Fascinating, so now the EU will have to sue the UK to get them to leave.
The Chaos Computer Club's suggestion at the #ITSiG20 Expert's Hearing, that software companies should be held more accountable for their products seems even better in light of the current #msexchange #hafnium hacks.
We might then see some in-house quality control, instead of the current cycle of:
2. Hope the White Hats tell you it is broken before the Black Hats realise it is.
3. Wait until the wheels fall off and then patch after thousands are Pwned.
pol. Universal Basic Income.
The countdown is running on the European Citizens Initiative for an Unconditional Basic Income.
The Corona Pandemic has shown us the cracks in the current system. Cracks through which many are slipping.
1 million signatures and quorum reached in at least 7 EU countries by 25.12.21 is the aim.
Thank you for your time.
All privacy concerns aside, If I wanted Opinions™ at 150 Baud I'd join a Retrocomputing BBS.
But do keep an eye on what you are sending to RF.
Don't send them all your password hashes and remember that IP-Addresses can be PII.
Best maybe, to keep the extension disabled in Browser settings and only turn it on when doing very specific jobs.
Used properly, it is a pretty neat little tool.
Providing context is what this tool is all about.
That aids sorting and prioritization and, in turn, lowers response time.
IMO it could be worse in design, it is sending a minimum of data to the mother ship with as little context as possible out and getting as much context as possible back.
Using it commercially it would be best to run it by Legal because under the terms and conditions , for example, RF can add you to a list of "customers" for advertising purposes.
Next up, what is it actually sending?
Well, it just sends a JSON POST to RF. This contains categories of information, presumably collected by regexing the page.
The categories are:
The page content is not provided, nor is the called URL as far as I can make out.
Calling up the EICAR Wikipedia Page it correctly identified the file Hashes, sending them via JSON to RF and got the context returned. Malware! ;)
So, first things first, the extension has an "enable extension" switch (not the same as actually disabling the extension under browser settings).
So the question is, does this really disable communication to the mother ship?
Well, yes it does. Plonking Burpsuite between browser and Interwebz the disable switch really does turn off telemetry
I've been testing Recorded Future Express - RF's Threat Intelligence Browser Plug-In.
This is to be used cautiously as it makes you just another sensor in their network (if it's free, you are the product, not the customer),
The in-Page flagging of suspicious IPs is a nice feature though. We have some systems that present logs in a pop-up window where the extension can't see them. This is fixable in FF about:config with browser.link.open_newwindows.restricted set to 0
Today's Documentary find is "A Force more Powerful"
Based on Ackerman and DuVall's book about non-violent resistance.
The book also inspired the computer game "A force more powerful" and it's sequel "People Power" designed to teach the principles of non-violent conflict.
#rc3hacc great talk on the state of Ham Radio.
Quite "Schonungslos" - I hope the DARC was listening.
My thoughts this evening are also with those corporate IT workers struggling to cope with ongoing cyber attacks so shortly before and during the holidays.
The stress levels are high in IT as it is, add to that a successful system compromise and competing duties to employer and family and they go off the scale.
Nerd, geek. father, 3D-Printer enthusiast, vegetable gardener, woodworker, needlebinder, mostly harmless.
chaos.social – a Fediverse instance for & by the Chaos community