Adam @adam@hax0rbana.social

LOL, then he tried to bypass the system by posting the same tweet from another account (the official white house account)! Didn't work, that one got the same content warning.

Via https://mastodon.social/@fribbledom/104252196781472817

Nice try, pres. It turns out, we know that trick. Level up your game or GTFO.

Twitter put a warning on some of the President's tweets saying they violate the site's terms of service but are not being removed because they may serve the public interest for the tweet to remain accessible. The tweet is hidden until the user clicks through.

via https://hackers.town/@thegibson/104252105568846650

I had to look and see it for myself. Sure enough, it was there. It's great to see Twitter take a stand against violence, no matter who it cones from.

Fun facts: Alan Turing came up with a mathematical formula to explain how chemical reactions produce spots, stripes and swirls in a variety of mammals. Also, leopards DO change their spots (as they mature), and Turing's formula was not able to account for this. Researchers have since built on Turing's model to explain the transformation. #TIL

Source: https://www.livescience.com/950-leopard-spots.html

Y'all get a heads up early, where it's still an incomplete PoC :-P
https://gitlab.com/adam949/eyeofprovidence

Classifying protocols is just the first step. Prior art (the "spot me if you can" paper) claims to be able to recognize words in encrypted VoIP traffic when a variable bit rate codec is in use. I expect similar tactics could be used to determine what someone is watching on Nexflix, or what they are doing online in general. The only system I have seen which I expect to defeat this analysis is Tor, which uses a fixed packet size. This is done specifically to thwart this type of analysis!

I will be quietly posting the code for EyeOfProvidence soon. It's a tool that analyzes network traffic based on packet size and timing. It should be able to recognize underlying protocols even if they are TLS encrypted or running on nonstandard ports. After about a week's worth of effort, it is doing every well on my test data. We will see how well it generalizes as testing continues. If it does what I expect it will be able to do, it's going to be interesting.

For scale, that's a 4' wide bed.

If you ever wondered how gardens planned, built and maintained by hackers grows... the answer is: pretty well. Those are peas there in the front.

There is going to be a good #NotQuite0DayFriday release soon. Very excited. :-D

Car on the right is legally parked in a handicapped stall. Car on the left is not only not displaying any indication of being handicapped, but they're not even in a parking spot. They are in the reserved area between handicapped spots. Don't be this person.

Amazing property listing: https://twitter.com/frazierapproves/status/1262412849835630592?s=19

I got this from @daniel_bilar@twitter.com:

Apparently #DoomEternal features kernel 0 anti-cheat driver from Denuvo which got "certification from renown[ed] kernel security researchers, completed regular whitebox and blackbox audits, was penetration-tested by independent cheat developers"

I, for one, am excited to hear that the other anti-cheat technologies take shellcode from the internet and run it in ring-0!

"You know what my beard needs? Anti-rust coating!" --No One... Ever

Now it goes to the house of representatives. House speaker Pelosi could add the Wyden/Daines amendment, which we now know would pass the Senate. If you want, you can call her and suggest she do so: 202-225-4965, select option 1 to leave feedback.

This one was a big enough deal that I actually **did** just call and leave a message, instead of just **thinking** about doing so.

Senate voted to renew the Patriot Act. Wyden/Daines amendment to require the FBI get a warrant before looking through someone's browsing history and online activity failed by just one vote. Fun fact: Bernie Sanders didn't show up to the vote (3 other senators were also absent). Had he shown up, he would have voted for the amendment and it would have passed. Credit: News via Evan Greer.

I am sad to see that the Mattermost Beta app in F-Droid relies on undisclosed upstream non-free software. I went to the GitHub project page to learn about how I would build the client from source, and there were instructions to configure a Firebase server (apparently a Google service). I wish it didn't rely on services I can't run myself. :-(

Working a reasonable number of hours, not having constant meetings, and taking breaks when they make sense makes me tremendously more efficient and I think even more effective. There's also been external factors that have significantly lowered my stress at the same time. Overall, it's been a huge positive change in my life. I need to make this stick!

For more technical details and causes for concern, see what Moxie Marlinspike wrote: https://twitter.com/moxie/status/1248707315626201088?s=20

There is talk about using tech to automatically track who comes in contact with whom in order to inform people when they may have been near someone who later was diagnosed with COVID. Sounds pretty good, right? Here's one reason why I am concerned:
https://www.theregister.co.uk/2020/05/04/uk_covid_app_human_rights_parliament/

#Ubuntu 20.04 is out now! https://ubuntu.com/ Some brave soul should update straight away and report back to the rest of us know if it's safe. Just think of yourself as the #RoyalTaster. 🙂