Royce Williams

@TychoTithonus

Just doing my undue diligence. ISP vet, security demi-boffin, password hashing enthusiast (Team ), AK license plate taxonomist(!) He.❤️:⚛👨‍👩‍👧🛡🙊🗽😼💻✏🎥🍦🌶🍫

Anchorage, AK - where tweets are mine alone; I block in bulk, pls let me know @ false positives (see link)
Vrijeme pridruživanja: travanj 2008.

Tweetovi

Blokirali ste korisnika/cu @TychoTithonus

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @TychoTithonus

  1. Prikvačeni tweet
    10. ruj 2019.

    "Infosec is a way for IT to know itself." - me (Sagan riff) My talk "Password Cracking 201: Beyond the Basics": ; slides, errata, & other talks: My general security insights: Meta:

    Poništi
  2. proslijedio/la je Tweet
    prije 5 sati

    Check out the latest episode of the Podcast with password cracker extraordinaire . We talk stroller wi-fi pentesting, DEFCON's Crack Me if You Can with and tips on creating easy to remember, hard to crack passwords.

    Poništi
  3. proslijedio/la je Tweet
    4. velj
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    3. velj

    The-Eye: online archivists launch OA directory of 5200 scientific studies on from 1968-2020 that anyone can download w/o encountering a paywall ["illegal, but it's also a moral imperative"]

    Poništi
  5. proslijedio/la je Tweet
    3. velj

    Teamviewer has been storing user passwords encrypted with AES, not hashed, in the registry accessible to low privilege users on the machine. This works for versions dating back from at least as far back as 2012 to the latest version.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet

    Reddit hashes passwords with bcrypt, but does not pre-hash. This means Reddit passwords longer than 72 characters are truncated. As a result, only passphrases using the EFF short #2 list are problematic:

    Poništi
  7. 3. velj

    (Appears to have been transient - back up and working at this writing)

    Prikaži ovu nit
    Poništi
  8. 3. velj
    Poništi
  9. 3. velj

    Observe the responses to the original tweet, and see what you can detect:

    Prikaži ovu nit
    Poništi
  10. 3. velj

    PSA: Many accounts reacting to popular tweets are bots or trolls, either seeking engagement karma or pushing agendas. Here you can see how many of the accounts responding to the Jeep Bill Murray ad are ones I'd either already blocked (gray bar), or ID's by BotSentinel (red text)

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    29. sij
    Poništi
  12. 2. velj

    When trying to explain how security can be improved by reducing complexity, I think about "'s Lazer" (by ) a lot: "Any sufficiently advanced software is indistinguishable from malice."

    Poništi
  13. 2. velj

    Setting up a VPN connection through McMurdo: $9/month The look on the SOC team's faces when they see Antarctica in the location fields in the SIEM: priceless

    Poništi
  14. proslijedio/la je Tweet
    2. velj

    A lot of tweets about miss that 02 February 2020 is a palindrome in USA, UK and ISO formats; it is a palindrome day of the year (33) and there are a palindrome of days left in the year (333). This will never happen again. More details here:

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    1. velj

    For those of you using a NV GPU with Volta or Turing chipset, listen up! We hacked our way into the post-48k GPU shared memory region. This improved bcrypt cracking performance by an average of 25%. For instance a GTX2080Ti improved from 42116 H/s to 54770 H/s

    Prikaži ovu nit
    Poništi
  16. 31. sij

    Unfortunately, can now no longer claim that the first case of them adding undisclosed telemetry was accidental or uninformed.

    Poništi
  17. 31. sij

    PSA: If I don't accept cold Facebook video chat requests from my Mom, I'm pretty unlikely to accept them from others.

    Poništi
  18. proslijedio/la je Tweet
    30. sij

    Google OpenSK is an open-source security key that supports FIDO and U2F:

    Poništi
  19. proslijedio/la je Tweet
    30. sij

    We did an experiment years ago, filing a round of complaints for increasingly more serious infractions of rules. Not a single CISSP was revoked, no action was taken. Their carefully crafted rules help ensure that is the disposition on complaints.

    Poništi
  20. 30. sij

    It's odd that the new YouTube kid restrictions won't let you save a kid-tagged video to your own private list - not even "watch later". What threat model is that mitigating?

    Poništi
  21. proslijedio/la je Tweet
    30. sij

    I'm having very mixed feelings right now- about tuberculosis in AK during the war and its impact on Alaska Natives & all I can think of is this family album from an elder who showed me her uncle's wartime photos- of all these Tsimshian Native men in the service. 1/

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·