetamines to more closely mimic real-world drivers? How is its CB etiquette?

    In conversation about a month ago from infosec.exchange permalink
  7. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Wednesday, 30-Apr-2025 02:15:28 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj FTFY

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/422/286/213/820/289/original/0d54deb34dc89a29.png
  8. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Tuesday, 22-Apr-2025 07:07:47 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • CatSalad🐈🥗 (D.Burch) :blobcatrainbow:
    • Paul Cantrell

    @inthehands @catsalad I envy your confidence to 100% trust anything on a computer :)

    In conversation about a month ago from infosec.exchange permalink
  9. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Monday, 21-Apr-2025 11:00:37 JST Lee Holmes :donor: Lee Holmes :donor:

    Accidentally unzipped an archive via Gnome into a directory called "~" in my home directory. I did not trust myself to delete it without renaming it first 😂

    In conversation about a month ago from infosec.exchange permalink
  10. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Friday, 11-Apr-2025 10:18:02 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj Including the process leading up to that being an approved change.

    In conversation about 2 months ago from infosec.exchange permalink
  11. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 22-Mar-2025 03:34:40 JST Lee Holmes :donor: Lee Holmes :donor:

    Yay, Facebook stole so much of my stuff, The Atlantic needs a scroll bar to show it.

    Also, TIL the PowerShell Cookbook has been translated to Polish :)

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/201/801/127/552/835/original/ab2bc88af344edb6.png
  12. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Tuesday, 11-Mar-2025 21:07:42 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • Paul Asadoorian

    @paulasadoorian Looks like you've got the color wheel covered :) Glow in the dark filaments are fun. If you have a 3d printer that can swap colors, I'd also look into soluble support.

    In conversation about 3 months ago from infosec.exchange permalink
  13. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 08-Mar-2025 03:49:12 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • scriptjunkie

    @sj I wonder if instead the study had asked: "What is the positive predictive value of this test?" or even "How accurately does this test predict the existence of the thing being tested?" - would the results have been more accurate?

    In conversation about 3 months ago from infosec.exchange permalink
  14. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Friday, 07-Mar-2025 10:04:56 JST Lee Holmes :donor: Lee Holmes :donor:

    LOL, just when you thought you've seen "bad security" just saw this password being used:

    Summer2017

    In conversation about 3 months ago from infosec.exchange permalink
  15. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Wednesday, 26-Feb-2025 10:37:47 JST Lee Holmes :donor: Lee Holmes :donor:

    TIL how crazy the "BD+" BluRay copy protection mechanism is. BluRay discs ship actual executable programs written for a custom virtual machine that can execute arbitrary code??!!

    Also LOL:
    "The copy protection scheme was to take "10 years" to crack, according to Richard Doherty, an analyst with Envisioneering Group".

    Oct 2007: The first discs with BD+ encryption are released
    March 2008: AnyDVD HD released, allowing the full decryption of BD+, allowing not only the viewing of the film itself but also playing and copying disks with third-party software.

    https://en.wikipedia.org/wiki/BD%2B

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/067/560/467/190/833/original/01a36623c08d0a3e.png
  16. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Tuesday, 28-Jan-2025 12:02:21 JST Lee Holmes :donor: Lee Holmes :donor:

    Pebble Watches are coming back! https://ericmigi.com/blog/why-were-bringing-pebble-back

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments


  17. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 25-Jan-2025 09:51:16 JST Lee Holmes :donor: Lee Holmes :donor:

    Had an interesting situation where AI coding helped make something _more_ secure.

    I was writing a tool to connect to Azure AI, which requires an auth key. Some example code had this coming from an environment variable, which is a super common practice. So I asked AI if there was a way to make this more secure.

    I was using Cursor, so it recommended (and implemented) a version where it securely prompted for the string at first launch and then stored the secret via keyring (Credential Manager on Windows).

    Storing in keyring is far more secure, but realistically most people wouldn't do it by hand because the environment variable approach is "good enough." But because AI made it so easy, it actually got done.

    In conversation about 4 months ago from infosec.exchange permalink
  18. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 11-Jan-2025 07:24:26 JST Lee Holmes :donor: Lee Holmes :donor:

    I know AI doomerism is fun and calling LLMs stupid autocomplete is fun. But damn, was this easier than typing it in all by hand.

    In conversation about 5 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/806/388/227/300/830/original/ba9a3ce4ad59bd76.png
  19. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Sunday, 01-Sep-2024 07:19:08 JST Lee Holmes :donor: Lee Holmes :donor:
    in reply to
    • Jake Hildreth (acorn) :blacker_heart_outline:

    @horse "I'm sorry, I'm not at my fax right now. Please try my secondary fax. Failing that, try one of those inter-office air delivery tubes."

    In conversation about 9 months ago from infosec.exchange permalink
  20. Embed this notice
    Lee Holmes :donor: (lee_holmes@infosec.exchange)'s status on Saturday, 31-Aug-2024 23:39:29 JST Lee Holmes :donor: Lee Holmes :donor:

    This address book column chooser is like a graveyard of old tech.

    In conversation about 9 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/052/830/584/409/651/original/1532914090753a56.png
  • Before

User actions

    Lee Holmes :donor:

    Lee Holmes :donor:

    Partner Security Architect, Azure Security. PowerShell developer, fanatical hobbyist, and author of the PowerShell Cookbook.

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          96673
          Member since
          9 Feb 2023
          Notices
          26
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.