So I’ve mentioned quite a few times that I use a program called newsboat as my primary way to access the internet. I use it to: Subscribe to all the blogs I love to read Subscribe to all the Subreddits that I like to see Subscribe to all the podcasts that I like to listen to (although Castero is good for this too) Subscribe to all the Youtube channels I love to view ...
Disclaimer What I’m about to bring up is not a unique observation, but it does represent something that I deeply resonate with. The idea I’m about to talk about is the subject of countless essays and is even on the wikipedia entry of the topic. Still, I don’t think it’s common knowledge so if there is any chance that I can spread it, I’d like to do that. A God’s Eye View In Lord Of The Rings, there is a mystical artifact called a Palantir. These devices are magical glassy objects that allow users to view events that are far away from themselves. According to wikipedia, these are its’ properties: ...
Did you know that on average a CISO, the executive in an organization that focuses on cybersecurity, has a shelf life of 18 - 26 months? This number has been estimated to be as low as 17 months by other groups. Why do you suppose that is? Easy, because no general can win a war on multiple fronts. I have no numbers to back these claims up, only anecodatal experience: Vulnerabilities are discovered and found on systems faster than Remediation Teams can fix them. ...
The Coolest Hacker Trick I’ve ever learned When I was just a pitiful script-kiddie, I spent hours watching Hak5 episodes. There was something so welcoming about Darren and Shannon explaining basic Linux skills. In this hak5 technolust episode, Darren does something that blew my mind. In the link in the last sentence, watch between 3:46 and 7:10 of the video. He describes a scenario where one of the client devices (in this case, a Lan Turtle) that connects to his vpn server is designated as a “vpn gateway” for all the other devices. ...
A Tip for Python Noobs Hello friends, this article is the next in what is sure to be a long line of quick tech tip posts. In this one, we’re going to talk about one of python’s biggest pain points and how to gracefully deal with it. Python’s biggest problem In the deeply opinionated development landscape, you’re sure to find conflicting advice about what makes a programming language good or bad. I’m not interested in that. What I am interested in is why my programs keep breaking even though the script just worked last week. ...
A Tip for Linux Noobs This article is going to be part of a series where I cover little tips and tricks that some people don’t know, but that make your tech life a little bit easier. Today’s tip? Where do I put my scripts? So when you’re working on writing a little bash script, most tutorials will tell you to just make a directory for the project you’re working on and just write the script there. That’s great for learning, but not good for daily use. ...
The Old web was better I hear a persistent complaint levied by people who have been using computers since Dial-up was a thing. (psssst… kids… Dial-up was an old technology where you gave your computer a phone and it would scream at another computer over the phone in some weird machine language. If you picked up the phone, you could hear them talking.) You can see this argument on: Reddit ...
A Confession So, in my last job, I was banned from using SSH. I’m only kind of joking when I say that. I was something of a network duct-taper. We had networks in different clouds with bastion servers, and weird firewalls and other restrictions that would come out later in testing. My Boss was a badass, constantly developing scripts and tools as fast as he could to answer weird edge cases that some big-wig wanted immediately. The problem is that in this environment of “Move Fast and Break Things”, setting up a proper network architecture was tricky. We needed proof of concepts that could bridge resources from multiple networks. There were official routers that we were given access to, but with things shifting from one cloud to another so fast, and with the routers being more complex than I could mess with without risking a breach, I would often cheat. ...
A Great Interview I recently just watched a great interview by the VulnWise team talking to my personal mentor and friend, Johnny Shaieb. They were discussing the history of vulnerability management databases and covered a lot of interesting topics like: The history of vulnerability databases The value of having an unbounded score Why clients need to focus on the quality over quantity of vulns The history of the fiber backbone that runs the country Etc There was one topic though that I felt I’d like to take a crack at. At the 33:42 minute mark of the video, Steve Carter asked the question: ...
My big problem: If it wasn’t clear by the blog already, I hate social media websites with a passion. I dislike Twitter and Mastodon equally. Facebook is my nemesis, and Instagram is my foe. That said, I have a soft spot for Youtube. Did I say soft spot? I mean, crippling addiction. I love Youtube. Whereas older generations turn on the tv and zone out, I pop open an incognito tab so that I get a fresh algorithm each time and ride the wave. ...