#general

How do I get my CISA Actively Exploted Vulnerability alerts? RSS and email

lol miss you reader.google.com

my first RSS feed reader, and many others first

I use Inoreader personally and I like it better than Feedly but yeah nothing is perfect

heya Ellie

Heya, I'm trying not to get sucked into the convo but I couldn't resist with RSS

yeah it's pretty decent improvement over Feedly, but they do have a premium tier which gives you... idk what exactly lol. I don't think I'm on it

me who doesn't know what RSS is exactly but only uses it for podcasts

Yeah exact same kind of idea

I tried, I just google things manually much easier.

RSS can just feed any kind of content like an article from a news site or a new podcast, depending on applicaiton

So for articles instead of a podcast app you just use an RSS Feed Reader

@sinful moon Remember that laptop you helped me fix an aidio issue with? Yah, I fell with it and now it doesn't close all the way. Still detects it closes, b ut it's a bit bent on the screen. Luckily, no screen cracks or anything. Thing is a tank

You possibly misunderstand the intent, lol. This is for subscribing to feeds from your favorite sites to keep track of news as it comes in... not shotgun blast of search results

RSS is still an invaluable tool for infosec news...

I know, it's just I can't be bothered setting it up. I like manually looking for the website or forum (I already have it on the bookmark).

Y'al lhave any idea what I should do with a Lenovo Thinkserver RS160?

You just plug in "Website Name" into RSS Feed readers and it finds the feed for you

Also Ellie rate my dashboard

Not bad, but won't scale with more content

I am oldschool even though I am still young.

...RSS is oldschool but okay

Why Plex and Jelly?

I am even more old school then.

Eh its fine for now then heimdall time

Plex for desktop and plexamp also

jellyfin for android offline movies

Ah

Slightly newer than usenet concerns, but yeah very early 00s

Aaron Shwartz was actually one of the creators

Probably, I mean I personally only check 3 websites to get infosec knowledge.

I am sure it's useful.

Presumably you check other websites for other knowledge though

almost thought u said arnold schwarzenegger

as long as they post new articles, you can have them all in a single UI/site

For daily knowledge only 3. The rest google is my best friend.

which ones

me just using google news and reddit

Legenday figure in internet standards, freedom of information and hacker culture: https://en.wikipedia.org/wiki/Aaron_Swartz

there should be a book or article about all the people i should know about

Hackernews, https://security.stackexchange.com/ and krebsonsecurity if I recall right.

HackerNews is a bit sponsored content heavy for my liking

BleepingComputer is a bit better on those terms and timely info

They post decent things here and there if I am genuinely intrigued I google.

But I would say most of my daily news I get it from security.stackexchange.

Ars Technica's Security Content is amazing when the post it, but I mostly follow for general tech news

I could go on an on about my infosec sources though so I'll most likely refrain

is there any topic u couldn't go on an on about

I used to read ars technica back then.

It's just unfotunate how infosec Twitter crumbled and some are still on there, not everyone moved to Mastadon but enough to matter, and now you're checking multiple stupid apps for this stuff

The influencers are funny though.

You should still imho, still great content.

same with reddit and the weird alternative

I will check it out.

Problem with reddit is everyone there is unhinged.

You can sub to specifically just their security feed, but I like all their content decently

I liked many things about ars technica (around 2013 or so).

Mastadon has a some big names like Kevin Beaumount who moved over to that as his primary

I've been reading since probably around 2006 until current

Sure dropped sites like Slashdot but Ars has been a constant for me

2006, I was way too young to operate a computer.

I was in high school and doing things which I will not describe with my computers c:

2007 I switched to Linux though!

Anyone used Eaton UPS's here?

I began by exploring console hacking forums, where engineers primarily discussed topics like reverse engineering X or Y. I stumbled upon them by accident, but I found the discussions intriguing and professionally oriented.

I literally started googling each term and reading books (from there I got hooked).

Yeah things were quite different getting started in the 00s lol

But yeah so much info and resources out there these days, no complaints

Wifi cracking and similar was one of my main interests in the 00s and loved poking at anything I could get my hands on

Very nice!

I started around 2008-2009, I noticed a lot of people in their 20s and early 30s who were very professional (in those forums). It made a big impression on me, and I wanted to be part of that kind of group. Unfortunately, that culture doesn't seem to exist much anymore, unless it's a closely-knit group.

X509 u are good person and have good advice

good

Still I need to learn way more.

no

I barely know anything despite me sinking thousands of hours into this.

I don’t have any fun Unix workstations but did hold onto this 1999 Dell that I restored and love so much, you may appreciate

Also something something random CDE (lol just in my pictures near the above and relevant)

The first time I remember using Linux was when someone suggested I try Gentoo.

lol

Gentoo is fun.

I'm sure that was a fun time for you first experience

I literally just started experimenting and trying things out.

Yeah I literally only grabbed that for a VM since it's the very last with CDE

GNOME 2 had already taken over as primary but they left CDE for legacy

Nowadays, I stick to Ubuntu because I don't want to bother with setting anything up. I even use the default wallpaper that comes with Ubuntu (same thing with windows).

I've been on Arch since 2008 to present, but for sure use whatever distro fits you best. I'm no elitist lol

Heck yeah, I'd be quite curious abotu the AIX box for sure. May be about time to get them out of storage as they're getting on 20 years old now

Although yeah lol, possibly check caps and any real time clocks before powering on lol

I prioritize functionality and efficiency for my use case. That's why I use both Windows and Linux. When I use an operating system, I expect it to work smoothly right from the start without needing extensive tweaking, unless I have a specific goal in mind that requires it.

I remember the creator of Linux saying something like that too, he doesn't like bothering with distros.

I rather build my system up with only the components I know about and need rather than stripping something down myself

I've been doing this for so long it's pretty trivial to build up from minimal to what I want in no time, but yeah it's not for everyone

I just love to know how any why it all fits together and "why" I need each package

Yeah Arch ARM is pretty decent, not as great support as the full project but neat unofficial thing

Yep, I just spin up Ubuntu Server at work and call it a day lol

The only customization in my setup is the hardware of the computer itself, and even then, it's straightforward. It's a typical workstation machine with ample RAM and CPU cores. Apart from that, the operating system setup is very basic. Ubuntu runs flawlessly and quickly on it. I don't like bothering with changing the wallpaper and things like that. You can even tell by my discord account.

If it works and it's solid, good.

Okay fair, I enable ~/.bashrc colors and rebind Ctrl B to Ctrl A in tmux lol

I understand, it's important to know what's going on.

I'm a bit more into low level OS fundimentals and design. I find it intensely facinating

I enjoy the hardware stuff, but honestly as long as I have decent specs for gaming I don't care too much. Sorta try to keep pace but less interested than the software side of things myself

There was a time, no kidding, when I was coding on a barebones IDE, like really stripped down. When it broke, it took about three days before I finally decided to fix it. In the meantime, I was literally coding the old-fashioned way, using Notepad.

I like low level stuff, very much.

I did try playing games once, it's not for me.

lol I do most of my coding in (n)vim to this day, unless it's a larger project then I will bite the bullet and use (VS) Code

doubt, you at least use vim I would suspect

Yes and nano too.

no, who uses nano when (n)vim exists lol

I do when I am bored on when sometimes breaks or not available.

I kid, who experienced with terminal I mean

I also use echo like line by line (due to ctf's).

Some really like emacs.

Fair enough, even me moving to neovim was a slow and begrudging choice, and I still am symbolic linking my ~/.vimrc to ~/.config/nvim/init.conf to this day for legacy reasons lol

Trust me it too me forever to move from urxvt to Alacritty and from screen to tmux

It has like over 1200 default keybinds on a single setup (without modifications)

It's insane just thinking about it

I use gnome terminal (the one that comes with ubuntu).

Nah I am still all about screen, have a deep personal love for it. But yeah did eventually make the switch myself. Does have many useful improvements

Not GPU accelerated like Alacritty

I do love screen

old tech

can't use tmux

too hard

Why would you need gpu acceleration for a terminal?

So I was just told that the cyber security job market may have reached the bottom of the valley, and it may already be climbing up again. Would y'all agree with that assessment? If so, I'm hoping to land a job during the summer.

I have to read about it.

Extremely fast, not limited to 60Hz

Be unique and next level.

Watching something compile at 165Hz is kind of insane lol

Older terminals kinda lag in terms of that output

and yeah screen and or tmux are must learns

I simply alt-tab and read something in the meantime. I don't think Wikipedia running at 165 Hz is that different from 60 Hz (maybe I don't know).

if you ssh even somewhat often is basically required for sane persistance

Well yeah, but I'm hoping we start seeing signs that the job market is improving.

oops your ssh session disconnected... but your screen or tmux session is there to reconnect to

I mean sure but at the end of the day you can't really do much about it aside working on your skills.

So only focus on what you can change.

Nah UI stuff is honestly nearly bigger game changer for high refresh rate than gaming

Not sure if that motivates you but the average cybersecurity talent is quite lackluster. You can easily go above and beyond.

Never tried to be honest.

Every single UI element, window, scrolling action, everything is nearly x2.5 as smooth as on 60Hz

I'll just say it's wonderful c:

especially in Linux

As long as the computer itself is fast with high specifications, I can practically work on a potato setup no problem.

So yes scrolling through Wikipedia is actually materially better at 165Hz as on this display lol

I am sure that's true.

But knowing me, I probably will never try it.

That's what I've been doing. My only challenge is trying to learn how to write a professional pentest report. I don't have the funds to learn it through the OSCP. I've seen some that are public, but it's all Greek to me.

I get your meaning though, Wikipedia doesn't need it, but nice when your entire OS is that high refresh rate

Read the professional penetration testing reports from companies and understand their approach by creating well-written Capture The Flag (CTF) write-ups on your side.

Possibly try Incident Report on a more blue team focus as that's a bit more accessable, although fair, not sure what incident you would report on lol

Just kinda got my start at work pumping out some incident reports for not great stuff I saw and was praised for it up and down

To be honest, I don't really need anything beyond a 60Hz refresh rate. I don't play games and don't require such a high refresh rate. I tried gaming once, but it wasn't my thing. So even if I do end up playing games occasionally, I'm confident that 60Hz is way more than sufficient for my needs. It's intriguing though.

Just don't hesitate for 120Hz if it comes up, it is a game changer just for the fluidity of UI and window management alone

But totally fair, I'm bias because not only am I a gamer but also a rhythm gamer where high refresh rate is a very huge deal

165 hz is insane I can verify that

Game changer from 60hz

u can't go back to 60hz everything feels so slow

I only got my second monitor about 2 months ago, which is the first time I've ever used one (second monitor) (that's the kind of person I am).

Totally fair, second monitor is already a huge win, so can't complain

another thing that's hard to go back from

Yes, I agree, I kind of destroyed my alt-tab keys over the years.

Nah I have all 60Hz stuff in work from home setup, bah use what you have

unless you have a tangiable reason to upgrade

I just did for personal use

phone and tablet are 120Hz, OLED TVs are 120Hz, gaming laptop is 165Hz

You can tell instantly I can promise you

Why would you need your phone to be 120hz?

You play games on it?

what is your primary interaction with your phone? Scrolling

what feels x2 better at 120Hz? Scrolling

I only use it to call people, that's about it.

I barely charge my phone.

Fair enough, I read too much wikipedia and infosec articles on mine lol

That's reasonable.

If you don't know it's 60Hz lol. But I'd just look your model up on one of these Android phone stat sites

I play chess on mine and listen to music

I got an Iphone 15. Once I saw the manual for the iPhone , I thought to myself, "You know what? I'll just use this for calls, and that's about it".

you can find it in settings but not easily at all

What kind of music?

also if it's exposed in settings instead of dev settings is dependant on your android phone

Too many settings nowadays.

instrumental mainly

Never enough settings for me

I like apple stuff, you unbox it, turn it on and it's up and running.

Very nice, I mainly listen to classical music (if I have time).

I unironically have switched to Apple mobile devices after more than a decade of heavily cutomized Android phones. Yeah no real complaints for the same reason.

I don't need to do emulation and other wild tasks on my phone, I have a computer for that

However you do need to instantly dig into iOS settings to actually have sane security setup and not giving tons of data to Apple

Hi

iPhones are amazing. They just work very well, and I've never had any issues with them.

I am new and had a question. Hoping someone can help

Just yeah lol check your iOS privacy settings and etc, enable App Privacy Reports if you haven't

I don't think I have ever installed an app on my phone. Maybe youtube once.

Go ahead and ask, alwasy best to!

I will check it out.

I’m in the day in the life junior associate

This will generate pirvacy reports on even your Apple Apps. Every URL call and more

I don't see the point in my case.

Why dont' you just use a dumb phone?

Can’t figure out an answer to move on

32GB ECC Ram giving me issues in 128GB Quanta?

32GB PFSense ThinkServer

https://tenor.com/view/stonks-up-stongs-meme-stocks-gif-15715298

I really like the color of the iPhone 15, especially the natural titanium shade (the color).

Well iphones in general.

We'd need info on which question specifically, however if this gets buried #room-help is the place to post this specific question

Yes but I only use them on my computer.

I love my purple iPhone 14 Pro. Literally my first ever iPhone lol

I also use messages to get otp, mfa and so on.

It's a beautiful color indeed.

What is the flag that you obtained by following along?

I posted it in the room help as well

When it comes to customization, the iPhone color is pretty much the extent of what I'm willing to personalize.

I still have the same wallpaper that comes from factory.

Apple has great taste so I usually let them do the choosing.

I hate to say it as someone who was all about customizing everything visually in my teens but yes. I just use Apple default themes and wallpapers

I’m still using Monterey purple background on my Mac Mini, just for that lovely purple

They are awesome.

If it works, it works.

I see, you can groceries from your local supermarket?

That's next level.

I see, I never tried to order anything on my phone.

I only use amazon.com on my computer

Yes I agree.

It's really not convenient at all.

Top level design

They just want to make sure haha

I hate when it's not convenient.

That's the reason why I never customize anything (unless I have to because it's unusable).

Haha, definitely.

There is also this whole rgb thing going on as a trend.

I wonder if people whose setups have flashing colors all around ever experience discomfort in their eyes or headaches.

Haha, I get it. Flashing colors would drive me crazy too.

I've just realized that I'm pretty unique. I tend to go against the common stereotype haha.

It definitely makes getting a reverse shell much easier.

What do you mean?

yall are odd… lol

I genuinely think I am haha.

Wouldn't surprise me, it's always like that everywhere.

we all are lol

I'm very friendly, especially when the other person is open-minded and genuinely interested in learning.

Haha.

Yes, exactly I remember seeing a software called iCUE from Corsair for controlling RGB lighting (driver) the whole software is around 1.6 gb.

Razer is a good brand.

There is EVGA too but they stopped making graphics cards (which sucks).

Aside from that, I really don't bother with too many brands.

I know corsair is reliable (if I recall right).

Nice, I don't even know how to modify my terminal so there is that.

I don't think I am ready for macros haha.

My whole mindset is full of contradictions.

I like to really learn very complicated things but I really can't bother changing my wallpaper or doing very seemingly simple things.

Definitely, I use a normal tkl keyboard (so I even have fewer keys).

so much green

so few better colors

Here on discord?

no at the park

That's good.

But you know that's interesting because I really don't complain about my setup (I like it) . I think a real hacker or anyone proficient really can do anything with any setup assuming it works.

I don't want to waste my time trying to make sure all the HEX colors are correctly setup or if I have X,Y, Z accessory.

As long as I have the basic things (monitor, keyboard, and mouse), and the computer is working fine with either Ubuntu or Windows installed, then I am good.

Exact, that's the right mindset.

Before I got my new PC, I literally had 4 or 6 gb of ram.

Definitely.

Having the ability to hack or work with the bare minimum is advantageous because it signifies that fundamentally, you can adapt quickly and avoid getting bogged down by unnecessary things.

To be fair, vast majority at least have vim, most symlink vi to vim these days and just enable some legacy compat stuff lol

Ellie started watching a movie from 1979 guess which one

Alien

correct

I thought you already started lol

but enjoy

tried to start but too many distractions to kept it for a later time

Great movie

which is now

I recall a scene from Mr. Robot on YouTube where Elliot (I think that's his name), the main character (I think not sure) was using Linux Mint. He's portrayed as a skilled hacker in the show. When I saw that, I thought, "That's the spirit." I didn't watch the entire series, but from the setup they displayed, it seemed alright.

it's Atmosphere and quality seem great to me \

People are obsessed with that show though.

The scene was about GNOME vs KDE if I remember correctly.

No sane hacker would be using Mint lol

he was insane

Yeah first couple seasons are pretty alright but I rapidly loose interest

Haha, the only similarity I have with him is the dedication to work for 12 hours straight on this. Aside from that, I think I'm relatively sane.

I literally know nothing about him aside the passion aspect.

Just uh, please don't bring that kinda 12 hour work ethic into the actual workplace c:

work/life balance is very important

I mean personally, I am a student.

I have been doing 12 hours days for like years to learn all of this.

Totally fair, just whole different ballgame as a profession

I will probably still do it haha.

Please don't c:

Don't condone it though for others.

You'll learn to respect and need those bounderies

Critical for me doing work from home especially. Extra weird

I started doing this at like 10 years old (around 8 hours a day or so). Then after high school (12 hours).

Heck no.

I want to open my own thing and do research if possible.

Aside from that, I am not slaving away.

Yeah I don't mean stop learning, just don't just flat out do infosec for an org that way indeed

Of course not because that's work and not pure learning.

Mr. Robot was a really good series, unfortunately some people emulate elliot's personality without realising how unhealthy it is

I literally don't have enough time in any day at work to do everything I need to get done lol

Because they don't have it in them.

I do 12 hours a day easily no problem because that's what I do naturally (I am just really into this).

Hush, I know you joke, but no Elliot's lifestyle is no way to live

I don't do drugs nor have mental health issues so I am good (.

12 hours of infosec can still be pushing it but fair enough

I'm not saying what you're doing is wrong btw, if you enjoy it, then that's awesome, I grind on things I like a lot too

It's just more than healthy to have a ton of other hobbies, epecially when they interact

Software Defined Radio is an interest of mine and has a good bit of overlap with infosec despite not directly realted

Game modding and hacking same way, with reversing and more

You learn a lot and intensely. I'm very passionate about this because I have very high expectations for myself. A true hacker is someone who is extremely proficient at many things. To reach that level, you need to dedicate insane hours and fully immerse yourself in it, absorbing as much knowledge as possible.

(singleplayer I will clarify lol)

I really enjoy it. Been doing this since like 10 or so.

To be very good at information security you have to dedicate insane hours. That's how they do it.

didn't know u modded games ur self

That's awesome man, sounds like you're good at this too

modding is how like half of people even learn to code tbh

Yeah I've been doing it since my early teens as well, good bit into my 30s now lol. Just make sure to diversify your interests. Like I said, there's a ton of overlap in infosec concerns with other computer related hobbies

I never watched the show but I am pretty sure the main character is like that right? Like super dedicated to this (since he is labeled as super hacker or something)?

How many hours is "insane hours" to you?

After 16

years

It's not a distraction, only a benefit to deal in similar relms of interest

Anarchist hacker, it's more of an ideology pushing rather than "oh wow this guy's really good"

That is definitely insane hours, dang lol

I mean, it's my passion and interest. I've tried playing games and doing other activities like that, but I just can't seem to get into them.

It's pretty insane, I do mainly 10-12 most of the time.

I stop when I am very tired.

Also please again, never work these hours for a business

..you're sometimes not?

Interesting.

Very tired means borderline crashing (kernel panic let's say).

so like

hour one

after coffee

Yes but I don't drink coffee.

Let's say water.

Of course not.

Coffee = poluted water in my books...lol

I don't like the taste.

hersey

Of course, not unless I am genuinely enjoying and benefitting it (like a lot).

bot be gone

@mossy river

Wow beat us to it

oh nice

I was about to ping Jabba and Juun indeed

But see the thing, is for most it's insane for me that's just what I strive for.

Just keep in mind sleep is very important too lol

I do sleep decently

That is how you are processing and storing this info long term

I have hyperfocus though so that's probably why.

yep, this is very important

Also death.

I don't think I can do information security 6 feet underground haha.

I've noticed that too. Sleep and walking away from the computer for a few minutes to think through what I've just learned helps me retain the info better

anybody knows how I can contact a room creator

SSRIs inhibited?

I sleep around 7-8 hours a night

Once I am done with my thing I usually workout then go to bed.

I never dream.

Isn't that normal for most?

For some yes

or most, I'm not sure

I don't know much about dreaming and sleeping so I have to learn about it.

That's good.

Probably

I dream every single night and they're very vivid. It's actually annoying because I feel like I don't actually sleep...I'm just living a separate life lol

if I can't dream, I won't be able to move my memories to the long term folder

Do you know why?

I literally dream a black screen.

You can learn to remember your dreams better by keeping a dream journal of what you remember when you wake up. You'll learn to reconigze the patters and signs you're in a dream. If you're dedicated you can eventually Lucid dream as a result

Interesting.

oh man, I tried to do that when I was younger, I tried everything and lucid dreaming did not work at all

But that's typically a fun task for a summer when you're still in shcool lol

I'm not sure...I've heard that you only dream if you're in a certain rem cycle or whatever. I do remember most of my dreams too. I know that's not common but it's been happening for years for me

I remember doing it accidentally once though

lucid dreaming is amazing

It will probably be me being able to code in PowerShell for the first time (since no way in hell I am doing that when I am awake).

Intriguing.

Was successful for me, but yeah you can learn by looking for dreaming cues while awake. That'll train you to do them when you're asleep

I really don't remember my dreams.

Clocks and text will never read the same way twice, turning off and on light switches rarely works in a dream, that sorta thing

lol understandable

I've heard that most people dream but just don't remember them. I'm not sure what helps with recalling dreams

yeah took me a whole summer of learning, journaling and attempts

(for lucid dreaming)

hmm never did a lucid dream

Keeping a dream journal is one of the eaisest ways

I've heard that too. I didn't know it lowered your quality of sleep though, that's interesting

lol, i was just thinking about this earlier

has been all my life

If you do remember a dream, write it down as soon as you wake up

why

Now that you say that, I did start journaling some of my dreams and then I started lucid dreaming more often after that...I never realized that connection before

• a lotta of my dreams are super weird

Yes that's what lucid dreaming is, I could influence my dreams but it was somewhat limited as if I was under the influence of something. It'll depend for each person.

But yeah this was back in high school days when I had a summer to try for fun

I see

Mhmm, if you start to record as much of those details when you wake up as possible, you can slowly start to build a bit better regonition both remembering your dreams but also regonizing you're having a dream

@heady stratus How would you define insane hours?

at least 7

I sure don't do so these days, typically only remember my dreams on weekends when I have ample sleep time lol

may do that

7 is normal.

but if someone discovers my Dream journal, it may look like the scribbling's of a madman

freaking lol

They just don't get it.

But yeah that tracks, typically we only remember our most recient dreams unless trying for more

I don't even get it

for me it would be about 10-12 a day

It will take time, let it process.

That makes sense.

15 hours for me

I agree.

Just again know that's unhealth professionally, and after 8 hours of working in infosec professionally, you won't want to spend another 2 or more learning

Mind you, I've only been doing this for a little over a month, so it's a lot of information to process if i do it for that long

But it depends on the job.

eh we are young atm

I sure have had some 10 hour work days and it's brtual

i've spent like 3 hours on powershell and i already want to die

If you are genuinely into this, it will be fine.

3 hours should be the max for windows stuff

For me at least.

I definitely am. I was a programmer before and ran a business as well, so long hours aren't a problem, but retaining lots of technical info is sometimes challenging, but it's getting easier now that I'm understanding terminology and different methods

Yeah as someone who does Windows syadmin among infosec and other tasks, it's a breath of fresh air to get back to my personal linux systems... or at least Linux I deployed at work lol

Yes AD/GPO was the game changer I needed to see that Windows Sysadmin is somewhat sane but holy heck still not a very fun time lol

chatting in here daily will drain ur lifetime considerably beware hhhh

eh its fun

tru

lol you're not wrong, I get way too distracted with this chat but it's fun to discuss infosec with peers

https://www.reddit.com/r/linuxmemes/comments/1al0x2u/every_daily_linux_maintenance_experience/

Disagree

Also Ellie a lil video I found which I believe u may enjoy as well as I did

it's not 2007 anymore who still uses twitter

Linux just works, the above vid is Windows Sysadmin

"Oh who left kerberostable account in year 2000 which is still around in your 2023 AD domain"

So much to fix lol

gUyS iT's cALeD X nOw lol

You know, if you're really up for it, you can go a long way. Here's what happened to me. I ended up on these console hacking forums by mistake, and they were way over my head. I didn't know a thing about hacking back then. But after about 3-4 weeks of diving into it, things started making sense. I was just 10 years old, spending every waking moment after school on it.

If you are dedicated it's really doable.

he just wanted to put that domain name to after 20 years of holding

if he just made a name USING x it would be fineish

but JUST x is dumb af

It's funny, you can tell Elon is still in 90s grunge phase, especially with that

Man, you must've been hacking like xbox 360 games at that time, yeah?

gotta redesign "X" icon to look scuffed up and grunge because... reasons?

Realistically it is the above, he's had the X brand for 20+ years lol

Pretty much I remember stumbling upon a website with "hacking" and "Xbox" in the URL, and I was totally baffled. Then, I saw people sharing pictures of motherboards and having discussions in this highly advanced language, throwing around assembly and C code like it was nothing. It really caught my interest because I wanted to be part of that kind of community. That's where I learned the hacker mindset—they showed me how to truly learn and cultivate that way of thinking. It started from there. I literally just wanted them to listen to what I was saying and be like yes that's a good idea.

literally only two other single letter ones exit, the other 23 can't be registered

he planned to use it for paypal

Yes he was unironically, despite him stealing/buying out all his other big ideas

which ones

ah sorry there's 6 rn

Just look up IANA domain name restrictions and policies

oh no 3

the other 3 are .org and .net

latest from IANA is... they want to make .internal TLD a thing for... interal. lol, blocked at internet DNS level

lovely x.org

to replace ad-hoc .local and etc

dumb to replace. should be an alt. i can see different use cases for each

Yeah iirc they had some concerns about .local I couldn't remember. and .private had obvious concerns in naming

Interesting. At 10 years old that's impressive. I remember hearing of the playstation hack by anonymous in 2010 or 2012 or something and being fascinated that people could hack into playstation. I then heard that they used C++ and then I started learning programming because of that...I wish I got into the hacking side of things earlier but oh well. Learning programming languages seems to be helpful with hacking anyways

(btw the above list is a partial --- it includes originally only --- .org was reopened to single letters, .com never was)

Gotta love that I am being asked to hack into the election's

when they are still being done by hand in Pakistan

can you hack the internet for me

thx

That was a great time. People were really passionate about console hacking. Generally speaking C++ is very useful if you aim low level hacking.

eh if it was online anybody could hack into it

Pakistan has terrible cybersec as I said

no, like the internet

hack the internet

yes I can

Thanks for all the phishing btw, had a couple Pakistan TLD reciently lol

nice, what were the scams about

i'll be waiting for it to be transferred to me thx

Gave +1 Rep to @buoyant tree (current: #173 - 35)

damnit

I hacked you to get me more reputation

th.x

lol we have Pakistan GeoIP blocked but most were using stuff like mailgun/AmazonSES and similar to send

It's unfortunate that we don't see that kind of passion anymore. People seem to have lost the true hacker mindset.

quite annoying for legitmate users

gotta be on a vpn 24/7

None of our businessess have any reason to communicate with Pakistan lol

what industry do u work in

tbh the odds of a legitimate email coming from pakistan for a local elemetry school of 70 stuents is quite low

Kids be learning fortnite dances now instead of hacking. Such a shame

i'm gonna block paki

All, we manage small to medium businesses IT

oh k

ッ.top is for sale if y'all want it

by any chance u work at accenture

None of them have any reason to be talking to Middle East anything so easier to block it all lol

91kUSD

nah

a lotta of my friend's in the US work there

No

Yes, it's disappointing. Makes them turn into idiots. But it's not for everyone though, you need a certain level of intelligence for this. My whole generation is a lost cause to be honest haha.

they already were if they were on tiktok

it just reinforced it

That makes things even worse.

Main complaint is how mobile focused kids are these days, many don't understand filesystems

just expect all files to live under a bucket assigned to each app

*hands floppy* what's this save button for?

even see that with the younger CSRs at work

we don't talk about that

Certainly but those who are bright and determined will always find a way to be productive and create something interesting to move forward with. Like I said, intelligence plays a huge role.

If they're emailing world leaders then I applaud them

There's certiantly exceptions but it's kind a wild majority who are now 100% mobile focused and have to adjust to using a PC

yeah you really should be using excel for that

Yes, it's true. Many are practically addicted to their phones (they can't work without it nor adapt to something else).

changing the neurological pathways with apps like that. Pretty crazy

It's just kind of a wild change, I don't want to get into weird generation wars, but yeah we all had to use and understand PCs intimately to even get into online stuff

eh my sister is that way

Can't touch a laptop

but always on her phone

treats windows/linux as alien tech

It's a fact that people of my generation are actual morons just check the news.

that's partially why they're morons

Indeed, it's wild to see young people struggle so hard at basic PC tasks these days

Fair showing your age but I tip my hat to you

Not going to lie, I enjoy it because it reduces competition.

You can easily standout (miles ahead).

but it dooms the future of humanity

Yep my thinking exactly lol

can't even open up file explorer or cmd prompt on windows also

and then there's me who can use all of it and also hates all of it

asked my sister to open up cmd like a normal thing, asked me what that is

But you don't want everyone to be dumb. Just a decent majority, so those who are talented can easily exploit it and evolve.

exploit the stupid people

Whew cmd, that's pretty advanced. But realistically never ask a end user to cmd for you lol. That's when you take over

just told her to open cmd

then run py ./main.py

In IT you will have these tools to do so remotely

No that's too advanced for a typical end user, I'm not even kidding

Some people are destined to be leaders or exceptional researchers, while others nothing due to negative behavior and lack of intelligence.

But DAYMN Ellie Alien is super crispy like it seems like a 2023 movie

that's sad

amatuer mistake. you should have had a if __main__: main so she didn't need the extra 10 or so characters

It's more than to be expected lol

we're their IT for a reason at work lol

No I don't expect these lawyers and accountants to know how to open CMD. We can do it for them via our tooling lol

That's what RMM is for and etc

I worked with a lady recently and had to show her how to bookmark a tab on her browser...I was baffled

lol just wait until you see more, it's insane if you get into help desk'

AI what's that

cause people dumb

oh you asked why shouldn't they

oh u mean Al' from the store?

oh i misread again

ignore me

I might just give up on the world if I get into help desk

Eh I keep up to date on what AI's capable of

until now nothing too scary

Help desk can often be your foot in the door for IT

someone should write me a gui

i don't wanna

yea heard that a lot

use streamlit

I mean, the cybersecurity talent landscape is also getting nuked by influencers recommending it and trivializing it. Remember, these are the same people who suggest cybersecurity to individuals whose most advanced software experience is using the task manager.

https://docs.streamlit.io

I escelated very quick from heldesk to infosec and sysadmin but yeah all depends

my favorite tool to build quick gui's

that looks like a webapp and also python

what lang u buildin in

and yes it builds a webapp

and its super simple

anything that's not a webapp and that doesn't require a language to be preinstalled

and looks good

just compile python

like c, c++, C3, net, rust, anything ifc

pyinstaller

tf

what even

uh my current job which is Windows sysadmin, sole Linux sysadmin, sole infosec, sole compliance manager, sole devops, also have to dip into help desk at times lol...

No I don't totally enjoy having all these job roles in one but is the best job I've ever had I can't deny

didnt u know u can compile python

nukita also exists

eh and its all remote so u really can't complain

i never had a reason to look

when compiled, ir tuns natively?

I never had a good experience with pyinstaller

no need for py?

It is when I don't have enough time in any day to do it all but yes

yea

huh.

webapp still no good, but TIL

i'll have to keep that in my back pocket

I've been trying to run vulnerability scans against all clients since Jan 1st. I've got through two of them...

I've been hearing/meeting lots of people like that too

Just kinda insane workload. Just try not to wear all the hats if you end up in small business. Learn when to say no and specalize if possible.

I did speciaize but agreed to too much

well

unless you get something in return

i had a good bit of stake in the company i was at and we were trying to sell

But I have a boss who asks questions like "Urgent: Who knows X clients datacenter well"...

"Uh I know it pretty well"... Okay you're now on a 2:30 PM call with datacenter and other major stakes people after that no context question

probably learn to say no

That's what I said above but, saying no there was not replying at all to a "Urgent" all hands message lol

Morning

m

o
r
n
i
n
g

finished it for you

Out of every 10 people (you mentioned), only 1 will truly succeed because they have genuinely discovered their new passion. Cybersecurity is a field where intelligence and genuine talent play a significant role because it's not meant for everyone.

I have to get out of bed, and I don't want to

also one complaint I have, what's up with all these business software having Discords all of the sudden

I don't want to have to make a work discord lol

i can dm you a powershell bug from hell if you want a good jump to wake up

Hmmmmm

That's sound advice; let them try it out, and I can guarantee that only 1 will truly stick to it because it's not a get-rich-quick scheme.

Hah thank goodness I didn't say yes to you for "powershell bug" knowing your scripts

Trend.

Slack!

im in pain

No we moved off of Trend because they're not a great AV vendor... I kid lol

Definitely.

But yeah Slack or Teams would be more sensabile in a business enviroment

I'm just weirded out by our pospective RMM vendor reminding us that we can join their discord lol. Like you're enterprise grade RMM tech...

seriously? they use discord now?

that's dumb af

I mean, it's the same thing with OSCP. Some think just obtaining it will make them "1337 leet" hackers. They don't even know what's in the exam but boast about trying to pass it. Security influencers promote this ideal image of "do this" or "do that" without understanding the full scope. You genuinely don't want people in cybersecurity who only do it for money and have not a single care for the field.

Yeah it's wild

100% also way more serious and professional looking.

Nah like a community Discord, for free support.

Just read discord emails, it's hilarious to see that in a professional environment.

I've seen a few vendors do that.

It's a bit more understandable for open source CIPP project (O365/Azure/Microsoft stuff portal all in one pane of glass project). But less so for commercial RMM

i'm in a bunch of foss discord servers

i never use them but i'm there

business tho?

Which btw, if anyone has a multi-tenant O365/Azure enviroment, can highly recommend this: https://cipp.app/

weird

i actually just stole some code from another foss project i'm in the discord for

cause microsoft sucks

Microsoft is good.

go away

They have good products.

lol

Windows is awesome.

obviously plant

wait until you have to support them

glowy

professionally

glowy begone

I like Windows especially 11.

sus meter is having trouble

blink twice if they're holding you hostage

lmao

Personally, I've never encountered any issues.

How are you this into infosec and not on Linux yet?

uhh...

I have both.

my entire job the last week has been writing stuff to demicrosoft/decrapify windows

they suck

I am never going to daily drive linux.

it sucks

everything they touch sucks

Okay, how can you still stand Microsoft spying on you and etc

especially azure

azure sucks

god i hate azure

Did you go all out on Local Group Policy and more?

If they truly want your data they will get it either way.

the only thing they haven't ruined yet it github, and they're tryin to now

Dude they give you these controls to turn this stuff off for orgs compliance wise

just turn off their bs in Local Group Policy

i'm on at least 13 watchlists and i'm still not gonna make it easier for them

There's so much stuff you got to disable in Windows before it's sane from a security and privacy standpoint

soo sooo much

and those tweaks only work for a month

then they change it

When you first install do OOBE\BYPASSNRO, it will skip online account.

Once you get into AD and Group Policy that will be a game changer for you

just did this a week ago lol, was annoying

no@thankyou.com will also do

It's literally shift+f10 and type it.

Takes 15 seconds max and makes the whole install process very quickly.

i could use gpo and ad and such for this, but i want it to be as portable as possible and still function where gpo isn't supported

i do it often

easy =/= not annoying

I like this guy lol

Yeah I can’t live without Pro on my personal devices if nothing but for Local Group Policy

and virtualization support

Personally, I don't really download anything else on my computer besides study materials or some files to test. I don't bother with customization, so in 99% of cases, any supported Windows version will do the job for me.

Yeah Azure and ugh Entra ID, thanks for the rename MS, still don’t reach the levels of on prem

it's aad

always will be

Exactly

entra would be a fine name tbh if they started it like that

Well, I think 15 seconds is not bad.

Still says so in their URLs to manage Entra ID lol

it's not AD after all

but don't change what's ubiquitous

Yeah they built up too much clout with Azure AD already

And makes too much sense

I get it, which is why I also have Ubuntu on the side which I use frequently.

your guy's first mistake was downloading windows

You need to know Windows, it's important.

you can know it and also despise it

VMs

^

You yourself said you don’t game

i've got half a dozen open rn

Sure but personally it works very well for me.

So you literally don’t need windows

I genuinely like Windows.

What are some good THM rooms/paths for learning reverse engineering skills for the purposes of solving CTFs?

oh shit i forgot we have reverse eng rooms

Do you know assembly?

i should take a look myself

Sweet summer child, you will be jaded before long

I started with Windows, I will never forget it.

No but I want to learn it.

I also have Ubuntu so I am good either way.

I just dual boot.

i don't like ubuntu either tbh lol

still better than ms tho

Ubuntu is awesome.

It's quick, fast and look good.

canonical is a shady company

I started with Win 95, should I switch back to that?

Linux is Linux.

Sorry we’re giving you a hard time half in jest

linux is linux. ubuntu is not linux. ubuntu is built on top of linux.

^^ heavy emphasis on this

Of course, not but that doesn't mean you should ditch Windows altogether.

You’re fine and it’s sensible, but you will see some issues over time

Or go on HackTheBox labs and do the challenges.

If I do I will just either fix if I care enough or fully switch to Ubuntu.

Wow, I totally forgot about that.

I will check it out again.

To be fair I deploy Ubuntu Server at work since it’s sane and potentially future employees can manage fine. Is it my ideal? No

This looks promising are they free or is there some kind of pay model?

saying "ubuntu is linux" as a way to disregard all the shady things they've done is like saying "chevy is driveshaft" and ignoring when the lifters disintegrate

Ubuntu is very easy to use, I also like the design.

i forgot how to spell disintegrate for a minute so that took my a sec to type

Gnome terminal and so on.

It is linux.

chevy is driveshaft

no engine

just driveshaft

Ouch okay I need to tap out lol, I am not a fan of GNOME3 bloat one bit

I don't care about ustomization or anything like that. I just want a distro to plug in and install quickly.

It's reliable, fast and decent.

I will just say, you will not learn Linux just sticking to Ubuntu and not doing more digging

for the most part I can agree. just saying that canonical has done shady things before and still somewhat

And especially by not trying to use Linux as your main

https://www.linuxfromscratch.org/ ever see this?

No step too far lol

But good for experience eventually

LFS is a whole 'nother discussion lmao

I already have another distro setup for each specific use cases (malware reverse engineering, ctf's and so on). For me the computer is just a tool. I don't care much about anything else.

I’ve done a build before myself, it’s purely for learning

If I need to learn more about it I will probably find a way to do so with Ubuntu.

I just worry you won’t learn low level Linux as well by sticking to your current path

If I have to learn low level linux I can just open a vm and try it there.

I mean Ubuntu is a good place to start I think if you just want to get used to a Linux environment. I would move on to something else once you get familliar with it but I think it's a decent starting place.

Ubuntu is good 100% of the time.

Unless you are doing anything entreprise level or highly specific use cases.

For me Linux will always remain a tool no matter what.

i can agree with many just not 100%

If you are savvy enough you can make it work.

It's literally Linux.

Ironically enterprise grade is kinda fine with Ubuntu Server. But yeah Ubuntu is not good for low end hardware and much more if you mean the primary desktop release

I personally use Fedora with the pop os shell but I broke the pop os shell and am not sure how I broke it or how to fix it LOL

I don't have low end hardware, so I am good then.

iirc PopOS shell is just GNOME 3 with sensable extensions

shouldn't bee too hard to fix

asked myself why tf i was using ubuntu server and couldn't give myself an answer. switched back to deb for server after that

It's the only reason I use gnome lol

a bit more stable theoretically

Tried KDE and xfce, too different.

Doesn't mean you should use the heaviest desktop enviroment Linux has to offer just cuz. Heck there's a reason the other DE spins exist

Gnome is good.

ouch

Experiment, this is what linux and computing is about

Most agree that GNOME 3 is kinda garbage

besides the die hard fans

obviously subjective but i seriously dislike gnome3

What is a good alternative to POP OS shell because I love how that manages windows

very mac like as well

i use kde 🤷‍♂️ i prefer a well configured xfce but i also don't care enough to do the work to configure it

It works fine and looks good, no need to change. I am not like other people who needs to use X or Y distro to feel like a hacker. If you are savvy enough you can make anything work. When I first started I learned everything on WinXP and Win7. I only got into Linux much later.

Possibly Cinnamon DE (The defualt of Mint but avaliable under others). Alternative XFCE is great if you don't mind a bit older XP/Win 7 kinda UI vibes.

Otherwise could take a hard turn and go KDE

i personally don't like cinnamon but it does have a big following

tends to run well as well

If you never customize linux or learn how this works low leven then you will miss something

Agreed, also main caveat is it traditionally had issues with high refresh rate displays and gaming

lol

Most of the customization doesn't involve low-level coding. If it's purely cosmetic, I won't bother with it. While I'm sure you can customize to achieve X, Y, or Z, it's just not something I'm interested in.

hi can anyone help me

Basic linux works very fine and can do anything I want on it.

I mean what each package does and why. How it all plugs together to make a cohesive whole

i am stuck at two labs

Yes but fundamentally it's something you can learn very quickly if you care about it.

Ellie gr8 comedy

What does gvfs-mtp do for you in your Gnome install? I can tell you instantally

I mean if you want low level you can set up Gentoo

Lmao yeah all this stuff is very gatekeepy.

That was my first distro.

A true hacker or someone savvy can work on anything. No need to use X or Y distro. Get Ubuntu or whatever and just learn.

Gravity falls

anyone plz help me

(It handles media transfer protocol for mobile devices when plugged into your file manager, if you don't have this package then it's broken in your file manager)

? i don't follow

I could probably learn that if I truly have to.

Yeah idk, single time I mentioned Arch I said specifically use the OS which is best for you

yeah we agree -- we just don't like canonical

anyone ready to help

Sure that's the beauty of linux though. You can use X and I can use Y.

If using something else works well for you then stick to it.

Try in #room-help which is a better space for these questions, thanks!

Gave +1 Rep to @lament axle (current: #1990 - 1)

I am just not wasting my time with other distros.

lol whoops, but you get the thanks anyways

Mistake

weeks pass so fast

and its good

so come here can help me

its infinite anyway

Distro hopping is very natural point of learning Linux

don't get into just Ubuntu silo

Most people use other distros because they can customize them cosmetically. I highly doubt many of them change anything at a low level (that's a highly specific use case).

how do you update packages on a Red Hat Enteprise Linux system at work?

That's rpm I suppose, I don't deal with it.

Like I said, I can probably learn it in 30 minutes by reading the man page.

oh i saw the photo, i'm just confused about the relevancy 😂 was the solaris build somehow sec related?

small screen

It is RPM, but what package manager? Yes you can search it but why not have some experience with Fedora in case you run into RHEL at work

very very common in business Linux stuff

What do you mean by changing stuff at a low level?

Implementing changes in the code base.

nice username

If I have to, I will.

that's like all of linux, low and high

linux is code

I'm not arguaging to make changes to the code base, I'm arguing for learning linux fundimentally and what everything does

If you just use GNOME 3 Ubuntu and nothing else, you will have a limited perspective

That is all I'm trying to say, but I'm glad you're ahead of the pack for peeps your age already

I'm just saying, be flexable and learn more Linux, this will get you ahead professionally

Like I said if I have to learn I will. It's easy stuff to learn.

why no pfp

Don't care to change it.

Why don't you want to then?

Because I prefer focusing on other more important things.

Linux OS internals is pretty important for security but alright

For example, big Polkit privilage escelation about two years ago, that's a pretty invisible system for most Ubuntu users but is fundimental to nearly all Linux. Not something you'd typically interact with from a high level

I will get to it when the time comes, I am just focusing on something else on the side which is fundamental and important.

Same thing with CVE-2023-40547 discovered recently.

Totally fair, and sorry to harp on you so much, you're totally fine and I admire your enthusiasm

I just know for my 18 years on Linux, learning this stuff was critical to me deploying headless serves and more at work, protecting them and more

Don't be sorry you have your reasons.

I am currently learning Windows Exploit development.

So I focus all my time on that.

Once I am done with that (which I never will or more like switch my focus to Linux). I will eat Linux night and day.

Mhmm totally fair, but we are seeing a lot more Linux endpoints these days than before, even in small/medium business

Goodnight.

docker/kubuernates too attractive

G'night!

n

Yes, I will learn Linux more deeply eventually.

Totally fair, I'll lol stand down

this password doesnt seem to work

hey madscot how's the internship goin

did u check num lock?

No you are ok, you have your reasons and it's not like you are saying nonesense. It's important to learn.

You haven't launched the machine in the room yet, if you had [MACHINE_IP] would be filled in

not always tbh

some rooms are weird

but very possible

i was sure i had clicked it

oh well

very intense

Just keep retrying.

Did you access the machine properly then?

you want intense?

positively?

well i have a pretty intense bug i could use some hands on........

I don't think this is bad tbh Windows is a good system to target if you want to learn to exploit vulnerabilities as an attacker LOL

i have till sunday to do 13 try hack me rooms all with loads of questions this includes loads of the christmas ones and metaspolitable 2 ahahaha

*-*