HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mh_

no profile record

Submissions

It's our birthday – so we built everyone this retro game

canary.tools
1 points·by mh_·10개월 전·4 comments

Caring

blog.thinkst.com
1 points·by mh_·작년·0 comments

Vendor Booths don't have to suck (and why your startup should reconsider them)

blog.thinkst.com
1 points·by mh_·2년 전·0 comments

Hacking as a pathway to building better Products

blog.thinkst.com
3 points·by mh_·2년 전·0 comments

Unfashionably secure: why we use isolated VMs

blog.thinkst.com
305 points·by mh_·2년 전·243 comments

Wrong on the Internet

twitter.com
1 points·by mh_·2년 전·0 comments

Be careful of the examples you use. They stick

blog.thinkst.com
199 points·by mh_·3년 전·128 comments

Seasonal themes, delighting users and small UX touches

blog.thinkst.com
1 points·by mh_·4년 전·0 comments

Is Elon Beyond Reproach?

twitter.com
22 points·by mh_·4년 전·34 comments

Always Be Hacking

blog.thinkst.com
2 points·by mh_·4년 전·0 comments

Apples AT&T demo was a good example of pg's “relentlessly resourceful”

blog.thinkst.com
2 points·by mh_·4년 전·2 comments

Ask HN: Will referral codes cheapen honest referrals?

1 points·by mh_·4년 전·2 comments

Building WireGate: A WireGuard front to detect compromised keys

blog.thinkst.com
8 points·by mh_·5년 전·0 comments

Use a fake kubeconfig file to detect attackers

blog.thinkst.com
1 points·by mh_·5년 전·0 comments

Using a SQL Injection attack to detect attackers

blog.thinkst.com
1 points·by mh_·5년 전·0 comments

Good attacks make good detections make good attacks (a MySQL booby-trap)

blog.thinkst.com
1 points·by mh_·5년 전·2 comments

comments

mh_
·10개월 전·discuss
We build tools (commercial: https://canary.tools) and free (https://canarytokens.org | https://opencanary.org) that help slowdown/detect attackers.

It supports normal(ish) pacman-like activity, except some of the dots you consume might be canaries, which will slow you down/likely lead to you being detected/caught.
mh_
·10개월 전·discuss
It’s our birthday - so we built everyone this retro game.

(Complete all levels, and we will send you a special 10-year edition t-shirt)
mh_
·3년 전·discuss
Heh. "You can totally put in any value here, as long as its exactly this one"
mh_
·4년 전·discuss
You totally can?
mh_
·4년 전·discuss
Ouch. I’m super curious why you found it such a waste. I found it super interesting (I guess for all the reasons in the post)
mh_
·4년 전·discuss
I wrote this about 13 years ago (a little tongue in cheek) but it held up:

https://sensepost.com/blog/2009/twitter-killed-the-infosec-b...

-snip- There’s something liberating about saying “here’s a link”, as opposed to taking the time to formulate your thoughts into a full blown posting.

We were curious if this twitter-effect was real, imaginary or only applicable to lazy people like us.. Thanks to python-twitter and a few lines of script we can look at the the blogging habits of some info-sec superstars (and maybe confuse correlation and causation to jump to conclusions while we at it). -snip-
mh_
·4년 전·discuss
We are already pretty ok at gifting back (our hoodies/gifts have a pretty good rep).

I kinda default to “don’t mess with it” but sometimes wish we could do more to say thanks.
mh_
·5년 전·discuss
You can wave the encoding away (with a tick-box) but in general, people over-estimate what attackers will "notice". In cases like this, many are as desperate to get the loot as users are when they get phished. dialogue boxes and browser warning fade into the background as they hit "accept" to move closer to their goal.