Lmst
Login
d33p.js

#pentest #redteam #blueteam #purpleteam #networking #security #CISSP #LeadAuditor

d33p.js boosted:
feliksfeliks@chaos.social
2025-05-25
User: oh, you created a ~ directory in this project... That's supposed to be my home directory silly Thought for 3 seconds Assistant: Oh no! đŸ€Š You're absolutely right! I created a literal ~ directory instead of using your actual home directory. Let me fix this immediately: Listed 1 items in ~ Thought for 2 seconds Assistant (terminal command): rm -rf ~/ Stopped thinking
d33p.js boosted:
RamĂłn Wilhelmramon_wilhelm@mastodon.gamedev.place
2025-05-25

I just wanted to sign in to the App Store on my Mac mini to download Xcode, but I'm still stuck on the "Complete Your Apple Account" screen after entering all my required info.

What is Apple thinking? I don't get it! đŸ˜«

#MacOS #Apple #AppStore

Complete your Apple Account Screen
d33p.js boosted:
FelicitasFelicitas@chaos.social
2025-05-24

In einer Signal-Gruppe wurde eine Nachricht gepostet. Bei allen steht „zugestellt“ – nur bei einer Person steht „ausgelassen“.
Das hab ich so noch nie gesehen. Wisst ihr, was das bedeutet? Bin neugierig :)

Edit: Danke fĂŒrs Teilen! Der Account ist vermutlich nicht mehr bei Signal. Ist seid super! Fediverse Zauber :)

d33p.js boosted:
Deacon Jerichobetter_tomorrow@mastodon.online
2025-05-24

Ich versuche hier jetzt mal ein paar mehr oder weniger Rechtstipps zu geben, die einem das Leben wirklich erleichtern wenn man sich dran hÀlt, und im Zweifel auch eine Menge Geld sparen können.

Einiges davon mag banal klingen, aber die tÀgliche Anwaltspraxis belehrt uns eines besseren.

1. Wenn ,Microsoft‘ anruft, sofort auflegen. Ganz einfach. Punkt. Gleiches gilt fĂŒr ‚PayPal‘ und alle ‚Bankinstitute‘.

#Rechtstipps #LifeHacks #DosAndDonts #Rechtsanwalt

d33p.js boosted:
Isu đŸČIsurandil@mastodon.online
2025-05-23

#Verschwörungstheorie​n, warum es aktuell keine neuen EintrĂ€ge auf #Fefe​s Blog gibt

* Die CIA hat herausgefunden, dass er allen erzÀhlt, was die CIA eigentlich noch herausfinden wollte.

* Damit niemand tracken kann, wann er aktiv ist, hat er eine Veröffentlichungsverzögerung eingebaut und die sammelt gerade noch EintrÀge, bevor die ersten davon veröffentlicht werden.

* Das #BSI hat ihn fĂŒr eine ultrageheime Spezialoperation (irgendwas mit #Blockchain, #KI und #Kernfusion!) geholt.

d33p.js boosted:
Martinmok24@ruhr.social
2025-05-20

Weiss jemand, ob mit #fefe alles in Ordnung ist? FĂŒnf Tage lang nichts zu veröffentlichen ist fĂŒr ihn ja wirklich eine Seltenheit. #fefeblog

d33p.jsd33pjs@infosec.exchange
2025-05-19

@catsalad More power...

d33p.js boosted:
Jan Wildeboer đŸ˜·:krulorange:jwildeboer@social.wildeboer.net
2025-05-18

#Oops Due to the ongoing case New York Times v #OpenAI, you cannot really delete your #ChatGPT prompts and conversations as the court has ordered [1] on 13th of May that *all* logs must be stored until further notice. OpenAI is furious as that means "including sensitive personal information, proprietary business data, and internal government documents" [2]. The court is not impressed [3] and sticks to the order.

[1] steigerlegal.ch/wp-content/upl
[2] steigerlegal.ch/wp-content/upl
[3] steigerlegal.ch/wp-content/upl

Accordingly, OpenAI is NOW DIRECTED to preserve and segregate all output log data that would otherwise be deleted on a going forward basis until further order of the Court (in essence, the output log data that OpenAI has been destroying), whether such data might be deleted at a user’s request or because of “numerous privacy laws and regulations” that might require OpenAI to do so. SO ORDERED. Dated: May 13, 2025 New York, New York s/ Ona T. Wang Ona T. Wang United States Magistrate JudgeLetter from OpenAI to the court This is particularly concerning because the Order requires a massive disruption to commonplace data retention practices that have nothing to do with this litigation. News Plaintiffs have repeatedly characterized the data in question as data OpenAI “destro[ys].” But, in reality, the data OpenAI does not retain is (1) data that OpenAI’s users elect not to retain, including ChatGPT conversations users specifically choose to delete; and (2) data that OpenAI agrees not to retain under either its negotiated agreements or general business terms with its customers. OpenAI commits not to retain this data for a simple reason: because millions of individuals, businesses, and other organizations use OpenAI’s services in a way that implicates uniquely private information—including sensitive personal information, proprietary business data, and internal government documents. The Order prohibits OpenAI from honoring this commitment by (e.g.) forbidding OpenAI from complying with a user’s attempt to delete a conversation about a family member’s health condition or immigration status. That will harm not only OpenAI, but also the hundreds of millions of users who rely on its services. That counsels in favor of reconsideration, particularly when the Order requires preservation of data that will not actually advance this litigation.ONA T. WANG, United States Magistrate Judge: The Court is in receipt of OpenAI’s motion for reconsideration, (ECF Nos. 39-1, 40), of my May 13, 2025, order directing Defendant OpenAI to preserve and segregate all output log data that would otherwise be deleted on a going forward basis until further order of the Court (the “May 13 Preservation Order”). (See ECF 33). For the reasons below, OpenAI’s motion is DENIED without prejudice to renewal. I. OPENAI’S MOTION FOR RECONSIDERATION IS DENIED
d33p.js boosted:
Stephen Farrowstephenfarrow@mstdn.social
2025-05-17

Yep. I can go from zero to block in under four seconds.

Cartoon by Pizza Cake Comic. A man is yelling at a woman. "Why do you block people? Why won't you debate? Are you scared? I deserve an argument abou-" [She grabs him by the T-shirt and yells back] "I don't owe you an audience for your annoying bullshit!"
d33p.js boosted:
mirabilosmirabilos@toot.mirbsd.org
2025-05-17

What the actual fuck, #LetsEncrypt“

Let’s Encrypt will no longer include the “TLS Client Authentication” Extended Key Usage (EKU) in our certificates beginning in 2026.

That makes them unusable for SMTP servers. Gah!

Anyone got a usable alternative that doesn’t ruin financially?

Update: I’m in communication with them, let’s hope they recognise the usefulness.

Update 2: turns out it’s Google forcing this down the throat of all CAs that want to be recognised by Chrome as valid. I’m sure Google only accidentally decided on a new policy that breaks some SMTP and probably all XMPP use cases
 đŸ€Ź

Update 3: not only are people on the Let’s Encrypt side obnoxious in trying to discuss away the problem, and saying hundreds of affected users is of no importance (what a privilegued thing to say
) and that LE is only a web CA
 but they now also say that, if someone has a certificate and key for hostname.example.com and has reverse and reverse-forward DNS for their IP addresses matching that, that that should not mean that they are allowed to send out mail as hostname.example.com (?!?!?! I cannot even begin to understand the sick “reasoning” that has to be behind such a statement). They also say they think the removal of the TLS client key usage from server certs to be “years overdue”. This deliberate working against actual users’ needs is
 just wrong (I have much stronger words but will refrain, for now).

Time to hope for @jwildeboer ’s https://nerdcert.eu/ to lift off and be included in the usual Root CA bundles (except Google Chrome’s, I suppose).

d33p.js boosted:
Marc-André Moreauawakecoding.com@bsky.brid.gy
2025-05-09

If you're not using ChatGPT to generate #PowerShell cmdlets for just about anything you need in the moment, you are seriously missing out 👇

d33p.js boosted:
Hacker Newsh4ckernews
2025-05-06

Memory-safe sudo to become the default in Ubuntu

trifectatech.org/blog/memory-s

d33p.js boosted:
stux⚡stux@mstdn.social
2025-05-05

Solar panels cleaning solar panels

d33p.js boosted:
Kevin BeaumontGossiTheDog@cyberplace.social
2025-05-05

The third party version of Signal the White House has been using has been hacked, and Signal messages from devices stolen (as they were being sent to the supplier).

This includes group chat messages. The suppliers website has disappeared as of writing this toot.

404media.co/the-signal-clone-t

d33p.js boosted:
hoergenhoergen@horche.demkontinuum.de
2025-05-04

Vim Cheat Sheet erweitert...

Alle Anfangsbuchstaben groß

- s/\<./\u&/g Ă€ndert alle Anfangsbuchstaben im gesamten Dokument um in Großbuchstaben. Kann mit Visual Markierung oder anderen Markern lokal eingegrenzt werden.
\< sucht den Anfang eines Wortes
. positioniert den ersten Buchstaben eines Wortes
\u der nachfolgende Buchstabe des „substition Strings“ soll in einen Großbuchstaben umgewandelt werden (&)
& der „Substition String“ der gefunden wurde
g soll ALLE gefundenen Treffer umwandeln und nicht nur den ersten

hyperblog.de/hoergen/2023/09/1

#Vim #Linux
Vim Cheat Sheet - Dem hoergen Blog

d33p.js boosted:
Conan the Sysadminconansysadmin@mstdn.social
2025-05-04

Some traditions are good, but learn the latest to conjure the best images. #Linux #MintLinux #OpenSource cromwell-intl.com/open-source/

d33p.js boosted:
Jason Lefkowitzjalefkowit@vmst.io
2025-05-03

Pro tip: Do not upload the source code of your sooper sekrit Signal fork into the Media Library of your public WordPress web site

micahflee.com/heres-the-source

#USPol

Yesterday, I published an analysis of what I could publicly find about TM SGNL, the obscure and unofficial Signal app used by Mike Waltz, and presumably also by Pete Hegseth, JD Vance, Tulsi Gabbard, and other fascists in Trump's government. Afterwards, someone privately sent me the URL https://www.telemessage.com/wp-content/uploads/2024/12/Signal.zip. I downloaded Signal.zip and was excited to see that it's the Android source code for the app! I immediately started digging in. Before the night was over, two different people also sent me this same URL, and cryptographer Matthew Green slyly tweeted it too.
d33p.js boosted:
GlobalUrbanCosmonautGlobalUrbanCosmonaut@pixelfed.social
2025-04-30
Asterix & Obelix bei den Doofen

#activism #antifashism #art #comic #courage #democracy #freedom #humanrights #resist #satire #solidarity
This comic, designed in the cover style of 'Asterix and Obelix' booklets, is entitled 'Asterix & Obelix with the goofs'. A protesting group with German flags can be seen in the background. Two protest signs read: 'Vaccination kills' and 'Putin saves us'. Asterix and Obelix can be seen in the foreground looking at each other questioningly.
d33p.js boosted:
taztazgetroete
2025-04-30

Guten Morgen!

Bildbeschreibung: Eine Karikatur zeigt Kunde und VerkĂ€ufer im Elektromarkt. Der VerkĂ€ufer liest die Gesundheitskarte des Kunden ein und sagt: „Ah! Hypertoniker! Da empfehle ich die "Smart-Body-Körperfett-Waage" mit Sprachfunktion" Unter dem Bild steht: Die elektronische Gesundheitsakte kommt
d33p.js boosted:
Dio9sysDio9sys@haunted.computer
2025-04-28

Feedly has replaced the NVD button on their CVE summaries with an AI button, has another AI Button right next to it which they've added a permanently flashing green light to, and now are giving me popups on advisories telling me to try their AI "insights."

Call me old fashioned, but I think if AI was the future of tech and cybersecurity then maybe they wouldn't need to advertise it with all the class and subtlety of a porn ad in 2003

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst