This is Eagle Eye. It's a tool used to find people's social media accounts. You feed it the name of the person and an image of them. It does a reverse lookup on the image, uses facial recognition, then tries to find any Instagram, Facebook, or Twitter profiles of that person.
I learned a lot tonight. This is what dev tools tells me in Edge by just visiting eBay.
The website is port scanning my laptop, bypassing my firewall, and doing it in/from the browser.
It checked 14 ports.
Let's discuss. 1/5
There are no episodes of
@DarknetDiaries
scheduled for Jan, Feb, or Mar. Due to everyone implementing best practices and securing their networks, I'm out of stories. j/k stories are endless! I just need a personal break from the always present due dates.
Cisco to buy Splunk for $28bn. Something's not right about this. Let me think out loud here.
First Splunk is a logging tool. And they are great at it. Always been a shining star in what they do. Their tool was better at all the competitors right away and they knew it. They've
My 3 step guide to network troubleshooting.
1. Ping your own IP.
2. Ping your default gateway.
3. Ping the internet.
This'll help you determine where the problem is.
Friends. Hello. Something magical happened to me this week. All my life I've been deaf in my left ear. But yesterday I went into surgery to get it fixed. Took 5 hours. I feel sick from surgery and my ear is jammed with cotton. But... I think it worked. I'm hearing sounds again!
Post DEFCON stats.
Personally put 600 bracelets on wrists. Gave out 4000 stickers. (ran out of both)
Received 75 bracelets
Signed 600 autographs. (signed 2 last year!)
Met 800 people
Walked 39 mi
What an insane weekend. I loved every second of it.
How I troubleshoot it:
Windows: Reboot it
Linux: Update it
Router: Clear arp
Modem: Unplug it, plug it back in
Mobile device: Uninstall app, reinstall it
IoT: Unplug it.
I gotta say, knowing how to blog using Jekyll and Github pages to host it, has been amazing. For the last 8 years now I've been deploying websites this way.
Flat html site. No login capabilities. No database. Fast page loads. Free hosting. No CGI. Simple is beautiful.
Some think I'm joking about catching a defcon talk in the bathroom. Not only was there a talk in the shower, but it was the best talk I saw all weekend.
There's a virus in the network. It's an 0-day. Our legacy systems are extremely vulnerable, but it can temporarily cause a DoS to even our strongest systems. Move critical assets to an isolated DMZ and cut off connectivity to unmanaged systems. Disable all non-essential services.
I got interviewed by an automative magazine today? Asking about security. So I told them: "IT Security is like the brakes of your car. And the brakes are there to let you go faster. None of us would drive fast without brakes. IT security let's you go fast."
I'm the kind of guy that thinks it's bad to store passwords in plain text files somewhere on my system. But I'm perfectly fine storing my private key in a plain text file.
Here I'll even tell you where I keep it: ~/.ssh/id_rsa
When I read Ghost in the Wires in 2016 I thought, man I wish there was a podcast with stories like this. RIP Kevin Mitnick. You inspired me to tell stories like you did.
You know how there are websites that let you upload an image and it converts it to ascii art? I'd love to see a website that lets you upload an image and it converts it to PCB art. Like this. In fact, if you think you can make a website like this, let me know.
When I first started podcasting I made the show because I couldn't find any podcast making stories like this. 4 episodes in I found Reply All, and was like, oh, that's it. That's what I wish existed. I don't need to make mine. And I quit.
But then, as I listened, I realized...
When I was 18, military recruiters called, asked if I wanted to become a man, travel the world, get fit. None of that interested me, I wanted to use computers. I can't help but wonder what my life would have been like if they asked "wanna be part of the top hacking group?"
This video is an eye opener. I had no idea banks are sharing my purchases and transactions. Mentally I think of them as a secure vault. But not anymore. It's like they're allowing a constant man in the middle attack. Banks clearly are not putting our privacy as a priority.
Financial privacy has practically vanished.
We have built a gargantuan system of unchecked financial surveillance.
Our mini-documentary explains the history of financial surveillance & how far things have shifted over 50 years.
Oh man. I just assembled this episode and it came in at 1 hour 41 minute, and that's without the music. Whew boy. That's a long one. But screw it, too much good stuff in there to cut. Let's do it.
A rare event happened today. Apple Podcasts featured my show! This alone has caused my show to spike in Apple chart ratings. Currently something like 86 in all categories right now. Exciting times. Thanks
@applepodcasts
! In a week or two I'll fall off the all categories chart.
What's the best infosec interview question you've heard?
My favorite to ask still is to have them tell me, in as much detail as you can, when I go to Google, what are all the steps needed to happen for the page to load?
Company: How's the pen test coming?
Pen tester: Well I was able to sniff some passwords using Responder. Access your jump server. Run mimikatz to get more passwords. Then I got domain admin and all users and cracked many passwords.
PCI Compliance: Looks good. Pass.
I would like to see companies include personal infosec help as a benefit. Such as:
* Free AV software for home/family use
* Free password managers for home/family use
* Bonus pay for passing quarterly phishing tests and infosec training
* Free IT training/support for family
I was in the middle of interviewing an ex-CIA agent. I hit mute to listen. But then tried to talk while on mute and he heard me! He heard me through mute! I was like, wait what the... Turns out I had the wrong mic muted.
I'm getting a lot of msgs asking me when I'm going to cover the hacking news that went on this month.
I make a slow news podcast. There's soooo much more to this story that will come out.
Pretty much when we see indictments, that's when it'll be ripe for me to tell it.
1980:
What are you doing with that 9,600 bits/s modem?
Tracking satellites, running airports, processing bank transactions.
2021:
What are you doing with that 1,000,000,000 bits/s modem?
Watching TV.
This is trape. It clones a website and if you can get someone to visit your cloned site you can see what sites they are logged into. So you would then know they're logged into Facebook, Instagram, Github etc.
Network engineer's troubleshooting process.
> Backups keep failing to finish
* I have no idea how to fix this!
* Why did I take this job.
* Am I good at anything?
* What if I just go home sick right now.
Oh, there's a typo in the destination IP. There you go.
4 years ago this day I was so riled up by politics that I made a sock account to argue politics on twitter. It consumed like 3 weeks of my life and I felt no better from it. Focus on what you can change and what can improve your life. There's no point in arguing politics here.
@elonmusk
What's the alternative? Believe every fringe conspiracy theorist or influencer? Journalism is supposed to parse all that crap and report on the truth so I don't have to do my own research.
I graduated with a CS degree from a major university but failed to find a job in tech. For 10 years! I was going to job fairs and applying everywhere. Didn't get anything not even a nibble. Failed. 10 years later I got a CCNA cert and tried again and got picked up right away.
Me: Here you go boss.
Boss: What's this?
Me: This is the best I could do with the security budget you gave me. Maybe next quarter we can make it better.
@elonmusk
Elon either pick if you want your private life public or not. When you overshare the way you are you're welcoming all kinds of unwanted behavior into your private life. This is a private matter for your lawyer to handle. OPSEC 101 - Stop over sharing.
When I copy and paste text I never ever want to copy the formatting too. I want to copy the plain text only! Like the way it was in the 90s. Right click paste should be "keep format", not "match format", and ctrl-c ctrl-v should just copy and paste the plain text every time.
Your brain doesn't perceive reality properly. Information comes in through your senses, which are limited, then your brain only absorbs a small % of that. Saves even smaller. But makes mistakes along the way. And all that exists only in consciousness
These circles are stationary
Netflix released view stats and data. I ran my numbers on this tool. Turns out, people spend more time listening to my show than 90% of the shows on Netflix. My show out performs 16,000 of the 18,000 shows on netflix.
Take a good look around. This is one of the last glimpses of an Internet made by humans. 80% of the content you consume in a few years will be AI generated. We are on the precipice of a big change.