Just a (really can’t wait an entire year…) daily reminder that JD1 is a horrible infosec charlatan and human being who often responds to even the most gentle and fair criticism of his ostentatious claims with malice and pile ons. I recommend you do not follow him, or trust his judgement. It’s not drama, he’s legitimately harmful to our industry credibility.

@stevelord Is tying the PM to the tracks an option?

@bea Agreed. Like I said, "$vulnType in $vulnSoftware" is infinitely better.

@deviantollam Yay!

@kkarhan @paulasadoorian Oh, no, no, no; there are wheel and sensor combinations where the sensors physically will not fit the wheels.

On others, the sensor will fit but the wheels weren't designed with the sensor weight in mind so you'd have to stack weights three or four layers high on the other side to balance... which is ugly... which people who are buying ridiculously expensive wheels for looks don't want.

Source: I worked at a tire shop during the time TPMS systems were becoming standard.

@bea Aside from making exec-types care, this is the one upside to the whole trend of naming vulns.

Yes, it's stupid. Yes, "$vulnType in $vulnSoftware" is still infinitely better. But at least with "log4shell" I have some idea what we're talking about without memorizing numbers.

@nikolawannabe @cardamomaddict
Get a sous vide.

Most people buy them to do fancy stuff with but they also make cooking steak, eggs, fish, chicken, etc. *SUUUPER* easy.

Just set the temp, drop it in, then go do something else for a while. No worries about overcooking as it just holds it at whatever temp you set. Maybe do a quick sear in a pan to finish... which is itself made easier since you won't have any "outside burned to a crisp before center is cooked" issues to worry about either.

@kkarhan @paulasadoorian
Its gotten better now that they've been mandatory for a while and there's been some standardization, but there was a while where fitting a TPMS sensor to a fair portion of aftermarket wheels either wasn't possible or would require a big, ugly, stack of weights to balance out (no go for a lot of people).

Lots of those cars and wheels are still out there.

@paulasadoorian For the first part, depends on the car. Would work fine for systems that use keyed sensors, wouldn't be nearly as clean on systems that use multiple readers and signal strength to determine location.

For the second part; if you glue it up right and get a good seal on the valve, shouldn't be an issue.

With all the promising talk around LK99, I'm just waiting for the other shoe to drop.

"Yes, it's a room temperature and pressure superconductor, but it gives everyone in a 10 meter radius testicular cancer... even the people who don't have testicles"

@da_667 @Viss They're planning to release a whole bunch more info next week.

I saw an early/extended version of the BlackHat talk about a week ago. Bottom line is that it might be *based* on pupy, but it's not really pupy anymore. Definitely some interesting stuff going on.

@dendari "If I have to steal it, it must be better"

#CatLogic

@malwaretech Its spilled over to other ADHD meds too. Was joking with my doctor that they could *technically* prescribe meth or cocaine (both Schedule II, just like all the other ADHD meds) as a troll to the DEA (who are the root cause of the shortage).

I've never done appsec stuff but, since that seems to be what everyone's looking for, I figured I probably aught to learn a bit about it.

This has exposed me to the horrors of "modern build systems" and... holy shit, are the devs alright? I thought my scripts were convoluted and overly complex. No wonder everything's hopelessly insecure, you've built systems that make even the most rudimentary integrity checks all but impossible.

I'm sure there are reasons for all of this, possibly even good ones, but I haven't been able to learn enough to start seeing them because my brain keeps trying to eat itself!

@hacks4pancakes It would be horrifyingly expensive, but a seat from a Pagani Huayra would make a great starting point.

(it would almost certainly be cheaper to commission "that, but as a desk chair" than to buy an actual Huayra seat)

@tprophet China's advantage these days is in already having the infrastructure for large scale manufacturing and export.

This is exacerbated by the fact that while they were tooling up, pretty much everyone else was letting their domestic manufacturing capability rot (or actively destroying it).

Rebuilding domestic capability and capacity is a long, arduous, process that most of the world has only recently started. In the meantime, China has asymmetric influence.

@riskymanag3ment Somehow never had any problems with *MY* NIC... which was why I always ended up spending 90% of the LAN party troubleshooting *other people's* NICs... because, clearly, I must have known "that stuff" (I did not).

@tprophet Not to nearly the same extent.

An absence of cheap Chinese imports would make modern American life all but impossible for the majority of Americans... and, if the last few years have taught us anything, Americans are *NOT* willing to change how they live. Even when it kills them.

@tprophet Why bother invading? Just cut off American's supply of Chinese produced / sourced products, crater our economy and watch the chaos ensue.

@mattblaze Then it will still only go up to toast level 1 (warm bread), because that's all the bundled power cable is rated for. To get actual toast, you'll need to find a power cable with full TPP 2.7 spec compatibility. These look identical to ones that don't and are not marked in any meaningful way.