From the “the future kind of sucks” files comes this update out of the UK. There’s now a company named for a SQL injection attack. I’m hopeful that the global economy will survive ; DROP TABLE “COMPANIES”;– LTD’s first public offering.
This is definitely worth a slot on any team’s slack integration page.
Urban Dictionary Slack Bot
There are variety of commands but I like how some are public and others are private to the user posting the command. This would pair nicely with a Snopes bot.
Another great summary from Brian Krebs. No matter which side you fall on politically, this stuff should concern you. The problem isn’t whether there is hacking, the problem is that we can’t even believe the official responses so it leaves a vacuum of information that is readily filled with bullshit.
The public might also be deeply suspicious of hacking claims from a government that practically invented the art of meddling in foreign elections.
Katie and David were kind enough to invite me on the Mac Power Users podcast. We only talked briefly about DEVONthink. It’s always so much fun talking to the hosts of a show I listen to every week.
The Sources and Methods podcast is a good interview show with a wide variety of guests. I was lucky enough to be invited on this week’s episode. Alex and I talked about using DEVONthink, social media, and the value proposition for privacy. I think it was a fun conversation and I stand behind my recommendations at the end. Miyazaki is just the best. Check out the copious show notes too.
This week’s Nerds on Draft welcomes our first guest and of course that person is my old Technical Difficulties co-host Erik Hess. Erik talks about how he built a daddy-bot as a way to connect with his family while deployed overseas for a year. We all had a few different beverages and some fun discussions.
Quincy Larson has a pretty reasonable approach to encrypting your data:
And when I use the terms “private” or “secure”, I mean reasonably so. The reality is that — as long as humans are involved — no system will ever be 100% private or 100% secure.
His list is short and pretty unobtrusive. For normal people, it’s key to balance the mental cost verses the potential benefit of encrypting everything.
I know many people that are fascinated by the hack of San Francisco’s MUNI. I’m far more fascinated by the white-hat battles against the hacker, which may have resulted in breaching the miscreant’s email accounts. From Brian Krebs:
On Monday, KrebsOnSecurity was contacted by a security researcher who said he hacked this very same cryptom27@yandex.com inbox after reading a news article about the SFMTA incident. The researcher, who has asked to remain anonymous, said he compromised the extortionist’s inbox by guessing the answer to his secret question, which then allowed him to reset the attacker’s email password.
Brian Krebs continues to follow the analysis of the biggest Botnet attacks the world has ever seen.
Tell me this doesn’t sound like a William Gibson plot writing itself:
“This is an interesting development because a lot of the response to Mirai lately has been to find a Mirai controller and take it down,” Nixon said. “Right now, the amount of redundant infrastructure these Mirai actors have is pretty significant, and it suggests they’re trying to make their botnets more difficult to take down.
Sam Harris has an excellent and deeply intellectual podcast. This week’s episode features an interview with Professor Stuart Russell about the current and future state of A.I. and it’s potential impact on society.
