HackerTrans
TopNewTrendsCommentsPastAskShowJobs

luch

no profile record

comments

luch
·2 years ago·discuss
Yep I use it quite a bit as well as Buffer's AI assistant to help me rewrite texts, or at least give me interesting synonyms. It's probably the only venue where I can say "maybe AI will help people instead of ruining their jobs"
luch
·2 years ago·discuss
there is a shit-ton of hacker cons outside of the US, the most famous one being the CCC (Chaos Computer Club Convention) in Leizpieg/Hamburg, Germany just before new year's eve.

You mention Dmitry Sklyarov but more recently Marcus Hutchins (MalwareTech) has been also arrested by the FBI following its appearance at Blackhat or Defcon
luch
·2 years ago·discuss
I don't think so, the adoption rate has done nothing accelerating since WWII. Once EV will be mainstream enough the switch will probably be quite brutal.

I don't think it is economically viable to maintain two sets of power distribution (electricity and petrol) at the same time so countries will probably "push out" traditionnal petrol stations once they think EV distribution is okay enough
luch
·2 years ago·discuss
Honestly what's the difference whether it's POTUS or Congress blocking the bill ? The writing on the wall is here: if Russia invades Poland, NATO article 5 or not the US will not go into full blown war with Russia.

And honestly it was the European's fault to believe in this pipe dream.
luch
·2 years ago·discuss
Obviously no what I mean that is ok if your superior and his boss are invited in your team's slack channel even if they only lurks, and you don't create a "shadow channel" with your teammates to talk on the project without being read by your hierarchy.

Same thing with corporate internet, you accept to use the corp proxy DNS and firewall (which all logs infos) to browse the internet instead of using a separate GSM endpoint to circumvent the company's surveillance.
luch
·2 years ago·discuss
That's not what I wanted to say. With remote teams, you need to establish a way to organize the work using written communications which are either mail/slack/sharepoint/whatever and within this framework management needs to have a "view" into what the team is doing.

It means for example being systematically in cc for mail exchanged and being in every teams discord channel. The new social contract when working remotely is "you (the manager) can't look over my shoulder to see if I'm working correctly so I (the employee) need to show proofs of communication instead".

I've seen too many juniors working remotely that just don't communicate on their day-to-day work, and completely blindside their manager/coworkers which understandably freaks out.
luch
·2 years ago·discuss
a videoconfering system that is reliable and easy to use is essential to remote management. You need to have as little friction as possible to propose a 1-1 or a 15 min roundtable to quickly brainstorm something orally.

Then you need remote "telemetry", meaning access either to chat messages, email, tickets, etc. and a way to process it at scale (without reading everything) in order to defuse sticky situations based on partial infos or misunderstandings. Such tools can be panopticon-y so you need to explicitly specify which convos "spaces" are private and which are subject to management interference.
luch
·3 years ago·discuss
most pentesters worth their salt would never do mass exploitation of vulnerable systems, there is little upside doing that and you never know what side effects you will trigger.

This project is fine for the author's self-improvement on how SSH is implemented, but personally I advise against using it in a production environment.
luch
·3 years ago·discuss
I agree with you on that, but the USA (and probably China) is the nation state least likely to skimp on iOS persistence when targeting Russian AV analysts :D
luch
·3 years ago·discuss
no way in hell the NSA forcibly tries to reinfect targets over and over, that's not their modus operandi. Instead they would have spend money to find a persistence on the infected device.

The fact that the attacker has almost a full-chain but no persistence screams to me "second fiddle", probably a nation state that have access to 0-days brokers but no in-house engineering.