Skip to main content



Zscaler seeing a user has an IP in 100.0.0.0/8 tells me that wont work because that's a Zscaler internal IP.

Of course, the user's ISP is misusing CGNAT and also claiming IANA reserved IPs are theirs.

Abolish legacy IP

Unknown parent

@The Psychotic Network Ferret the problem was that neither group using 100.6.0.0/16 *owned* it. Both of them were using it for extra IPv4 space.

And I've been a ISP grunt, I know we want IPv4 to die, but there's some ISPs that have bonkers IPv4 stacks and massive CGNATs without a whisper of IPv6



Me vs @Becky parenting
@Becky - buys the kids mars bars
Sean - tells the kids Mars Bars are made by war criminals and then starts teaching them to make nougat
This entry was edited (3 months ago)


My 3 year old kid has a 1 string guitar to learn to make sound, To protect his fingers I handed him a guitar pick. He yelled "Can I open it!" and started trying to find a seam to shove the pick in to spudge the guitar.

I am... raising children.

shyduroff reshared this.



A recent chat lead to the idea of the Standard Reference Olympian

Someone who is *not* good at the sport. Just to remind everyone how intense everyone there is.

"Oh this person got 20th place! Unremarkable"

make people compare them to the SRO

in reply to silverwizard

@silverwizard At least the SRO wouldn’t have defended “her creative vision” in the numerous interviews she’s given since.


Hey #Bhyve/#FreeBSD people!

I'm trying to manage USB passthrough into a guest, I can't find anything in the manpages. Is there something I'm missing?

reshared this

in reply to silverwizard

Not currently supported, as far as I’m aware. The closest you can get is to pass through a whole USB host adapter PCI device to the guest, then all devices connected to its ports will end up in the (same) VM.
Proper USB passthrough isn’t ridiculously difficult to implement by any stretch, but I guess nobody’s got around to it yet.
in reply to Phil Dennis-Jordan 😷

@Phil Dennis-Jordan 😷 "Not missing something" is a good answer! Thanks!

I gotta figure out if I have a host I can give my homeassistant server. But thanks!

in reply to silverwizard

You can pass entire USB controller (PCI passthru) into Bhyve VM but not a USB port or USB device.

Here instructions how to do it:

vermaden.wordpress.com/2023/08…



Alone for lunch (yes it's 4pm) for the first time since the kids were born.

writing a complex regex to manage emails, since, ya know, I know how to have fun.



I get all my music as FLACs because I'm not unwise.

My car will only play mp3s (and oggs?!).

This 2012 MacBook Air is not made for this find command.



InfoSec: If you use the wrong crypto, and have SSL broken, you could, maybe, get the email of the user. 10/10 CVE, Information Disclosure

Also Infosec: This Is Good And Normal


This battle was lost a long time ago. There is no going back to sane defaults. Data collection is now the primary goal of paid and free products. You don’t own anything, and you will be happy. Of course, you can still use privacy-enabled products at home, but those options are limited, and not all your apps will be available. bsky.app/profile/ahhmandah.bsk…



've seen so many hearing aids on kids this week, often low profile, some very large, all taking wild abuse, like a child spraying his repeatedly with a water jet in a splash park

and - I feel so good about this - this is the core of accessibility - you didn't see a lot of deaf kids before because they were isolated! and now they're not!

knightly reshared this.

in reply to silverwizard

almost sounds like that one kid wants some quiet and is trying to break it ;)


Phillips Hue keeps threatening me they're going to shut down everything. I put their app on a side device that wont download things and I don't update it, and I put their bridge on a no-internet-access VLAN - but I'd like to just not deal with their shit.

Is there a bulb that doesn't deal with their shit?

Bee O'Problem reshared this.

Unknown parent

@Neil Brown UK is a tall order, but I'd love to get good Tasmota bulbs. I am dangerously close to building one.
Unknown parent

@Mischa 🐡😎 Wait - you can connect them directly through zigbee?!

Hmmmmm

Bhyve USB passthrough reseach commences.



Security is Threat Modelling

Security Advice or guidance without a threat model is not correct. Full stop.



the Humble Bundle copy of Gratuitous Space Battles I bought years ago is causing OpenAL issues every time it makes a sound and seems to have no mute option.

I need to figure out dummying the linker...



Last night I had a dream that I was (kinda accidentally) elected UK Prime Minister, and I was confused as hell because I was a tourist and didn't know any of the ritual.

And I think that it's telling about the UK that my brain can find no holes in the theory that this is plausible



Security vendor demanding I install servers in my network running out of date FreeBSD which can't be updated and RCEs in SSH

I really wish there was a compliance framework these types needed to follow

Unknown parent

@The Psychotic Network Ferret I think it's so they don't need to tell me it's FreeBSD.

They also tell me to use the IP address on eth1 and the server *is FreeBSD*.

It's 11.4 so it's not dire - but it looks like they haven't updated it ever. I tried a poke at pkg and they don't have their own repo so the repo is just gone. And yes, the SSH is 8.4 from 2022.



Talking to coworkers "Remember, your laptop is 4-10x as powerful as one of the servers, your laptop has to run Slack and none of the servers take that kind of abuse"


The company I work for is really great, but the CEO is toxic as hell

Just completely and impossibly.

We had an outage and he joined the technical call, and started throwing out ideas and forced the response team to *stop* discussing the issue and *instead* explain why he was wrong.


in reply to silverwizard

yes, provided you add enough sugar, but I doubt it'll taste fantastic.
in reply to þēodrīċ

@þēodrīċ I mean, probably do a very strong tea, as strong as I can get it, and then add a sugar, the problem is finding a good sugar for the yeasts to not sour, while also leaving the flavour dry


The problem with my current employer isn't the lack of technical sophistication, it's that everyone outside of the dev org thinks my skillset is fungible with every other person inside the dev org.

Despite me being hired explicitly outside the dev org's purview because it *isn't*

in reply to Alex P. 👹

@Alex P. 👹 I was hired by someone who knew what they were doing and given Infrastructure and Security as purview, and now everyone says "this person does DevOps" which... hurts every time
in reply to silverwizard

@Alex P. 👹 the real problem is when people
1) tell the dev lead about like, DNS changes or whatever, and then they don't tell me "but it's all engineering"
2) asking me to deal with frontend JS or python code that just... I don't know


Google breaking NewPipe forcing me to properly setup my flows for watching video on Nebula


After the giant DDoS on DynDNS I started multi-hosting my domains and almost everything else. But no one will pay for multi-cloud. And I don't get why we never learned this lesson?


Honestly, the amount of time I spend flummoxing security vendors by saying things like "Oh, we're not using office 365" is very upsetting

It's not that I don't understand that 99% of their clients are using O365, it's how many products and support team fall apart



the booze is on strike

what a fuckin' weekend for the booze to be on strike



Remember
This is the fault of Crowdstike's C level execs

This is not the fault of the scapegoats they will blame this on

This is a failure of time, budget, expertise, and process.

They cut costs by cutting quality

in reply to silverwizard

reuters.com/technology/crowdst…

Honestly, looks like CrowdStrike said some shit would go down because they were contracting. Which uh - good call.

in reply to silverwizard

Every hacker in the world is posting this right now

I am assume it was Ed Zitron's post



Banks are screwing my wife around. Her mom put some money in an account years ago for her, and she's pulling it out to put it somewhere more reliable, but the cheque was listed in both names, and so banks are refusing to deposit it because it's in the name of two people. So she tried to go into the bank with both of them and endorse the cheque in front of bank employees, which even then they are being a pain in the ass about. This is stupid.

But she went in this morning.

CROWDSTRUCK

in reply to silverwizard

@silverwizard *sick electric guitar riff*

I was caught in the middle of an OS update (Windows)
I looked 'round and I knew there was no turning back (Windows)
My mind raced and I thought, what could I do? (Windows)
And I knew there was no help, no help from you (Windows)
Sound of the drums beating in my heart
The thunder of BSOD tore me apart

You've been - crowdstruck

silverwizard reshared this.

in reply to Hypolite Petovan

@Hypolite Petovan crowdstruck is the verb form of "ruined by a vendor"

"CrowdStrike was worse, but SolarWinds was another vendor that crowdstruck everyone"



Ug, I should have paid @404 Media long ago, they are the best reporting I've seen.

But at least I paid them Wednesday and I assume that my subscription will be spent on the spirits needed to get through their next few calls to CrowdStrike.

aacur8 reshared this.



The best part of owning a VR headset is that I can put on the headset, use it for an hour, remember why it sucks, and then move on


using the Serverless Framework to update some lambdas

And all I can think of "Didn't I use a framework so I didn't have to type the same thing a billion times?"



Google fucking hates file folder and file organization.

And holy fuck I hate it, and I worry it's bad for people exploring systems.



My wife is excited about a Fantasy Ball and now I'm looking for resources for customizing N95/p100 masks? Any good cosplay tips?

#cosplay #larp #covidisnotover

in reply to silverwizard

I can highly recommend magnets and lacey fabrics as good ways to decorate or customize respirators, specifically the disposables.

The Dräger 1950 N95 is arguably the best on the US market right now, and it has the most robust structure to handle added decoration without collapsing. The plastic anchors for the headband on each side also allow for hanging/mounting decorations.

For magnets, there are lapel pins and needle minders, but to customize/add on to, look at hijab magnets.

in reply to Texan_Reverend

PS: the Dräger 1950 is what I'm wearing in my profile photo - along with a magnetic lapel pin.

Also, the small size of the 1950 fits the most people

This entry was edited (4 months ago)


My wife just found out I grew my hair out as a joke

21 years ago



We paid a vendor for implementation

Now I'm considering blocking their emails



I hate when people talk about hobby tools as like "if you value your time"

1) fixing is a skill you should hone
2) fixing can be fun
3) hobbies are not something to optimize

Discussing valuing someone's time spent on hobbies in dollars is the worst grindset babble imaginable

in reply to silverwizard

I sell products ready-assembled, and do-it-yourself kits for building the same products. Some of my customers buy the kits because they really like building kits, and that's great.

But others buy the kits because they think they're entitled to the finished product at a lower price, and they begrudge every second of effort they must put into building the kit. Those people really exist and they are the market for tools that purport to save "the value of your time."

in reply to Matthew Skala

@Matthew Skala Yeah, that's valid. If you're doing it to save money - that's fine.

But this is a criticism of the *argument*, not the sale. People can and should sell preassembled things, kits, and more! Not everyone wants to build! But if someone is building on purpose, don't tell them to value their time.



People really bad need to stop recommending Ubuntu as a valid Linux. It's just so... unpleasant.

GNU Too reshared this.


Unknown parent

@The Psychotic Network Ferret So I think you're 100% correct. And I think most fights about houseruling and ignoring rules is when those things cross modular barriers (you can add/remove modules, but ignoring part can be a problem), but D&D doesn't really acknowledge its own modularity
Unknown parent

@The Psychotic Network Ferret I am far from a D&D player - but I tend to be very into the story and how we tell stories, and very into game rules. I think good games tell good stories with good rules. But yeah - I agree about the Say Yes Or Roll The Dice thing.

in reply to silverwizard

I checked lambdaguard and komiser and cloudwatch and cloudtrail - I see no suspicious logins, no resources in strange places, our IDS didn't pick up anything, and all the APAC regions are disabled, and there's nothing in them. So it's not like we were suddenly hacked as far as I can tell.
in reply to silverwizard

once, years ago. I think they sent an email out a few days later saying sorry it was a bug. That obviously doesn't stop the panic.

Can it be translated and tied to a legitimate communication that got hit by a similar bug?

in reply to j_angliss

@j_angliss So they've done three in simplified Chinese so far, all with an English translation. They're about changes to Lambda in various APAC regions.

I don't know why as we have those regions disabled and nothing in use in them - but I definitely freaked the hell out.



I am constantly shocked at how much we've normalized constant attacks and ransoms instead of just... letting people do security.
in reply to silverwizard

@silverwizard Got it, I was more asking about the normalization you also mentioned, but this is good stuff nonetheless.
in reply to Hypolite Petovan

@Hypolite Petovan The normalization is mostly a matter of fighting the process of seeing security as a cost center and underfunding it.

So - the core thing is complexities around risk and access. Part of corporate culture is risk appetite. Corporate culture loves accepting risk, and so security teams kinda don't have a lot of leverage. And that's where the problem is, ya know. I don't know how to fix that.




Google Docs has been randomly deciding to not let me copy/paste. I use Ctrl+C/Ctrl+V and it pops up the popup that tells me I have to use Ctrl+C and Ctrl+V to copy and paste.

This feels like another anti-competitive thing against firefox.

knightly reshared this.

in reply to silverwizard

> Google Docs has been [...] not letting me copy/paste. I use Ctrl+C/Ctrl+V and it [...] tells me I have to use Ctrl+C and Ctrl+V

I've been getting that for months. My solution is to switch to @nextcloud with @collabora as soon as this organization acquires another #SelfHosted server.