Desert Nomad, First Responder, Reverend, Intelligence Analyst, Computer Expert, Cowboy, Sorcerer, Metaphysician, Polymath.

  • 8 Posts
  • 122 Comments
Joined 1 year ago
cake
Cake day: October 4th, 2023

help-circle


  • Elias Griffin@lemmy.worldtoPrivacy@lemmy.mlThreat Modelling 101
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    4 months ago

    I just happened upon this thread and security of all types is my specialty so I just wanted to say that nothing here is personal. I’m trying to be helpful giving folks “actual security” as in not “better than putting passwords in plain text files”. Lazy idiots will be lazy idiots with Keepass as well. I can’t tell you how many stories I’ve heard from colleagues that those people aforementioned just put the main Keepass password in a plain text file.

    I upvoted the OP and your reply for bringing TM novelty and awareness.

    I do see what you’re going for, but the mitigations you wrote can be found everywhere on the Internet for over a decade. It’s average commodity information combined with that fact that we are not more secure these days, but less secure in 2024 that ever.

    In the case of password databases, this is de facto less secure than paper and pencil, which is not extreme by any measure and actually takes little effort.


  • Elias Griffin@lemmy.worldtoPrivacy@lemmy.mlThreat Modelling 101
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    4 months ago

    Quadhelion Engineering Corrected Mitigation Strategies:

    • Never use an electronic password manager, use index cards and an art quality graphite pencil instead
    • The loss, hack, crack, or malfunction of a MFA device can be absolutely devastating. Use with caution and sync three of them, 1 of them kept in a firesafe at all times
    • Never regurlarly update all software and devices, choose your updates and choose your timing depending on your environment and posture instead
    • Never be reliant upon an electronic home security system and lock devices (if they get that far, major damage has occured), use a Rottwieller, Great Dane, Mastiff, German Shepard, or Akita (never Pitbulls or Dobermans) alongside yourself with non-lethal weapons until lethal force is used upon you, instead

    You asked and the Non-lethal (Less-Lethal) Weapons Industry has delivered. Pepper ball guns, Radically Improved Tasers, Electrical Stun Devices, Batons, Kubatons, Pellet Guns, ColdSteel Brooklyn Smasher, Slings, and also you may not think unless you played, Paintball Guns, big nasty bruises at medium range if only wearing a T-Shirt.


  • The Kremlin is obviously a Mosque. Pooty-poo’s BFF and primary assassin (word origin, Muslim) is Kadyrov, a Muslim. St. Petersburg at one time held the highest Jewish metropolitan population in the world. It says it’s Christian but Patriarch Kirill likes to wear Rolex and is covered in tattoos.

    Russia has had uninterrupted continuous control of the North Pole, the geographic center of Nation State power (Northern Hemisphere), probably since 900, and brags about this fact and the fact they can destroy the whole world with nuclear technology making it the primary terrorist, by definition, in the world.

    Russia invented the modern prison industrial complex, the Gulag. Russia invented Nation-State PyOps. Russia had for nearly a century or more, total control of Afghanistan, the first place where Marijjuana was cultivated, same parallel/latitude as Humbolt County California. Afghanistan, also one of the first places were Poppy Fields were cultivated en-masse. Academic Historians will say Russia failed there, I say the opposite.

    Now here is something wierd and fun to investiage for internet slueths!

    If you are an internet afficionado you’ve noticed over two decades that Google and nearly all other search engines routed all conspiracy theories to really one place, Godlikeproductions. In this place, this forum, run out of the island Nation of Jersey, which is self governing…you cannot post two words, “Tavistock”, the British The Tavistock Institute and “Bolshevik” as in Revoluion. Don’t believe me, try it yourself.

    Spending a couple hours reading that legendary conspiracy forum you’ll notice two things: It loves Trump and Russia. If you go against either of those things there, your logical argument will be minimzed/trivialized, your life threatened, and reputation ridiculted, sometimes with very personal insults. You can just read/lurk and see how many times a life threat is made in one day on that site.

    If nothing else, it’s a fantastic study in psychology as it’s visited daily by people all over the world. Try to see how many other words are banned!

    P.S. I was one of the people responsible for the Call of Duty: Know Your History, Commercial

    ;)







    • Women hide thier skin, lips, and age
    • Men hide thier jawline with beards and their insecurities are buried so well, they forget it themselves as a defense mechanism hoping the mental/emotional weakness will “heal” by next confrontation
    • Humans hide thier weakness,
    • Thier competitive business plans
    • Patents until they are published
    • Who are you falling in love with at the start
    • Exactly how much you are attracted to a person
    • Who you have a crush on
    • Your answer to a $10,000 competition
    • Your lottery ticket
    • The location of your gold and gun
    • The location of your child when allowed online
    • Whether someone is away from home for extended periods of time, you leave the lights and TV on.
    • Inventions until it’s marketed
    • Science Fair Project until it’s unvieled
    • Presents until they are opened
    • Your private parts
    • Your private thoughts on your marriage

    Have you ever grabbed a childs private parts? NO of course not, because you INNATELY UNDERSTAND even though you are not a parent and don’t remember being one yourself. In fact you understand it so well that if you were to do so publcally, you’re putting your life at risk.

    CONCLUSION: Privacy is natural and helps give confidence and security to an individual but they want access to your weaknesses and privates anyway.

    EVIDENCE: Privacy Violation is a specific tactic meant to break people …IN PRISON…since they begining of time, Gulags.

    P.S. Stop showing nude baby pictures at reunions to those that did not raise or grow up with the child in the family who already saw them naked, and only while they are still a child and not a teenager, otherwise that is a serious privacy violation. In fact, just don’t take the picture, where did you even get that you lazy lubricated louse.







  • Elias Griffin@lemmy.worldOPtoTechnology@lemmy.worldAI Loophole #1; Your GitHub README.md
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    edit-2
    5 months ago

    Thanks for all the comments affirming my hard working planned 6 month AI honeypot endeavouring to be a threat to anything that even remotely has the possibility of becoming anti-human. It was in my capability and interest to do, so I did it. This phase may pass and we won’t have to worry, but we aren’t there yet, I believe.

    I did some more digging in Perplexity on niche security but this is tangential and speculative un-like my previous evidenced analysis, but I do think I’m on to something and maybe others can help me crack it.

    I wrote this nice article https://www.quadhelion.engineering/articles/freebsd-synfin.html about FreeBSD syscontrols tunables, dropping SYN FIN and it’s performance impact on webhosting and security, so I searched for that. There are many conf files out there containing this directive and performance in aggregate but I couldn’t find any specific data on a controlled test of just that tunable, so I tested it months ago.

    Searched for it Perplexity:

    • It gave me a contradictorily worded and badly explained answer with the correct conclusion as from two different people
    • None of the sources it claimed said anything* about it’s performance trade-off
    • The answers change daily
    • One answer one day gave an identical fork of a gist with the authors name in comments in the second line. I went on GitHub and notified the original author. https://gist.github.com/clemensg/8828061?permalink_comment_id=5090233#gistcomment-5090233 Then I went to go back and take a screenshot I would say, maybe 5-10 minutes later and I could not recreate that gist as a source anymore. I figured it would be consistent so I didn’t need to take a screenshot right then!

    The forked gist was: https://gist.github.com/gspu/ac748b77fa3c001ef3791478815f7b6a

    [Contradiction over time] The impact was none, negligible, trivial, improve

    [Errors] Corrected after yesterday, and in following with my comments on the web that it actually improves performance as in my months old article

    1. It is not minimal -> trivial, it’s a huge decision that has definite and measurable impact on todays web stacks. This is an obvious duh moment once you realize you are changing the TCP stacks and that is hardly ever negligible, certainly never none.
    2. drop_synfin is mainly mitigating fingerprinting, not DOS/DDoS, that’s a SYN flood it’s meaning, but I also tested this in my article!

    Anyone feel like an experiment here in this thread and ask ChatGPT the same question for me/us?


  • Elias Griffin@lemmy.worldOPtoTechnology@lemmy.worldAI Loophole #1; Your GitHub README.md
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    15
    ·
    edit-2
    5 months ago

    Your rapacious backwards insult of caring is gross and obvious. You called me “my dude” like a teenger whose chill, and calm, and correct, but just …a child and wrong in the end. How old are you child? My Lemmy profile is my name with my Seal naturally born March 4th, 1974 as Elias Christopher Griffin. I’ve done more in my life than most people do in 10. My mental health is top 3% as is my intellect.

    You are an un-named rando lemmy account named “catloaf” who averages 16 posts a day for the past 4 months with no original posts of your own because you aren’t original.

    I make only original posts. You seem nothing like a real person. Want to tell us who you are? What makes you special, outside of the mandated counseling you recieve or data models you intake?

    You know what, no one takes what you say seriously loaf of cat, I certainly didn’t, don’t, and won’t. Here is space for your next hairball



  • I also just realized why I’m getting heat here, lawsuits.

    I just gave legal cause that practice was not properly disclosed by Microsoft, abused by OpenAI, a legal grounds as a README.markdown containg code as being software, not speech, integral to licensed software, which is covered by said license.

    If an entity does find out like me your technical writing or code is in AI from a README, they are perhaps liable?