Adam @adam@hax0rbana.social

Cantenna building party was a great success. Field testing showed about half a mile range with a stock router and wifi card, running stock firmware and not making any power adjustments. Learned a lot and the one bad antenna that was made has been diagnosed and we know what needs done to fix it.

@dildog do you know if BO2K works on Windows 10? I suddenly have a need for a Windows RAT and it'd be absolutely epic to use BO2K for a demo in 2020.

In related news, Meijer blocks our Mastodon server. I tried going to the web view and it gave me an invalid cert with the hostname "Fortinet". Fortinet does have https inspection. https://www.fortinet.com/blog/business-and-technology/tls-is-here-what-this-means-for-you.html
Checked DNS and the hostname is resolving properly. Looked at the certs that went through without issue and they look legit. Looked at other TLS sites hosted from the house, no issues there. Mastodon.social works fine, so it's not the .social TLD. Interesting...

When the founder heard about symmetric multiprocessing, they said "This is going to change everything! I need to name my company SMP so everyone knows that our watermelons are next level". And thus, SMP was born.

Did you know... that, botanically speaking, a peanut is not a nut, but rather a legume? This is the same family that contains beans and peas. This is because a peanut is not "a fruit whose ovary wall becomes hard at maturity."
https://en.m.wikipedia.org/wiki/Peanut

However, outside of botany (e.g. culinary, research and nutritional purposes), peanuts are totally nuts. Another fun fact: they don't grow on trees #peanut #🥜

I don't know who put this on our fridge, but it's amazing.

Oh, that thing I thought of a while back is possible, and someone has written a paper about it. Cool!
https://arxiv.org/pdf/1909.08703

Android 10 proactively narks out apps that are tracking your location in the background, and provides one-click access to the setting to change it it "only when using the app." This means people can see when apps actually (ab)use this power. So far Lyft, Weather Underground and Ruuvi have all been caught. WU makes a little bit of sense, but the rest... I'm ashamed of you!

Guess I'll have to build it...

I'm looking for a tool to show me where execution deviates in an executable with little effort. For example, if I run `./Foo valid.jpg` and `./Foo invalid.jpg` and we assume this exercises different code paths, what can I use to determine where the runs differ?

Strace is not the right tool for the job. PINtools or DynamoRIO might work, but are very cumbersome (I'd be happy to be shown otherwise).

I want something I'd run like strace/sudo/time and it'd spit out the file and offset of divergence

@wearenameless I really enjoy watching movies with all of you, but we seem to be having issues with seeing hashtags in real time (web, iOS, Android, and on multiple apps). At least some of them come through, but there's a large delay. This makes sense on account of the federated nature of Mastodon, but it makes me sad. Is there some setting that can be changed on our server to speed things up? Do you know of any resources we can go to in order to learn more and troubleshoot it ourselves?

Otvstudios!!! #wearenameless

@wearenameless wow, the pre-game show is fascinating. What is it? #wearenameless

Another +32GB RAM upgrade complete. The time between the machine actually powering off and it being powered on again was 4 minutes, but it took 5 minutes for all the VMs to be shut down properly and about 10 minutes for everything to be restored. Still, 20 minutes of downtime isn't bad for a hardware upgrade, especially since we have redundancy for the most important services.

I just heard about #simjacker https://simjacker.com/ and went to the page that supposedly had details.
https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
They are pretty high level, but eventually I made it to
https://en.m.wikipedia.org/wiki/SIM_Application_Toolkit which has lots of fascinating information. There's a S@T browser on the SIM card! It's a web browser. The web browsers on old candy bar phones, that was running on the SIM, not the handset. Some implementations can reportedly handle JS and CSS3. So much potential there...

Upgraded a server from 32GB to 64GB of RAM. 5 minutes between when the shutdown command was run and the machine was being powered on again. All services online and ceph cluster recovered in just under 10 minutes. I'm getting better at this sysadmin thing. 😄

I just made the most glorious typo: hackup instead of backup.

I learned so many arbitrary things lately. Like that the name of "shift" key comes from typwriters which physically shifted the bar to use the other letters and "caps lock" is similar except it was originally called shift lock. Some old computers had shift lock instead of caps lock, and some old keyboards mechanically held down (or released) the caps lock button when pressed! It all makes sense in retrospect, but 😮 (and how is mind_blown not a standard emoji? 🙄 )