Septimaeus

joined 1 year ago
[–] Septimaeus@infosec.pub 9 points 6 hours ago* (last edited 6 hours ago)
  1. DNS resolver, like pi-hole, unbound with adguard, diversion, etc.
  2. RMS server: a lot of Remote Desktop software has the option to install a listener on a low power device elsewhere on the network that can use wake-on-lan to access computers within the network without keeping everything on 24-7.
  3. Log aggregator: would be useful for anyone who troubleshoots stuff regularly, but historical info of any kind can come in handy.
    Simplest form might be a scribe server. Network gear often has an option to send logs to a particular URL, so if you added the scribe server IP/port to the field you’d have historical network logs.
    Additional loggers could also be run on-device, such as a wifi connectivity checker or a Fing server.
    If you have a smart home setup, you could also log state data or energy monitoring history at a particular interval, or run a homebridge or homeassistant instance.

Edit: list subitem formatting messed up

[–] Septimaeus@infosec.pub 2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

That’s the highest Scoville rating I’ve seen on a USB stick

[–] Septimaeus@infosec.pub 1 points 2 months ago* (last edited 2 months ago)

Yeah other commenter was incorrect. They’re sold with only a basic collection of first-party apps (even the carrier locked devices, so far).

To get one with third-party apps pre-installed requires special provisioning meant for employee work phones. (If you come across one of these in the wild, ask the seller to reset in front of you. If the bloatware remains, odds are the device was recently stolen.)

[–] Septimaeus@infosec.pub 9 points 2 months ago

Not all but most, yes. But TBF, sites that still function with JS disabled tend to have the least intrusive telemetry, and might pre-date big data altogether.

Regardless, unless the extent of a page’s analytics is a “you are the #th visitor” counter, all countermeasures must remain active.

[–] Septimaeus@infosec.pub 2 points 3 months ago

Same (AdGuard) I meant like I’d consistently get all of the first page of results linking to hyper SEO clickbait sites / AMP links / Adsense affiliates (think multi-page/gallery/click-through articles and low quality content farm sites like CNET, Forbes, Quora, etc) with a smattering of straight up keyword banks, snippet aggregator spam, and chatbot articles full of longwinded made-up nonsense with zero payoff.

Even more annoying was that Google started dumbing down all my searches, regardless of technical detail and specificity, just railroading me into simplistic drivel. Eventually verbatim/quotes syntax stopped working also, and that was the end of google’s usefulness to me.

[–] Septimaeus@infosec.pub 7 points 3 months ago (2 children)

Did they fix it? Last I tried it, all I could get was sponsored content and LLM spam.

[–] Septimaeus@infosec.pub 5 points 3 months ago

Cornucopia (Latin: “horn of abundance”) is an old symbol of plenty.

But yes, I imagine this shot was chosen for its suggestive framing to congratulate the hackers for bullying the bullies.

[–] Septimaeus@infosec.pub 2 points 3 months ago

Concur. Most FERPA violations are similarly mundane snafus.

view more: next ›