Pinned post
Pinned post

Verifying myself: I am
@drwho in the
Fediverse.
BEGIN KEYBASE SALTPACK SIGNED MESSAGE. kXR7VktZdyH7rvq v5weRa0zkFLUiWS VPZ3U48F7ZtSgPj wefiNd7VuwhcPTR twvzOMIJnFa45ac 9x1UEDMIjFcn3nq u7Rlldjihk74ohS IGKUECH96urnVF1 gn7wM6ahu9MJY9m yvwzo8IX6Lq6cpz z4ALlqryKh5mHwX cJPmbQ5dBsHgbq3 i6cEnn0SUl8P3Ka t0p8kNuM9eWM4P0 eg8WT2QiaRGsAbz 4itKIoK47onnbZg 1E2xCGNDevM3J9s SBF2Sd9grU14k. END KEYBASE SALTPACK SIGNED MESSAGE.

Pinned post

@packbat

Do what thou Wilt shall be the whole of the Law.

Infragard for laybeings:

Infragard is described as a public sector/private sector partnership (part of the FBI, though I don't know off the top of my head which one) where they share intel pertaining to information security with active security professionals. This means, you have to work for a company which is in a fairly important field, such as aerospace, a tier-1 or tier-2 ISP, finance, or software products. I worked at NASA at the time, and later went into fintech. Both times I had to join Infragard because I did information security as my job. When I worked as a pen tester for a consultancy, it was before Infragard existed, otherwise I'd have had to join.

Yes, I had to undergo a background check. They want to make sure that members work for established companies, actually do security work, and don't have any connections to criminal groups that would try to misuse the information (at the time it was Russian organized crime they were worried about).

Being a member of Infragard means you get access to bulletins a couple of weeks before the information goes public. Most of it is under Chatham House rules - you can use it, but you can't say "I got this from Infragard."

Unfortunately, most of this information is between three and six months out of date. If you do even a minimal amount of proactive intel gathering as a security practitioner (run honeypots, read your server logs manually once or twice a week), or have any kind of intelligence system in place () you'll scoop them easily.

Supposedly they have classified infosec intel that they disseminate, but I've never seen any of it. If I had, common sense says I'd stay the hell away from a site like hackers.town and not say a damned thing about this tempest in a teapot.

Infragard has periodic members-only meetings where they talk about stuff going on. The group nomenclature /APT [0-9]*/ was first brought up during some of these seminars. Once in a great while a speaker will bring up something timely, but most of the time the meetings are pretty much a waste of time. Most of the ones I went to had to do with security policy compliance (meaning, "Did you follow all the steps in $handbook to lock your shit down?"), logging and analysis, that Windows XP wasn't going out of support just yet (at the time), and stuff like that. It's usually two or three speakers with an MC from Infragard while the rest of us sit in uncomfortable plastic chairs drinking crappy coffee and eating more-than-halfway-decent bagels and muffins for breakfast.

Yes, I had to wear a suit to attend. Highly uncomfortable in the DC metroplex in the summer, I can assure you.

No super-secret info, tips, or tricks were given out. I wish. It's all stuff that you'd know anyway if you'd ever been a system administrator. Hell, most of the people there weren't even techies, they were policy wonks. Quite a few times I was the only person there who actually worked /with/ and /on/ computers in any capacity. I was certainly the only person there with long hair.

For the record, if you want the High Gibson 0-day intel, crash a room party or two at Defcon or HOPE. That's where the good stuff is.

Infragard does not solicit, demand, or even request intel from its members. Everything was push (they tell us stuff), not pull (we tell them stuff). I doubt they'd even listen to us if we did tell them anything. A couple of times I spoke to presenters during breaks to correct them, because their knowledge of something was incorrect (see above remark about doing proactive infosec stuff) and either their eyes glazed over or they "Well, actually"'d me.

It's nothing really impressive if you have a technical background. Most of the time you'd be bored out of your mind, unless you were a checkbox-checker that did C&A (certification and accreditation) work (which is NOT actually testing security, it's asking questions on a checklist, only about 1/3 to 1/2 actually have anything to do about actual infosec; but that's a rant for another time).

Ostensibly I'm still an active member even though I haven't logged into the Infragard portal in about three years, though I still get the e-mails (I currently have over 200 in a folder, unopened, because most of the information is simply useless), and I can't be bothered to sit on the phone for three hours until I get through to a human who can unlock the account I never log into, anyway.

At no time, to the best of my knowledge, were any of us questioned about things we knew about or did. We were never even asked about stuff we saw going on in our own networks. I certainly wasn't, and I saw a lot of shit flying around on the Net at the time. Nobody ever told (or even gently suggested) to any us to keep an eye and ear open for anything interesting happening on Twitter, Facebook, or anything else. Hell, at the time Infragard didn't even seem to know anything about Lulzsec's shenanagains at the time, nor did any of the other members I talked to at seminars. I was the only person in the DC Infragard chapter who did, because I'd tasked part of me with monitoring the situation.

If the FBI /did/ want to monitor the Fediverse... well, pull up your profile and hit View Source. You'll see an RSS feed for everything you post. Here's mine: hackers.town/users/drwho.atom

tl;dr, they could surveil the Fediverse with a feed reader or even a shitty Perl script. No NSA magick required. Not even an account on that instance is required. So, there would be no point to standing up an instance for the purpose of surveillance.

Ask me anything I forgot about. I'll answer honestly and to the best of my ability. If I don't know, I'll say "I don't know."

Love is the Law, Love under Will.

The Doctor boosted

on the internet, no one knows you are a kitten

unless you tell everyone, like i do!

The Doctor boosted

I asked this question because I was working on my new fancy status page for my home server, please go look at it I spent a whole day on it 🥺
http://hestia.hosts.alm.website/

RE:
https://mk.nixnet.social/notes/8qx9n8xlu6

Show thread
The Doctor boosted

I poke fun at Canada a lot, but it comes from a place of love.

You guys are the sane neighbors in the apartment above the meth lab... and I'm just glad you are there.

The Doctor boosted
The Doctor boosted

Art people of Mastodon: any recommendations for books or other resources on learning color theory? Boosts extremely welcome

The Doctor boosted

How to shut down libertarian pro-corporate-freedom talking points:

If it wasn't for the EU mandating USB compatibility, we'd still live in a hellscape where every single new cell phone, even by the same brand, has a different charging connector. They weren't gonna fix it themselves, they profited off it and we paid for it. End-user-oriented and environment-oriented regulation fixed it and we're all better off.

The Doctor boosted
The Doctor boosted

I've been working on this for three months and it's finally done. 78 pages on the history of leather, sluts, and families at US Prides, from 1965 to 1995. Includes background on Pride as a polyvocal celebration and leather as a queer subculture; multifarious sexual and gender expression at Pride; the Lesbian Sex Wars; reaction from the right; and the interplay of radical and normalizing forces within LGBTQ activism.

aphyr.com/posts/358-a-history-

The Doctor boosted

Hey, friends of the Fediverse. Just because I'm curious, what's your eye color?

Boosts appreciated for sample size <3

The Doctor boosted
The Doctor boosted

personal websites are awesome! heres a page describing a novel technique about how to make some nice black ink! #inkpunk simplifier.neocities.org/irong

The Doctor boosted

asking for money help, boosts needed :boost_ok: 

hello!

i need $60 for groceries and $80 for medical weed ($140 total)

i've been trying to do freelance video editing and/or find a job as a video editor, i can't work anywhere facing the public because i have asthma and catching covid is a major health risk for me

paypal: paypal.me/v33b33

cashapp: cash.app/$vantablack420

venmo: venmo.com/vantablack420

thank you so much for saving my life multiple times and continuing to keep me alive, fediverse!!! :black_sparkles: :blacker_heart:

#MutualAid #TransCrowdFund

The Doctor boosted

If you have some spare, would you please send some cash @magicalmilly 's way? They were unable to work last week thanks to Hurricane Nicholas, and they're getting jerked around by unemployment, and their birthday is next week, and ... they could just use something nice in their life.

ko-fi.com/magicalmilly
paypal.me/emmilner

The Doctor boosted
The Doctor boosted
The Doctor boosted

♫ Oh-a oh-a
They took the credit for your second symphony
Rewritten by machine on new technology
And now I understand the problems you could see ♫
youtube.com/watch?v=W8r-tXRLaz
#music

The Doctor boosted

Bitches will see a trans man make a single angry post and start talking about how Testosterone is an evil toxin that poisons your body and how trans men should acknowledge that our HRT makes us aggressive and that we should practice kindness becouse aggression is a cis male trait and if we want to be better than cis men we're not allowed to experience negative emotion.

Show thread
The Doctor boosted

pedantry 

has an empty action attribute for a form tag always been a no-no? I've been using it for "submit to the same URL we're at" for a while. What's a good non-empty thing to put in there? # "works" but I have a habit of clicking the address bar and pressing enter if I want to reload the page but make sure to do it with a GET instead of a POST, and doing that with a URL with a fragment ID doesn't actually reload it. Maybe an empty query string?

?
I'd rather not try to set it to something specific to the page. Like: action="thispage.cgi" or action="/cgi-bin/thispage.cgi" or even something like action="$0"

The Doctor boosted

When you take a pill, do you

The Doctor boosted
Show older
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.