HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jeffmcjunkin

no profile record

Submissions

Google releases Gemma 4 open models

deepmind.google
1,812 points·by jeffmcjunkin·há 3 meses·474 comments

[untitled]

2 points·by jeffmcjunkin·ano passado·0 comments

comments

jeffmcjunkin
·mês passado·discuss
Confirmed: https://socket.dev/blog/mini-shai-hulud-miasma-and-hades-wor...
jeffmcjunkin
·há 3 meses·discuss
Can confirm. Matching decompilation in particular (where you match the compiler along with your guess at source, compile, then compare assembly, repeating if it doesn't match) is very token-intensive, but it's now very viable: https://news.ycombinator.com/item?id=46080498

Of course LLMs see a lot more source-assembly pairs than even skilled reverse engineers, so this makes sense. Any area where you can get unlimited training data is one we expect to see top-tier performance from LLMs.

(also, hi Thomas!)
jeffmcjunkin
·há 3 meses·discuss
Can confirm.
jeffmcjunkin
·há 10 meses·discuss
I absolutely agree that Microsoft could do better, but they are making progress in removing support entirely for broken (from a security perspective) older protocols such as NTLMv1 (which uses DES as well: more here -- https://bit.ly/crackingntlmv1) and SMB1.

The financial incentives drive Microsoft to support every possible (mis)configuration, forever. It's the tireless work of a few folk at Microsoft like Ned Pyle, Steve Syfus, and Mark Morowczynski that have landed the changes so far.

There could absolutely be a "security check" tool deployed by default with Server 2025 or similar that looks for Kerberoastable user accounts (any account with a ServicePrincipalName is technically Kerberoastable, like computer accounts), AS-REP roastable accounts, weak encryption types, etc. That would probably get more traction than changing defaults out of the box for everyone, as that's another way to phrase "breaking customer environments when they upgrade".
jeffmcjunkin
·há 10 meses·discuss
The RC4 encryption type correlates to the DES hash (more commonly the "NT" hash), so PingCastle has the right warning.
jeffmcjunkin
·há 10 meses·discuss
KeySavvy is the normal workaround for this. $99 extra cost to both sides for them to handle the title verification and shipping, and to act as the dealer to make it qualify for EV credits.
jeffmcjunkin
·ano passado·discuss
Thank you, this was affecting me too.
jeffmcjunkin
·ano passado·discuss
From https://personal.math.ubc.ca/~CLP/about/ :

> For various reasons we have christened these notes “CLP” - none of those reasons can be found [here](https://en.m.wikipedia.org/wiki/CLP)

Presumably it's an inside joke or something.
jeffmcjunkin
·há 2 anos·discuss
Recently, yes :)

https://www.cnn.com/2023/08/06/us/oregon-drivers-pump-own-fu...
jeffmcjunkin
·há 2 anos·discuss
We don't advance as a society unless people ask new questions. Having folk willing to spend some time answering those questions (in public, no less!) helps others. It's really, really damn hard to predict how advancements in one area can help another.

All that said, thanks for your interesting new question, and thanks for spending time on it :D
jeffmcjunkin
·há 2 anos·discuss
Title needs a small fix, it should be `ping ff02::1` (with two colons) to be a valid IPv6 address, match the actual command, and match the original title.
jeffmcjunkin
·há 2 anos·discuss
FWIW I've heard the term "dark fiber" used in both ways as well. Whenever there's ambiguity in jargon, I just avoid that jargon and use more words to describe the actual concept.
jeffmcjunkin
·há 2 anos·discuss
That helps with "we've encrypted your data; pay us for the key" but doesn't help you with "we've made copies of your patient records, leadership's emails; pay us or we publish it all".

The phrase to describe this is double extortion.

As for your question, https://www.cisa.gov/stopransomware is a decent start, but it's a complicated issue. In short, if a pentester can get inside your environment and gain privileges, so can an attacker. You want to slow down attackers enough to buy time for detection and response capabilities.
jeffmcjunkin
·há 2 anos·discuss
Sorry, it was alluded to elsewhere: https://infosec.exchange/@iagox86/112045097519922098

There's more to the story that Rapid7 didn't want to air publicly, and none of it is good for JetBrains.
jeffmcjunkin
·há 2 anos·discuss
Yup, silently patching (like JetBrains did) has a lot of downsides. Let alone the deception from JetBrains to the Rapid7 team.

(Disclosure: I know some of the folk on the Rapid7 side, so I'm perhaps biased towards their interpretation of events)
jeffmcjunkin
·há 3 anos·discuss
For whatever reason, Domain Fronting is considered more of an attack behavior, used by red teamers and penetration testers. Doubling down on that behavior likely didn't seem as appealing from a PR perspective.
jeffmcjunkin
·há 3 anos·discuss
Ahem, that's _9000_.