My friends in cybersecurity community, here is interesting challenge for you. I grabbed swag data blocker from one of the vendors at cybersecurity conference, tested at home using OMG malicious cable detector, by plugging security key into data blocker and then into OMG tool. OMG light up, as seen in the picture, I popped data blocker open and data pins are not soldered on one side. How? Any ideas. Here is the image, vendor name blocked, it's not their fault.

If you are using Android phone then you could have noticed recent update from Google which allowed you to "personalize your ad experience" and those settings apparently were on by default. So you have to actually do work to opt out. Here is how you can turn it off: Settings->Security&Privacy->More privacy settings->Ads->Ad privacy. It will take you to the screen in picture, go ahead and turn off all of these settings and definitely delete your advertising ID.

I've read white-paper about data that iOS and Android devices send when NOT IN USE, so that you don't have to. Situation is really bad, even when user opted out of telemetry devices continue to send data to A and G respectively. Aside from everything else, one area that I'd like to highlight is MAC addresses of nearby devices, along with gateway that iOS devices send, if exposed 3-rd parties may learn a lot about devices in your household.

I am excited to announce that I will be speaking at Cybersecurity Conference by North Texas ISSA

Went out to whiskey tasting event organized by North Texas ISSA, it was good to meet fellow cybersecurity practitioners and taste some whiskey.

Feeling lucky, got that prize at as usual really awesome conference put together by NTXISSA

It's a most wonderful time of the year: CSC9 conference. It's been virtual last year, good to be back in person. Also nice opportunity to earn some CPE.

Today is very sad one, recent events showed us that on those free or even paid platforms you can not be truly private or free. They will immediately censor you, block you, deprive you of functionality once your opinion is not aligned with opinion of their investors. The only way to be free is to have a full control of a platform and I am on personal mission to make it available for non tech people. This where you can find uncensored me, forever

I wonder how many people bought wrong stock thinking that Signal Advance Inc has anything to do with Signal app LOL those guys running lose on Wall Street think that it's the only place in the world...

One of my favorite quotes applicable to software development: "First solve the problem, then write the code" and it is sad when younger generation of devs can't grasp meaning of such quote. That's where many security problems arise from, devs pushing something out of the door, just to check a box, on the other hand at some companies had screwed up their KPI's , so fixing 2 defects in a week would appear better, than taking a week to properly resolve 1st without introducing 2nd.

Going to the rabbit hole ... sat down to write a new blog post, as a result decided to transfer my blog to a new platform. Been using Blogger platform for a while, and wondered if it can be easier to use, as a result stumbled upon combination of Jekyll and GitHub Pages. After a transfer my blog it going to be just a code on a GitHub that can be managed from console. Here is quick glimpse.

If you are running Calibre on Ubuntu 20.04 and ran into error like: AttributeError: 'NoneType' object has no attribute 'cancel' here problem and solution for ya.


The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!