Show newer

Oh, this now has an CVE: msrc.microsoft.com/update-guid

"An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges"

Show thread

The big problem with augmenting my intelligence is that it's hard, and I don't wanna.

A read-only CryptPad spreadsheet with a list of known apps being used by #Pegasus as infection vectors, along with sources:
cryptpad.fr/sheet/#/2/sheet/vi

DM me if you'd like write access to add things.

#InfoSec

Excellent. Ever since I have the RPi400 runnning on my desk, people are complaining about audio distortions in meetings when the (analog) mic cable runs next to it.

„Notfallwarnung im Mobilfunknetz + Cell Broadcast“ | von LaForge's home page | 100 % reine Sachinformation mit nur einer sehr sehr winzigen Prise (notwendiger) Polemik.

laforge.gnumonks.org/blog/2021

WTF!? Microsoft has made the SAM database on Windows 10 readable for all users with one of the recent patches?

mobile.twitter.com/GossiTheDog

(Can confirm on my recently-patched Windows systems, icacls shows c:\windows\system32\config\sam as readable for Users, instead of an access error.)

Ugh. I had changed my Keepass passphrase to be similar in structure to the logon password, and now I constantly get both wrong.

*sigh* Why is Element on my mobile phone now suddenly unable to connect to Matrix on fairydust.space?

Element Desktop doesn't seem to have a problem there.

Bruce Schneier points out that the Citizen Lab has identified another Israeli "Cyberweapons Arms Manufacturer" besides the NSO group, called Candiru: schneier.com/blog/archives/202

Right now I'm not so sure about "Cyber Defense" products coming from the same region, where it's probable that personnel moves betwen those companies (looking at you, Checkpoint)...

Why am I always doubting my own decisions?
I got a cheap line-interactive UPS because it has very little power usage, it's quiet, and the USB status connection is supported by my Synology NAS (or NUT usbhid-ups, for that matter). All I want to be able to do is bridge the short power dips I've been seeing about once a year, and organize for an orderly shutdown if power is out for a longer time.
But now it's here - just how much cooler would it have been to get a networked UPS with more features?

My former $DAYJOB, @OCCRP, is part of the investigative journalism team that was working on the #Pegasus project. They already published some stories:
occrp.org/en/the-pegasus-proje

More to come, I hear.

I am very happy to see investigative journalists finally shining a light on the very people who target them and put them in (sometimes mortal) danger. Shady companies like NSO Group absolutely hate this. Here's hoping we see more of this kind of reporting in the future!

#InfoSec

Heh, my desk almost turned into a Battlestation by now. Left: RPi 400 with the small monitor, then the work laptop (going to work has meant opening the lid, and moving over the USB cable with keyboard and mouse for the past year). Main monitor switches to the other input automatically. To the right, a Ryzen ZBox.

It’s been a year to the day since Raide—my friend and co-creator of Analogue, Hate Plus, and Ladykiller—passed away.

Something I decided to do was put some of my favourite pieces of his up above my desk, so he’d still be with me in some way every day. These are the ones I picked

Hrm, ok. Auto-typing seems broken in my setup currently. It did paste username and password somewhere, but definitely not into the web site form it was supposed to use.

Show thread

I mean, this also depends on the dedication of the software publisher - Vivaldi for example provides a deb repository that also has ARM builds. (And so does Microsoft, for Teams and Edge and Vscode, though I'm not sure about the supported architectures).

Show thread

...kinda reminds me of why I don't like to deal with Linux for everyday use. Software installation is too much of a hassle for everything that moves faster than the distribution release cycle (and I don't like Snap). No idea if people even build Flatpack bundles for ARM?

Whereas the old Windows way of "download, run installer" still works fine, despite all its different kinds of problems (hello dll hell and malware).

Show thread

Ah, turns out the dimmer circuit is super easy to remove (once the lamp fixture is disassembled), so I'll just add a switch to the cable instead. No more dimming tough.

Show thread

So if you want to run a current version of Keepass2 from the .zip download with plugins under Mono, you'll need the mono-complete package (on Raspbian/Debian).

It's mentioned in the docs and in the error message when a plugin can't be loaded, but who reads error messages 🙄

Anyways, does seem ok under Raspbian (I just kept the general directory structure that the outdated .deb package uses, but put everything from the download under /usr/local, including a copy of the adapted startup script).

Now how do I find out which version of KeePassOTP works with the ancient KeePass release that ships with Debian buster (respectively Raspbian)?

Show older
INFRa Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!