Don’t get me started on VCARB…. I’m not even going to link that one.

Microsoft’s Dangerous Addiction To Security Revenue – SentinelOne

I want to point out this one paragraph and say, bravo!

They need to throw away this poisonous idea of security as a separate profit center and rededicate themselves to shipping products that are secure-by-default while providing all security features to all customers. I understand the need to charge for log storage or human services, but we should no longer accept the idea that Microsoft’s basic enterprise offerings (including those paid for by the US taxpayer) should lack the basic features necessary to protect against likely attacks.

Alex Stamos

If you use Microsoft products on a regular basis in a professional capacity, you see this tendency of Microsoft to upsell what could be basic security features that any organization should employ to protect themselves. Microsoft’s sales people have a tendency to get excited about, and spend a great deal of time praising, a new Microsoft365 or Azure feature and then when pressed on license requirements, will state after the entire presentation, that it requires either an E5 license or is a separate SKU entirely. “Just upgrade to an E5 license and you’re all set! What’s wrong with you!?” I think they know that if they start by saying “new E5 level feature” people will lose interest.

Many organizations choose E3 because it’s “good enough” but I think the real reason is that its cheaper. I don’t blame them. When you start doing the math the E5 license costs can become intolerable real fast. But what do you lose?

In the good old days of on-prem you had all the logging you could want and the only real cost was disk space, or speed if you chose verbose logging options. You could easily clear that up by rotating the logs. And you want to keep logs. Logs are bread and butter in the security world. Threat hunting and incident response would be a shot in the dark without logs.

Enter Microsoft365 and the Azure cloud, and Microsoft’s premium price tag for logging access. Microsoft Azure logging facilities are terrible and you are subject to changes in the “user experience” that can and will break your workflows. If you want better access to those logs, be prepared to pay a premium. The same goes for simply accessing certain logs for security purposes that you would otherwise easily retrieve on-prem at no additional monthly cost.

Microsoft Defender for Endpoint, the EDR incarnation of their Defender antivirus product, has a threat hunting/incident response feature. If you get the EDR license for Defender you don’t get the log query functionality unless you have an even more pricey license per user.

This is not to mention all the other premium security protections that you have to subscribe to in order to fully secure your cloud tenant. This is the “nickel meet dime meet existential danger” problem of the cloud, where it’s not merely costly and inconvenient, it can have real world consequences as we all wait for Microsoft to admit the next breach that “hit a small percentage of our customers” when said customers could have had faster warning had they only subscribed to Microsoft’s coveted E5 license and paid a small fortune for all the other logging access, a dozen or so SKUs that require a monthly fortune.

Cloud security takes a team of security people, and not just Microsoft’s Security Resource Center.

In the Shadow of Silicon Valley – ZNetwork

I was struck by two things in this Article. The first is how much we’ve been mislead on what’s really going down in San Francisco. The second is just how much San Francisco’s fate is tied to the whims and machinations of the tech-bro elite.

Fast Radio Bursts – XKCD

Finally, a great XKCD strip about noise in the data. We’ve all been there, even the blue team.

So-called ‘smart home’ appliances and gadgets have become an ever-more present thing the past years, with nary a coffeemaker, AC unit or light bulb for sale today that doesn’t have an associated smartphone app, cloud service and/or subscription to enable you to control it from the beach during your vacation, or just set up automation routines to take tedium out of your busy schedule. Yet as much

Source: How To Build A Fully Offline Smart Home, Or Why You Should Not

Why Not Use All Three Browsers At Once?

Because I’m a masochist I’m literally using FIrefox, Chrome, and Edge (also Chrome) for various tasks. I have intentionally left ad filtering off for both Chrome and Edge and oh boy is this gonna be fun!

Microsoft® is modifying your keyboard. Can you guess what they’re doing?

Microsoft® is adding a new key to PC keyboards for the first time since 1994 – Ars Technica

Microsoft® is adding a key for Copilot®. I think I’m going to stick with what I have and maybe just continue using Linux?The Windows® key was okay I guess, but adding a new “Copilot® key” just tells me they’re going to force Copilot® on everyone.

Security Is Everyone’s Responsibility

23andMe: “Negligent” Users at Fault for Breach of 6.9M Records (darkreading.com)

I can understand where 23andMe’s lawyers are coming from. Their bias is to their client (or employer). I’m not saying that the company’s response to the class action lawsuit against them is right. In fact I think it’s utterly typical “corporate personhood” BS. At least they said something this time and didn’t just “stay silent” against the naysayers.

I also feel that the thing highlighted below in bold proves how far we in the cybersecurity sector have yet to go.

“Everyone should know better than to use an unhygienic credential,” says Steve Moore, vice president and chief security strategist at Exabeam. “But at the same time, the organization that provides the service ought to have capabilities to limit the risk of that.”

23andMe: “Negligent” Users at Fault for Breach of 6.9M Records (darkreading.com)

Everyone SHOULD know better. Everyone should know that the best time to deal with a security breach of your account is before it even happens. Not just “assume breach” but actually prevent the breach in the first place by using multifactor, considering hardware tokens, biometrics, passkeys, etc. Just keeping your stuff up to date is only part of the picture, you MUST remain vigilant. Not a paranoid type of vigilant that Hollywood and the news media, and even some cybersecurity companies LOVE to take advantage of (just look at the whole “juice jacking” hype). Just basic things like not re-using passwords, and using long passphrases (with spaces) goes a long way.

And we should be doing this every day when we have conversations with people. We should be educating people and also following our own best practices to boot.

Facebook introduces another way to track you – Link History | Malwarebytes

No really. I’m shocked. Shocked I tell you. Go to the article for instructions on how to control this.

ChatGPT bombs test on diagnosing kids’ medical cases with 83% error rate – Ars Technica

I do have some concern that people could be using ChatGPT for life advice though. It shouldn’t just be concern that people might be out of a job that drives this research. The amount of harm that could already be happening even with guardrails in place is something that should give everyone pause.

Awesome AD Alert!

DO NOT STICK THINGS INTO ELECTRICAL OUTLETS!

I REPEAT! DO NOT STICK THINGS INTO ELECTRICAL OUTLETS!

Is this a war game or an erotic dating sim?

TTFN!

Google Groups is ending support for Usenet to combat spam – BleepingComputer

I signed up for a free Usenet service a while back with the intention of accessing it with Mozilla Thunderbird and see if newsgroups were still useful as a communications medium. After an hour of viewing what has become of Usenet, at least the alt newsgroups, I can very much understand why Google Groups made this decision (strangely enough I thought they stopped supporting Usenet a long time ago but I digress).

Usenet has many of the same problems that email does, with the added bonus of being even more distributed in a “one to many” way of message flow, by design if you think of it as a forum (it is). Usenet’s cracks are too big to patch and smell of rotten spam. There’s better ways to have discussions on the internet now anyway and I just don’t think there’s reason to go back unless everyone wants to content with an overhauled system when they might as well use something like the Fediverse (Mastodon, Firefish, etc).

Usenet was a springboard in the early Internet, but like Gopher, FTP, etc, we’ve evolved passed it.

AI is capable of running entire companies call center scams now.

The source of the image above is here, and yes this is a fax/call center scam site: https://webenvy.io/?page_id=2808

Remember when Mozilla made a web browser? – jwz

I see a possible future where our interaction with data on the internet is through language models exclusively. You will have no choice because your browser will require it and all the open source browsers with poor market share will also not work very well with the new web standards. “WebAI” (let’s just call it that) is on the horizon and right now its looking outright dystopian.

Mozilla pivoting to AI and possibly ditching Firefox? Firefox already has usable forks but what does that really mean for the future whenever everyone is using Chrome (Google) and Edge (Microsoft), content and ad delivery systems with baked in tracking and AI disguised as web browsers?

I think the answer is be aware of this and keep pushing for open source that isn’t tied to a major corporate name.

Enjoy this picture of the late war criminal Henry Kissinger picking his nose.

VMWare’s Takeover By Broadcom: “The Employees Better Moo If They Know What’s Good For Them“ – Some Trash Executve Mother****er – Forbes (link title mine)

I use VMWare workstation extensively in a professional capacity and prefer it over Oracle Virtualbox. Hyper-V is good only if you want to use a windows OS as a guest and have any hope of quick desktop interaction with no fuss.

This news article disgusts me on a level that makes me say I’m now going to be re-evaluating my primary VM solution for professional work. I don’t think I can approve this sort of disgusting executive behavior by voting with an upgrade that I need to do soon to workstation.

My original post on infosec.exchange.

AI Fanart

Here’s some randomly generated AI fanart that’s sure to cause whatever model that sucks up the images on my blog to start hallucinating.

TTFN!

Search Engine Optimizaaaaaaaation……..

The birth & death of search engine optimization – Xe Iaso

I personally think of SEO (Search Engine Optimization) as a result of Google’s “algorythmization of search” where it became harder and harder to game relevancy because early tricks to get a business seen online didn’t work anymore. SEO is the primary tool in a war between a closed ad market and its customers. An entire industry sprung up to play a game of cat and mouse with Google. I thought that SEO would die when Google figured out how to cut it off at the neck, I didn’t think AI would save it, but it is. And we are all worse off. Money finds a way.

And now for some AI generated imagery.

I’ve been experimenting with various image models using Invoke AI and I occasionally get some pretty cool results. I claim no copyright to any of these so do with them whatever you like. Have fun with the prompts.

Prompt: skull table wine
Model: Openjourney
Seed: 2951802346

Negative Prompt: brando
Model: Openjourney
Seed: 2342205097

NOTE: Sharing this because HOLY SHIT GETTY IMAGES!!!111

Prompt: fairy under glass
Model: Openjourney
Seed: 828184841

Positive Prompt: human face, cyberpunk, female, cheerleader, pout, angel wings, circuit board
Negative Prompt: render, robot, photo realistic, tattoo, cybernetics
Model: Openjourney
Seed: 1437612319

Prompt: A neuron spreading across a microchip.
Model: Stable Diffusion 2.1
Seed: 3428012634

TTFN!

Chrome/Chromium Emergency Patch

Another day, another emergency patch for the most popular browser family. As of this 10:30 AM Central time I can’t tell if Microsoft Edge is involved.

Google Chrome emergency update fixes 6th zero-day exploited in 2023 – Bleeping Computer

Microsoft’s stable channel release notes very briefly had a November 28th update saying they’re aware of the vulnerability but now that blurb was removed.

File Under Reasons Why Rebooting Fixes Things/And I Miss Windows 2000

This is more true with Windows I think. If you make a major config change and something doesn’t work, give it a reboot. At least you don’t have to restart after changing an IP address like the bad old days of Windows 2000, though I think Windows 2000 was a damn fine operating system.

Sometimes I look back to Windows 2000 and miss the simplicity of an operating system that was an operating system and not a consumer journey experience platform, thing, like what we have now.

… So anyway I switched to linux…..

NASA Computers Were Hardcore

https://history.nasa.gov/computers/contents.html

Good old web page on NASA’s history firing off odd computers into the great unknown. My favorite is the Voyager computers because they’re still kicking to this day.

This is a picture of one of the Voyager’s computer modules. The entire thing was cutting edge for the time, and its architecture not entirely proven.

The second hardware modification to Voyager’s data computer led to a first in spaceflight computing: volatile memory. After the first round of prototype programs, an intermediate hardware design evolved using CMOS ICs⁵¹. This type of circuit is very low powered, fast, and can tolerate a wide range of voltages, making it excellent for space use. Early in the 1970s, CMOS was still relatively new, so it was with some risk that JPL chose the circuits. To go along with the new CMOS processor, the data computer group fought for CMOS memories as well. Trying to drive a slow plated-wire memory with fast CMOS circuits would have negated the attempt to speed up the computer. However, CMOS memories are volatile, in that if power is cut off, the data stored in them disappear. The designers of previous manned and unmanned spacecraft avoided volatile memories, fearing that power transients would destroy the memories at critical mission times. Voyager management had to be convinced that the risk was acceptable.

https://history.nasa.gov/computers/Ch6-2.html

But it turned out to be a good risk, and they still get the occasional patch:

NASA’s Voyager Team Focuses on Software Patch, Thrusters – nasa.gov

Already Feeling Nostalgic for DEF CON 31.

After only attending DEF CON online during the covid lockdown, DEF CON 31 was my first time being there in person. The thing I enjoyed most was walking around with some SAO boards I built myself. This adapter is already obsolete but I wonder if DEF CON might bring the modular approach back again next year? Here’s hoping.

TTFN!

Microsoft paid billions for an idiot AI, a prime example.

I don’t think AI is a good descriptor for this. We probably need to start adding N to AI and just call it for what it is NAI (Narrow AI), pronounced “Nay”

https://wetdry.world/@keat/111479034674203372

This is my favorite image from the linked post above.

A man who lacks ethics trying to “help women out” is still a man who lacks ethics.

I don’t know, maybe this could be called the “tech bro” approach to what they think is “charity,” when in reality it is a fundamental problem with their worldview.

Male Tech Conference Founder Is Behind Popular Woman Coding Influencer Account – 404Media – Free Account Required

At least the tech bro admitted it in this case…..

And then totally blamed everyone else, as tech bros are known to do. Because it OBVIOUSLY couldn’t be his own poor decisions right? All that hard work down the drain.

Tech Conference Collapses After Organizer Admits to Making Fake ‘Auto-Generated’ Female Speaker – 404Media – Free Account Required

Yes…. Yes you were… (The tweet is longer but this snippet is so funny.)

I always like this kind of energy.

iOS 17 NameDrop privacy scare: What you need to know – Bitdefender

Just because law enforcement posted it doesn’t mean the threat is severe enough to warrant ImMeDiAtE AcTiOn to disable a feature. To quote the author:

You also need to confirm your desire to share your details via NameDrop with the other person.

Apple built guardrails/guideposts and several layers of protection into iOS. You have to be proactive to use NameDrop. Someone isn’t just going to walk by you with a suitcase full of hax0r kit and steal your dox unless you disable it. This doesn’t mean that there’s not some vulnerability lurking around in the feature, yet-to-be exploited, but mobile phone security researchers will be taking this apart and reporting anything they find on up to apple to be fixed.

The author concludes this brief FAQ/Article with a nod to the human factor, the wetware vulnerability that’s always requires vigilance on the part of the wetware operator to prevent exploitation. The layers of security and guardrails apple built for your protection are useless if you’re careless with your device…

And if you’ve been careless enough to have left your iPhone unattended and unlocked so a stranger can meddle with it, there’s all kinds of trouble they could cause. Stealing your contact information may be the very least of your worries.

Law enforcement could do so much better than to scaremonger, but it’s part of their “we’re keeping you safe folks!” messaging. I’m reminded of this classic image, re-posted here with absolutely no permission given…

TTFN!