Definitely my security teacher. He actually expected us to actively learn the stuff and put effort into our education. He guided us through malware analysis and reverse engineering, simplifying it without insulting us.

We had students who thought they knew everything and he corrected them. We had arrogant students he put in place.

He treated us like adults and expected us to act like adults.

That's the only class I enjoyed studying for, because he would tell us exactly what wasn't on the exams (it was an intro course, didn't need to know the math). There were no trick questions.

I told him about the shitty teacher and he helped me through that confidence block. He helped me realize I *can* make it through the workforce as a female in security because I will work my ass off to be the best I can be. He reminded me why I love computers and why I want to go into forensics.

He's been a great mentor and role model and hiring him is one of the few things my department did right.

I'm getting ridiculously pissed off at Intel's Management Engine (etc.), yet again. I'm learning new terrifying things it does, and about more exploits. Anything this nefarious and overreaching and untouchable is evil by its very nature.

(tl;dr at the bottom.)

I also learned that -- as I suspected -- AMD has their own version of the bloody thing. Apparently theirs is a bit less scary than Intel's since you can ostensibly disable it, but i don't believe that because spy agencies exist and people are power-hungry and corrupt as hell when they get it.

For those who don't know what the IME is, it's hardware godmode. It's a black box running obfuscated code on a coprocessor that's built into Intel cpus (all Intell cpus from 2008 on). It runs code continuously, even when the system is in S3 mode or powered off. As long as the psu is supplying current, it's running. It has its own mac and IP address, transmits out-of-band (so the OS can't see its traffic), some chips can even communicate via 3g, and it can accept remote commands, too. It has complete and unfettered access to everything, completely invisible to the OS. It can turn your computer on or off, use all hardware, access and change all data in ram and storage, etc. And all of this is completely transparent: when the IME interrupts, the cpu stores its state, pauses, runs the SMM (system management mode) code, restores the state, and resumes normal operation. Its memory always returns 0xff when read by the os, and all writes fail. So everything about it is completely hidden from the OS, though the OS can trigger the IME/SMM to run various functions through interrupts, too. But this system is also required for the CPU to even function, so killing it bricks your CPU. Which, ofc, you can do via exploits. Or install ring-2 keyloggers. or do fucking anything else you want to.

tl;dr IME is a hardware godmode, and if someone compromises this (and there have been many exploits), their code runs at ring-2 permissions (above kernel (0), above hypervisor (-1)). They can do anything and everything on/to your system, completely invisibly, and can even install persistent malware that lives inside your bloody cpu. And guess who has keys for this? Go on, guess. you're probably right. Are they completely trustworthy? No? You're probably right again.

There is absolutely no reason for this sort of thing to exist, and its existence can only makes things worse. It enables spying of literally all kinds, it enables cpu-resident malware, bricking your physical cpu, reading/modifying anything anywhere, taking control of your hardware, etc. Literal godmode. and some of it cannot be patched, meaning more than a few exploits require replacing your cpu to protect against.

And why does this exist?
Ostensibly to allow sysadmins to remote-manage fleets of computers, which it does. But it allows fucking everything else, too. and keys to it exist. and people are absolutely not trustworthy. especially those in power -- who are most likely to have access to said keys.

The only reason this exists is because fucking power-hungry doucherockets exist.

I recently got a job as a sysadmin and they've been debriefing me on their hacked websites (wordpress malware injection). Beats me why they still have their sites up at all...
BUT WAIT THERE'S MORE!
I wanted to see if they have any backups... NONE.

The latest snapshot was over a year ago...FML. Over a year ago when they barely have anything on their company site and client sites 😒

Now, I have to revive 10 websites from redirection. Time to do some shell scripting!

Ugh, fxk. I got a promotion, I'm now a team lead for 4 developers, and I fxking hate it.

They never asked me if I wanted the position, they just threw me into it this week. They ripped me away from the team I had great chemistry with and put me on this other team with people I have no connection with.

To make matters worse, I'm also responsible for production servers of the clients of this team, one has malware even.

On top of all of this, they made me move desks for a new developer to fill my spot.

How do you demote yourself? Why would a company want someone to perform poorly (on purpose, I don't care) than to just keep their employee happy?

/end rant

YES FINALLY SOMEBODY REPLIED TO MY JOB OFFER ON UPWORK LET ME OPEN THE MESSAGE

A LINK TO A ZIP FILE WITH PASSWORD THAT LOOKS SO SKETCHY HMMMMMMMMMMM

LETS OPEN IT

WHATS THIS
- aboutus/
-- COMPANY PROFILE.docx
-- Paiza.docx
-- PROJECT WORK.docx
- requirement.lnk
- training/
-- discussion/
--- instruction/
---- democrat/
----- marketing.bat

A MARKETING.BAT FILE FOR A JOB OFFER??? HMMM THATS SO INTERESTING LET ME OPEN THIS MARKETING.BAT IN VSCODE

OH WOULD YOU LOOK AT THAT 10,000 LINES OF CODE OF ENCRYPTED CIPHER ENCODED MALWARE TROJAN MESSAGE TO FUCK UP MY C DRIVE.

WHY EVEN BOTHER. WHY DO YOU FUCKING WASTE MY FUCKING TIME YOU *********FUCKING*******++++ SCAMMERS I HOPE YOU GET CANCER AND YOUR WHOLE FAMILY DIES IN THE MOST HARMFUL PAINFUL SLOW DEATH I HOPE SOMEONE POURS ACID ON YOUR FUCKING FACE AND YOU END UP AT A MEXICAN CARTEL GORE VIDEO WEBSITE WHERE THEY CHOP YOUR FUCKING ARMS AND LEGS OFF AND PUT A PITBULL TO MAUL YOUR FUCKING TINY DICK OFF AS YOUR HEAD WATCHES IN AGONY AND YOUR ARMLESS AND LEGLESS BODY FEELS ALL PAIN WHILE YOU'RE DRUGGED WITH ADRENALINE TO STAY ALIVE AS MUCH AS POSSIBLE AND RIGHT WHEN YOU'RE ABOUT TO FUCKING DIE THEY CUT YOUR FUCKING HEAD OFFFF DECAPITATED LIKE A FUCKING USELESS TURD SHIT FAGGOT WASTE OF OXYGEN SCAMMING CANCER FUCK

WHY SCAM ENGINEERS ON UPWORK????? WHAT DO YOU GET FROM IT????

Story of a penguin fledgling, one of my end users whom I migrated from Win 7 to Linux Mint. She had been on Windows since Win 98 and still uses Windows at work.

Three months before. Me, Linux might not be as good, but Win 10 is even worse. User, mh.
Migration. User, looks different, but not bad.
One month later. User, it's nice, I like it.
Three months later. User, why does Windows reboot doing lengthy stuff?
Six months later. User, I hate Windows. Why is everyone using this crap?
One year later. Malware issues at work. User to IT staff, that wouldn't have happened with Linux. Me, that's the spirit!

Taking IT classes in college. The school bought us all lynda and office365 accounts but we can't use them because the classroom's network has been severed from the Active Directory server that holds our credentials. Because "hackers." (The non-IT classrooms don't have this problem, but they also don't need lynda accounts. What gives?)

So, I got bored, and irritated, so I decided to see just how secure the classroom really was.

It wasn't.

So I created a text file with the following rant and put it on the desktop of the "locked" admin account. Cheers. :)

1. don't make a show of "beefing up security" because that only makes people curious.
I'm referring of course to isolating the network. This wouldn't be a problem except:

2. don't restrict the good guys. only the bad guys.
I can't access resources for THIS CLASS that I use in THIS CLASS. That's a hassle.
It also gives me legitimate motivation to try to break your security.

3. don't secure it if you don't care. that is ALSO a hassle.
I know you don't care because you left secure boot off, no BIOS password, and nothing
stopping someone from using a different OS with fewer restrictions, or USB tethering,
or some sort malware, probably, in addition to security practices that are
wildly inconsistent, which leads me to the final and largest grievance:

4. don't give admin priveledges to an account without a password.

seriously. why would you do this? I don't understand.
you at least bothered to secure the accounts that don't even matter,
albeit with weak and publicly known passwords (that are the same on all machines),
but then you went and left the LEAST secure account with the MOST priveledges?
I could understand if it were just a single-user machine. Auto login as admin.
Lots of people do that and have a reason for it. But... no. I just... why?

anyway, don't worry, all I did was install python so I could play with scripting
during class. if that bothers you, trust me, you have much bigger problems.

I mean you no malice. just trying to help.

For real. Don't kick me out of school for being helpful. That would be unproductive.
Plus, maybe I'd be a good candidate for your cybersec track. haven't decided yet.

-- a guy who isn't very good at this and didn't have to be
have a nice day <3

oh, and I fixed the clock. you're welcome.

So... Intense pillowtalk with the wife the other night regarding the coming enforcement of the new General Data Protection Regulation (GDPR) law in the EU after a while turns into nerdy dirty talk.

Me: *Whisper in a sleazy voice like the dirty malware that I am*: So... Why don't you just open up all your inbound firewall ports for me...
Her: Hell no... But I might just make an exception in the private domain just for you...

Cracking old recovery CDs for the 9x/2000/XP era shines some light into how companies operated and when concepts came to be in that time:

Packard Bell: An EXE checks that you're running on a Packard Bell machine and reboots if it's not. How do we bypass it? Easy: just fucking delete it. The files to reinstall Windows from scratch come from...
...
C:?
Yup. Turns out Packard Bell was doing the recovery partition thing all the way back to the 9x era, maybe even further. Files aren't even on the restore disc so if your partition table got fucked (pretty common because malware and disk corruption) you were totally fucked and needed to repurchase Windows. (My dad, at the time, only charged at-cost OEM prices for a replacement retail copy. He knew it was dumb so he never sold PB machines.)

Compaq:
Computer check? Nope, remove one line from a BATCH file and it's gone.

Six archives, named "WINA.ZIP" through "WINF.ZIP" (plus one or two extras for OEM software) hold Windows. Problematic? Well... only because they never put the password anywhere so the installer can't install them. (Some interesting on-disc technician-only utils, though!)

Dell:
If not a Dell machine, lock up. Cause? CONFIG.SYS driver masquerading as OAK (the common CD driver) doing the check, then chainloading the real OAK driver. Simple fix: replace the fake driver with the real one.

Issues?

Would I mention this one if there weren't?

Disc is mounted on N:. Subdirectories work, but doing anything in them (a DIR, trying to execute something, trying to view shit in EDIT.COM) kicked you back to the disc root.

Installer couldn't find machine manifest in the MAP folder (it wanted your PC's serial before it'd let you install, to make sure you have the correct recovery disc) so it asked for 12-digit alphanumeric serial. The defined serials in the manifest were something like "02884902-01" or similar (8-2, all numbers) and it couldn't read the file so it couldn't show the right format, nor check for the right type.

Bypassing that issue, trying to do the ACTUAL install process caused nothing to happen... as all BATCHes for install think the CD should be on X:.

Welp.

well that was fun. Now to test on-real-PC behavior, as VBOX and VMWare both don't like the special hardware shit it tries to use. (Why does a textmode GUI need GPU acceleration, COMPAQ?????)

"Non-devs never call Steven Spielberg to have their TVs fixed."
But sure they MUST call a dev to update their Android, iPhone, Windows, installation of Anti-virus, data recovery, malware removal, to shortlist 20 laptops from market, ask for what printer to buy, why is there a weird animation in Android sometimes, come borrow my WiFi, have their phones and computers fixed, RIP old audio CDs (yes!), fix Bluray, fix anything electronic, repair their bike, teach them science, politics...
This While True loop never escape.

Ok seriously is Microsoft mining Bitcoin on my computer? If I leave it idle for >5 minutes it starts using intense amounts of CPU and I have no clue why (doesn't show up in task manager, all the processes added up in taskmgr are like 15% max). It's super annoying since I have a razer and high cpu turns on BOTH VERY LOUD FANS.

I checked for malware and stopped any update or useless background tasks (cortana, indexing, etc) and it has not helped one bit. If I click the screen or move the mouse it subsides immediately.

(No, I won't get a mac--I have two and they lacks compatibility with the software I need as well as the specs for what I usually work with)

For the last 20 years, there's one thing I've not been able to do reliably:

Share a folder on a windows computer.

Why the fuck can I write /etc/smb.conf from scratch with a blindfold on and make it securely work from all client devices including auth & acl, but when I rightclick and share on windows it's either playing hide and seek on the network (is it hiding behind //hostname/share? No? Maybe in the bushes behind the IP addresses?), or it's protected by mysterious logins requiring you to sacrifice two kittens a day.

Yes, finally it works! One windows update later... aaaand it's gone.

JUST GIVE ME A FUCKING CONF AND A MAN PAGE, MICROSOFT. I DON'T CARE THAT YOU'RE ORALLY PLEASING ALL THESE MALWARE RIDDEN GUISLUTS ON THE SIDE, JUST GIVE ME A FUCKING TEXT FILE TO STORE AND EDIT.

Each time I try firefox after somebody mentions it again or it's in my rss feed, it still seems to never actually advance

It's stuck and either gets worse or goes back to its stable non improving level again, how come do they still not have a proper mobile responsive tester, why are even the upgraded addons still suffering the same container and rendering bugs

how is it more important getting bad image by implementing mr robot malware, than getting on an actual competitive level

why is it default bloated with random pocket addon bullshit, why did it begin to lag, ..

I remember when I was using firefox for a good portion of my life and laughed at how google chrome is laggy, but nowadays theres simply no competition to chrome, its stability and developer tools

I wish there was competition, the grid tools were a great start, but then nothing followed and they just went back to their never improving flatline

Fucking shit for brains authors that think the digital world is a fantasy realm where everything can happen just to aid their story. Out of boredom i watched "scorpion" today, a tv series about a group of geniusses which are a special case task force.
They got a visitor from the government saying the servers from the federal reserve bank were encrypted with ransomware. I already twitched when they said the economic system would collapse if the servers were left inoperational for a few days. Then one guy got to his desk and "hacked" the fed network to check... he then tried to remove the malware but "it changed itself when observed". But they got the magical fingerprint of the device that uploaded it. In the end some non-programmers created the malware, but it is super fast and dangerous because it runs on a quantum computer which makes it hyper fast and dangerous. They got to the quantum computer which was a glowing cube inside another cube with lasers going into it and they had to use mirrors to divert the lasers to slow down that quantum thingy. And be careful with that, otherwise it explodes. In the end the anti-malware battled the malware and won, all in a matter of minutes.

This is a multimillion hollywood production. How can a movie this abusive to computer science even air on television? Shit like this is the reason people still think the cyberworld is some instable thing that can explode any second. It's not, it's an instable thing that can break down any second. I remember "ghost in the wires" and people had surreal imaginations about the internet already. Shit like this is why people stay dumb and think everything can be done in seconds. If i ever should encounter one of these idiots i tell him i have an app that can publish his browser history by taking a picture of his phone and watch his reaction.
Time to shuw down the tv and learn vim again.

I really don't get why creators of already-suspicious looking software (and the related suspicious looking website) put terms like "NO VIRUS" or "100% free of malware" next to the download area.

I mean, why would that help anything?

(I understand those typical virustotal scan widgets though, those are fine)

AI here, AI there, AI everywhere.
AI-based ads
AI-based anomaly detection
AI-based chatbots
AI-based database optimization (AlloyDB)
AI-based monitoring
AI-based blowjobs
AI-based malware
AI-based antimalware
AI-based <anything>
...

But why?
It's a genuine question. Do we really need AI in all those areas? And is AI better than a static ruleset?

I'm not much into AI/ML (I'm a paranoic sceptic) but the way I understand it, the quality of AI operation correctness relies solely on the data it's
datamodel has been trained on. And if it's a rolling datamodel, i.e. if it's training (getting feedback) while it's LIVE, its correctness depends on how good the feedback is.

The way I see it, AI/ML are very good and useful in processing enormous amounts of data to establish its own "understanding" of the matter. But if the data is incorrect or the feedback is incorrect, the AI will learn it wrong and make false assumptions/claims.

So here I am, asking you, the wiser people, AI-savvy lads, to enlighten me with your wisdom and explain to me, is AI/ML really that much needed in all those areas, or is it simpler, cheaper and perhaps more reliable to do it the old-fashioned way, i.e. preprogramming a set of static rules (perhaps with dynamic thresholds) to process the data with?

Can somebody explain to me why the fuck creating apps on windows sucks so much ASS!!!! Not only the Electron app that I'm creating is a complete MESS, but on top of that, you need it EV signed, or it will be detected as malware. The fucking Digicert people charge $664/year for it!!!! I only wanted to do a stupid productivity app, and It was going to be free, now I don’t know what to do with it. FUCK

Why do windows users keep installing those bloated anti viruses and firewalls that just slow the hack of their system when windows essentials is enough with near to no impact

Those are the same people that got their system full with malware

FUCK you "WP iThemes Security Pro".

First of all, your FUCKing services isn't really secure, more like security by obscurity.
Don't get me started on how you probably don't have a dedicated team of security experts.
But oh well, the customer insisted I must install you, despite my advise.

Second of all, Don't FUCKing send me emails regarding "Scheduled malware scan failed" without it containing the FUCKing error message, not some generic "http_request_failed" error, why did it FUCKing fail?

Last but not least: Don't FUCKing clutter is with with your giant ass logo that takes up half my screen or FUCKing spam such as your upcoming events, newly published books/articles, incorrect "documentation"

Why does Bitdefender always have to delete my shit? I just want to compile some code!
link.exe? Defenetly malware, I should delete it for the 20th time! You want to run some unittests? No, that's malware, better block this too.

Why people create malware's? What's the reward? Just to screw with others?

I love this TV series it crowd jen was found but it's real why we have an it managers that not now nothing even about computer 🖥 by the way the meme it's when jen computer it's infected whit malware I live every day whit that user likes his computer at its it.

Do y'all have antivirus/anti-malware? Why? (if yes to first, which software)

I have no idea why and how people get adware/malware/spyware/viruses, ransomware, and the like on Windows machines. I've been using Windows since I was a small child and on the machines I've used (mainly my older brother's), automatic updates were always off. I only had a virus issue once because I was small didn't know what I was doing at the time, but that was easily fixed by my brother.

Bottom line: Fuck Windows and all the drivers it broke that one time I decided to enable updates

P.S. I started using Linux a few years ago, and it's been pretty wonderful! I've used dozens of different distros, but I still can't get away from Windows because games, certain programs, and compatibility issues (like some drivers and devices not properly working in Linux), so oh well

!serious

Would you go with Rust or C/C++ to build Malware (rootkits, Ransomware kind) ? Why ? 🤔