NoOneInParticular - Slashdot User

Comment Victim blaming, Opsec, and old email addresses (Score 1) 93

by CLorox on Sunday May 11, 2025 @08:16AM (#65368259) Attached to: CISA/DOGE Software Engineer's Login Credentials Appeared in Multiple Leaks From Info-Stealing Malware in Recent Years

By itself this doesn't mean he was directly compromised. We need to be really careful about inferring things from presence on these stealer lists and breach tracking sites. This is the second time in the last couple weeks that I have seen a "stealer" list being used to discredit someone.

You can easily end up on these without having ever had a directly compromised device of your own. If you have an email password combination that was breached in any of the many public breaches listed out there (see https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fhaveibeenpwned.com%2F), all it takes is that credential to have ended up in the list being used by another nefarious actor to attempt attacks on new targets.

These are public lists, and if an attacker is using that list to attack another target, and the attacker's machines are also compromised (if you lie down with dogs, you get up with fleas).... that's it, you are now potentially in that list associated with other services than the originating service. It doesn't mean anything other than you had an account with a previously known password from a breach.

So yeah... it might infer this guy's opsec is terrible, It might indicate he was hacked, but it just as easily---and probably more likely--- might indicate nothing other than he was a victim of a 3rd party breach (like almost all of us who have been around a while will have been) and then someone else using that list was hacked... E.g. a password on a throw-away website/forum 20 years ago that was breached, forever plays forward in future attacks based on those lists. It appears as a new compromise, when it isn't.

From TFA..

"
As Lee notes, the presence of an individualâ(TM)s credentials in such logs isnâ(TM)t automatically an indication that the individual himself was compromised or used a weak password. In many cases, such data is exposed through database compromises that hit the service provider. The steady stream of published credentials for Schutt, however, is a clear indication that the credentials he has used over a decade or more have been publicly known at various points.
"

Comment Feel better! (Score 4) 84

by CLorox on Thursday November 09, 2023 @07:18PM (#63994369) Attached to: Apple Co-Founder Steve Wozniak Hospitalized In Mexico City

Not sure Woz still frequents these parts, but if he does.. Best wishes Woz!

Comment Re: Reddit has fundamentally changed (Score 1) 36

by CLorox on Friday June 23, 2023 @05:29PM (#63627570) Attached to: Reddit Sales Growth Slowdown Preceded Fight Over New API Fees

I never felt the need to stop using Slashdot, it just faded a bit from my daily news refresh cycle. Reddit/Twitter by contrast has actively repulsed me enough to seek decentralized alternatives (Mastodon/Kbin/Lemmy/etc).

Comment Re:The usual "Microsoft feature" question (Score 1) 241

by stinky wizzleteats on Tuesday August 10, 2021 @05:00AM (#61675257) Attached to: Angry Windows Pioneer Blogs 'Screw You, Microsoft Edge'

"Woke, n: "Someone I don't like, and by the way I'm a fuckwit" - AC"

Do I grievously misremember, or did this sig once say:

SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC

Comment Re: ..unless they're Google-sponsored ads (Score 2) 49

by stinky wizzleteats on Thursday May 14, 2020 @03:02PM (#60060640) Attached to: Chrome Will Start Blocking Resource-Heavy Ads in August

Google ads don't hog bandwidth or CPU. They're reasonably sized static images or text content.
So, no, there's no exception for Google ads. But it wouldn't change anything if there were

This was true in 2005. It is no longer so.

Comment Were (Score 1) 109

by stinky wizzleteats on Wednesday May 13, 2020 @02:43PM (#60056964) Attached to: Huawei Denies Involvement in Buggy Linux Kernel Patch Proposal

... if it *were* to be approved.

Comment Re:Don't fall for Chinese propaganda (Score 1) 576

by stinky wizzleteats on Tuesday March 31, 2020 @06:43AM (#59891832) Attached to: Trump Says Keeping Covid-19 Deaths To 100,000 in the US Would Be a 'Very Good Job'

And I think we're there.

You think we're there? What cringeworthy, random, flailing act on the part of this administration can you possibly point to to make that claim? Contact tracing depends upon one very important datum - knowing exactly where the disease is and is not at any given point in time. Given that the goal thus far has been to block access to testing in order to keep the confirmed case count down, how could you possibly assert that it's even possible to know this?

And even if you managed to get that far, all you'd do is meaningfully establish where the starting blocks are. To characterize anything Trump has done as an effort comparable to the Apollo or Mahatten(sic) projects is an exaggeration on par with Caligula claiming to have conquered England after some legionaries whacked some reeds with their swords.

Comment 3.6 roentgen (Score 1) 276

by stinky wizzleteats on Monday March 02, 2020 @01:09PM (#59788026) Attached to: America's Coronavirus Testing Lags Far Behind South Korea and China

not great, not terrible.

That's *one* way to keep the count of confirmed cases down.

Comment Re:It already too late (Score 1) 445

by stinky wizzleteats on Monday February 03, 2020 @07:30PM (#59687138) Attached to: Climate Models Are Running Red Hot, and Scientists Don't Know Why

So you're saying that the time to raise taxes is after the average global temperature goes up by more than 5 degrees? If that happens, there won't be anything to tax.

Comment Missing option? (Score 1) 131

by stinky wizzleteats on Friday January 24, 2020 @12:15PM (#59652016) Attached to: What's your strongest tech prediction for this decade?

The ongoing global climate war worsens and civilization collapses.

Comment This is why (Score 2) 234

by stinky wizzleteats on Tuesday January 14, 2020 @12:52PM (#59619680) Attached to: Apple Responds To AG Barr Over Unlocking Pensacola Shooter's Phone: 'No.'

And this is a big reason why, after 10 some odd years of using Android, I recently switched to an iPhone.

Comment I switched from Android to iOS (Score 1) 122

by stinky wizzleteats on Tuesday January 07, 2020 @02:59PM (#59596330) Attached to: iPhone Update Reminds Users -- Again and Again -- of Being Tracked

... after having been an Android user for 10+ years, specifically for this kind of thing. Apple is far from perfect, but they're the only big player pretending to give a shit about user privacy. With an Android phone, by the time you get done with the preinstalled crapware from the phone manufacturer, network provider, and Google, your entire damn life is an open book to gods know who.

Submission + - NextCry Ransomware Targets NextCloud Linux Servers and Remains Undetected (linuxsecurity.com)

Submitted by b-dayyy on Monday November 18, 2019 @03:10PM

b-dayyy writes: A new and particularly troublesome ransomware variant has been identified in the wild. Dubbed NextCry, this nasty strain of ransomware encrypts data on NextCloud Linux servers and has managed to evade the detection of public scanning platforms and antivirus engines. To make matters worse, there is currently no free decryption tool available for victims.

This Company Is Using Mushrooms To Reduce Plastic Waste (cnn.com) 29

Posted by EditorDavid on Sunday November 17, 2019 @06:50PM from the growing-like-a-fungus dept.

The New York-based biotech startup Ecovative wants to replace plastic with mycelium, the below-ground root-like structure of a mushroom, writes CNN Business.

pgmrdlm shared their report: The company says it has developed a way to grow mycelium into specific shapes and sizes. The method, according to Ecovative, involves taking organic plant waste and inoculating it with mycelium. After the mycelium grows through and around the agricultural materials, it binds them together, providing a natural alternative to packaging materials made out styrofoam.

It's a process that takes about a week with minimal water and electricity consumed to make the parts. At the end of the mycelium substance's useful life, you can break it up and you can put it in your own garden. "So it's a nutrient, not a pollutant," said Ecovative's CEO and co-founder Eben Bayer .

The company also believes mycelium could play a major role in construction, as mycelium building materials are both insulative and structural and can be used in the same ways as conventional building material, Bayer said. In fact, packaging materials may be just the start. The startup has its eyes on another audacious goal: building organs. "My dream is to one day grow a lung and seed it with lung cells and use the mycelium to create the capillary network and use the human cells to create the actual lung," said Bayer.
The company's vision "has helped Ecovative attract millions from investors like 3M Company, the conglomerate behind Post-it notes and Scotch tape, and even a $9.1 million contract with the U.S. Department of Defense," reports CNN, adding that CEO Bayer believes the use of mycelium "really has boundless possibilities."

Ecovative is now even developing plant-based meats, including Mycelium bacon.

Comment Security theater (Score 2) 35

by stinky wizzleteats on Friday November 08, 2019 @11:55AM (#59394232) Attached to: Ransomware, Data Breaches At Hospitals Tied To Uptick In Fatal Heart Attacks

I'd say about 70% of security measures associated with *any* security policy, whether there has been a breach or not, are busywork at best and/or harmful at worst.

Consider, for example, password rotation. We now know frequent enforced password changes are a bad idea. Yet almost every security policy I've seen still imposes them. Why? Because IT security is still an emotional exercise, not an empirical one.

Slashdot Top Deals