pizza slow (high quality)

posts from 2009 / 05

  1. A whisper in your ear: memento mori, memento mori. http://is.gd/KUMp

  2. .@jeson, @vurtyou, and @slp22 are trying to starve me Lunch promises ’ real soon now’ started around 11:30, it is now 15:00. Send help.

  3. Eating outside at Three. Heroin users: stay inside please. Live-tweet it? Stop trying to break into that Car. No $ in the BSun box?

  4. Eating outside at Three. Heroin users: stay inside please. Live-tweet it? Stop trying to break into that Car. No $ in the BSun box?

  5. Brewing a pale ale before going to the Polish Festival at Patterson Park.

  6. @electricfork @vurtyou polka, polka, polka, one o’clock at my place, we’ll walk over (away from the smell of dead fish. Ugh.)

  7. Hey, Friday afternoon, when nobody is looking I’m going to beat the everloving crap out of you. It’s been 3:45 for at least six hours now.

  8. Obama also said ‘ATM Machine’. We elected this guy? And what is it with airline food anymore? I mean you ask for a bag of peanuts and…

  9. I don’t get the dislike of/bias against users of the word & prefix cyber. See: def. of hacker, pronounciation of nuclear, etc. Get over it.

  10. .@censey I disagree w/ the characterization too. I’m using it as a blind man’s cane to determine where I want to keep the real tools.

  11. I was just accused of weaponizing eicar. This will be a fun drill.

  12. @insidecharmcity: RT @wjznews Stray Bullets Hit MD Nuclear Power Plant http://bit.ly/nT4SE

  13. My math textbook for this semester has a Chapter 0.

  14. print “\a\a\a\a\a\a\a I just got a ticket to see Clutch at Sonar! \a\a\a\a\a\a\a\a”;

  15. @AWS0807 …unless your singer is a green lizard named Sarsippius

  16. .@oneeyedcarmen I expect there will be ad hoc lunches and meetups, and folks from out of town that need to know where to enjoy their eveings

  17. .@philip_daigle: “Never heard of this Linux distro” after finding a MINIX 3.0 cd in our stack. Thinking about asking for his geek card.

  18. > @insidecharmcity: RT @wjznews Stray Bullets Hit MD Nuclear Power Plant http://bit.ly/nT4SE

  19. Stopping by Max’s pre-@charmsec? I am - pint night is Apocalypse Great White.

  20. .@danphilpott the spectators are strangely the same year after year, maybe Bradbury’s /The Crowd/ was prescient http://is.gd/HftK

  21. @alexhutton /.You forgot the closing / and . on that style tag http://is.gd/H9IH /.

  22. Enumerating AV exclusions by spraying eicar all over the file system. Hackish, slow, & noisy, but many don’t alert their IR team for eicar.

  23. Comments, cliches, commentary, controversy, chatter, chit-chat, chit-chat, chit-chat, Conversation, contradiction, criticism, @charmsec 13

  24. @johnemcintyre: Accept no substitutes: Grant Barrett’s book on unofficial English is free for the asking. http://tinyurl.com/rddhuw

  25. Abandoned amature hour: trying simultaneous 5GHz (prod) and 2GHz (guest) wireless networks, and dnsmasq w/ opendns. Airtunes so far so good.

  26. SETTING: media on a mac mini smb share, itunes on an mbp streaming to an airport express ECU: Operator screaming, itunes & express failing

  27. > @johnemcintyre: Accept no substitutes: Grant Barrett’s book on unofficial English is free for the asking. http://tinyurl.com/rddhuw

  28. Hop pellets in a dry martini, shaken: visually apealing green peppering, nose improved, does nothing for the flavor. I need hop-infused gin.

  29. Hop pellets in a dry martini, shaken: visually apealing green peppering, nose improved, does nothing for the flavor. I need hop-infused gin.

  30. .@marcusjcarey sushi lunch was fun & I like your HLSC vlog post.

  31. Just got home from a 2-night primitive camping trip with @jeson, @slp22, @vurtyou, @philip_daigle, K, E, and e.

  32. .@philip_daigle and I are headed to Security Lunch Meetup at Baltimore Inner Harbor, Edo Sushi noon, see everyone there #charmsec #sectwits

  33. Capturing images of blade systems over port replicator dongles is fun, pause, not.

  34. .@censey cork the kitchen, ebony LR (or througout), halogen under the counters, nix track lighting, new cabinet hardware, flowers & plants

  35. @marcusjcarey any luck with your lunch plans tomorrow? A few of us would be up for it, time permitting. What restaurant / meet time?

  36. Brown sugar and fish sauce! It’s twoo! It’s twoo!

  37. @Fred0828 you are all over that! Congrats to all of GURU! Four years ago: Mock: http://is.gd/BGVO http://is.gd/BGZZ Real: http://is.gd/BH2X

  38. Crushed both finals, Spring '09 semester: adios! Summer semesters start Tuesday. #umbc

  39. @philip_daigle dude, you could stack a lot of horses something something, http://is.gd/BEbl

  40. @helvetireader I use a build script for Simplepedia to inline css, GM API & about:config to config http://is.gd/jiaW O & GKit can tweak js

  41. Please suggest papers/presos on responsible compromise notification. i.e. “Hi, you are owned.”, not “Hi, you are vulnerable.” abuse@? Still?

  42. .@dionthegod ha - that’s like saying “the closest I got to playing freeze tag was when I was starting running back for my hs football team”

  43. .@dionthegod I always got sidetracked transposing sheet music to QBasic PLAY w/ amp AUX leads soldered to the motherboard speaker terminals

  44. Outlook Zen Koan: Uknown Error.

  45. Baltimore and other delmarva locals: oceancity.org is currently serving pdf/swf malware: DO NOT VISIT (apologies to site admins)

  46. I can’t stress the importance of coding style enough, as other criminals will have to deploy your work. http://is.gd/BjG3

  47. Definsible, if wildly biased/innacurate? Insightful regardless? http://bit.ly/zo5Vs

  48. Definsible, if wildly biased/innacurate? Insightful regardless? http://bit.ly/zo5Vs

  49. Outlook Zen Koan: Extra line breaks in this message were removed. / This message has extra line breaks.

  50. .@alexhutton infosec zombie meme: fix-it-with-encapsulation (usually crypto). Stupidest are ‘disk wipe count’ and password policy myths

  51. Planning our sixth annual memorial weekend camping trip to Greenridge Forest, hoping the weather clears up for us! http://is.gd/B0ab

  52. This lumber is from 1915. When I make decorative cat scratching posts with the remainders, somewhere, a lumberjack will roll in his grave.

  53. I’ve been playing carpenter with nothing but a circular saw, a hammer, a chisel, and a pile of OD rough hewn hickory all afternoon.

  54. Jeff Beck’s at Ronnie Scott’s is on Palladium. Tal Wilkinson is ridiculously talented, and El Becko is a fine wine.

  55. Jeff Beck’s at Ronnie Scott’s is on Palladium. Tal Wilkinson is ridiculously talented, and El Becko is a fine wine.

  56. Tufte forums on visualizing risk: http://is.gd/ArZr As Ricker points out: You can’t present that which you have not computed.

  57. .@will_torres please stay until ~3:30AM, then go to 1745 Kalorama and play very loud music into the windows of the basement unit. Thanks!

  58. .@electricfork your dunkelweizen smells amazing. Hallertaus are still floating, will be tricky to siphon. Shoulda used the muslin bag!

  59. Batch! Ale #2 is kegged. Amazing stuff! Brewing another tomorrow, and tweaking the hop schedule to be more Lagunitas IPA, less SNPA.

  60. Scenario: Attack account, change username, create new account, squat username & abuse. I need to use a stronger password on twitter.

  61. Twitter seems to fatal error on new passwords with spaces, then logs you out. Logged back in using the new password with spaces. Confused.

  62. Oops, I polluted @electricfork’s facebook status. I assumed all those apps used RSS or API calls, not page scrapes. clicks ‘like’ in fb

  63. Note only 14605171 is the real @grantstavely. All others are impostors. Philip K Dick you are missed. Fast flux-able?

  64. Scenario: Attack account, change username, create new account, squat attacked username, grief. I need to use a stronger password on twitter.

  65. .@shrdlu usernames are not static. I’ll let you use mine if I can use yours. wink twitter.com/urls change and everything.

  66. I never kept handles long, and used them for fpss, not hacking. ph8 was my favorite, then hobart. writequit was just the last one I used.

  67. OK @electricfork, I’m going to switch to @writequit again, then you switch to @electricfork, then I’ll be @grantstavely again. 1,2,3,go

  68. Squatting @electricfork’s handle, griefing his followers with nasty dms, as usually #whyitweet #fixreplies

  69. I just crossed streams with @electricfork, er, I mean, @grantstavely. Who ever heard of usernames not being primary keys?

  70. Try to imagine all life as you know it stopping instantaneously and every molecule in your body exploding at the speed of light.

  71. @oneeyedcarmen he can’t hanlde advice without being insulted? http://is.gd/zT5s immediate and direct feedback is always easier to take

  72. .@aaronbarnett if there were windows in my office, I’d have jumped out already. #google

  73. @sxs3200 that’s not effective seasoning, you’ll need to host a BBQ to protect that investment effectively.

  74. @SemanticV: Press release for live website and demos - http://bit.ly/11IB3H

  75. Yeah, @will_torres CSNhd keeps keeps losing signal on me and going to silent/pixels during plays, might have to go to a bar tonight.

  76. > @SemanticV: Press release for live website and demos - http://bit.ly/11IB3H

  77. Happy Anniversary! Thanks for lending me your wife for a few days:)

  78. @alexsotirov: “Hahaha: http://twitter.com/XploitSweatshop

  79. > @alexsotirov: “Hahaha: http://twitter.com/XploitSweatshop

  80. @censey the complainee. Apathy, silence, & dismissal, are all easier. NB: Attacks are not complaints.

  81. Complaints are compliments.

  82. @electricfork @will_torres, it is easier than that: go Neverending Story on them, let the sadness hit 'em. #probablymissingasportsreference

  83. @yahoo what are your tactics for keeping criminals from SEOing malware? Opportunistic attacks make it into you top ten frequently.

  84. @oneeyedcarmen is there anywhere in the city I can get a C02 tank refilled or traded south of Racers? I need to keg a batch, limited time.

  85. What zany things would happen if example.com|net|org suddenly had a valid A and MX records? Interresting dns cache poison for a honeypot.

  86. Most grow out of this risk evaluation, yet keep applying equivalent silliness to externals: “I haven’t died yet, therefor I’m immortal!”

  87. Outlook Zen Koan: The function cannot be performed because the message has been changed. http://is.gd/jqh4

  88. @GratefulGooner why did you have to remind me of that nightmare #radiohead Nissan Pavilion show? Utter disaster. The venue is dead to me.

  89. @linuxgeek247 no fair if you go to CC campus before the next #dojosec, and I love that you called it marco. What pool did you test it in?

  90. Making shrimp tacos with @vurtyou, @jeson, and @slp22, wishing the rain would stop so that we could enjoy the roof deck.

  91. @censey my grandfather bumps me on page 4 of google for ‘grant stavely’. An unrelated ‘grant stavely’ in the UK is on page 5. Poor guy.

  92. Next #dojosec, I’m asking about world peace > @linuxgeek247: #dojosec dnssnarf in 6 lines of python… http://bit.ly/bJbol

  93. Catching the Caps game with @vurtyou, @satie45, and Weeds at a bar in Canton. (My vote is for Growlers/The Tap House)

  94. @linuxgeek247 @sdwilkerson abandoned BIND format somewhat, added query id and responses, using it now: http://is.gd/xS2u (my first python)

  95. @tombihn so it was a bad batch of YKK buckles? Tough luck? I’ve replaced the bag already with an @goincase messenger - love it.

  96. @vurtyou \m/. .\m/ http://phohuongmoi.com/ noonish.

  97. @sdwilkerson @linuxgeek247 I always wanted to learn Python – with http://is.gd/3Z0f and http://is.gd/xLBZ, operationalizing should be simple

  98. Next #dojosec, I’m asking about world peace > @linuxgeek247: #dojosec dnssnarf in 6 lines of python… http://bit.ly/bJbol

  99. @securitytwits needs its own @favrd. #lazyweb, please write one, make it syndicate and bot-RT. Put that gold star to use. http://is.gd/mBfP

  100. @wrayjustin we stopped to try to control the projector. I think we walked past you heading for the far lot as you were driving looking! =/

  101. http://twitpic.com/4rb6r - We found a frog to tailgate with at @dojosec.

  102. I’m not kidding about @dojosec tailgating. Find me.

  103. Want to test IPv6 and teredo detection on your network without deplying it? Invite $big_company pro services over for a meeting. @dojosec

  104. I don’t want to spoil @sdwilkerson’s @dojosec talk, so I’ll stay off Panasonic Display1 for now. http://is.gd/xBT8

  105. The @dojosec projector is awfully quiet on its own ad hoc network. Defaults: http://is.gd/xBOs thought it transmitted on assoc: just myself

  106. @dionthegod btw @philip_daigle asks if he has a girlfriend in the future #dojosec

  107. @dionthegod holy crap are you posting from the future!? I’m @dojosec and @sdwilkerson isn’t talking yet. Do they have flying cars? Jetpacks?

  108. @dojosec w/ @philip_daigle watching @danphilpott’s talk on FISMA. I’ve never worked .gov. And people complain about http://is.gd/xBw2 ?

  109. http://twitpic.com/4rb6r - We found a frog to tailgate with at @dojosec.

  110. I’m not kidding about @dojosec tailgating. Find me.

  111. Want to test IPv6 and teredo detection on your network without deplying it? Invite $big_company pro services over for a meeting. @dojosec

  112. I don’t want to spoil @sdwilkerson’s @dojosec talk, so I’ll stay off Panasonic Display1 for now. http://is.gd/xBT8

  113. The @dojosec projector is awfully quiet on its own ad hoc network. Defaults: http://is.gd/xBOs thought it transmitted on assoc: just myself

  114. Griefers experiments prove trust exists, news at 11 > @joshgans Journalists relying on Wikipedia caught out with hoax. http://short.to/7z41

  115. @electricfork how many times have I spoken to you about your guestures Spaulding?

  116. I’m automating analysis of domains and IP addresses in logs using surbl and google/safebrowsing. What other similar services have open APIs?

  117. I can’t un-visualize this one: @will_torres on XTC’s Skylarking: “Is that kermit singing?”

  118. This toot of a blog post of an executive summary of key findings of the overview of the details is so easy to read, skip the data altogether

  119. Style tip: Underestimating? Deriding? Citing ‘lame’ without reading source material? /.Surround it in Slashdots!/. (+5 Nash Equilibrium)

  120. Thanks @censey, aweseome Kurzweil news! (probably more elucidating than me mumbling) How about novels? http://is.gd/xtSP, http://is.gd/xtTd

  121. @AWS0807 a sweep would have been boring! Enjoy the Caps’ C-league goal and look forward to games 4 and 5!

  122. Griefers experiments prove trust exists, news at 11 > @joshgans Journalists relying on Wikipedia caught out with hoax. http://short.to/7z41

  123. @will_torres go caps! C A P S! (I am surrrounded by penn fans)

  124. Corporate web filtering drives users to the black market. When the latest American Idol clips are banned, only criminals will have the la…

  125. The file system ‘name’ metadata exclusivity is v. 1970s, ignores superior solutions in MacOS, BeOS, file hints, etc.text.tweet.html.exe

  126. The Solution™ to file exesntions isn’t to show/hide them, it’s to annihilate the entire notion. Wrong-headed: http://is.gd/xh0O

  127. You know wha’ they say: See a broad to get that bodiac lay’er down an’ smack 'em yack 'em!

  128. @sckain I ran osx86 on my HP laptop for a while (10.4.8-ish?), macbook now. Dogfood at work, I would frown on other hackintoshes on our LAN

  129. Second bankrupcy of the week: XP on the desktop. Returning to FreeBSD asap, as OSX is sady not an option.

  130. Every time virustotal says ‘-’, I think of Dark Helmet’s thoughts on the triumph of evil over good.

  131. Eschatologists have caclulated the # of collective pronounces and -ly words that will bring end times, but not which conference room

  132. Remoting three+ levels into varying resolution GUI systems should be covered under article 3 of the geneva conventions.

  133. The closed class door and lights off jogged my memory that class is canceled tonight, rushing through leftovers or driving to UMBC didn’t.

  134. VM bankruptcy declared. My greeting now requests that you e-mail me or call my cell phone, then it hangs up on you. VM is dead tech to me.

  135. @LazerFlip how’s your heel flip? I can’t do either half of a lazer flip, need somoene to teach me. http://is.gd/wEoN

  136. By popular demand: four photos of the almost finished basement. http://is.gd/wAmb (I’m accepting tap handle donations for the home-brew tap)

  137. Asked Sfwy meat counter for 4 oz bacon for a ragu, one piece was 8 oz, he couldn’t ring such a small amount, so I got it free. Free bacon!

  138. @tombihn I have a medium cafe bag and both of the clips on the plastic buckle broke off, so it doesn’t latch closed.

  139. @censey those army surplus prices are great. I feel stupid for paying what I did for my Bihn, which I already broke. http://is.gd/R0U

  140. http://twitpic.com/4f25t - We dry hopped @electricfork’s dunkel with the hallertau’s I got at the 2008 GABF.

  141. @commonwombat yup, should be right up our street! #baltimore #kinetic

  142. http://twitpic.com/4erh5 - We’re all gonna have so much fucking fun we’ll need plastic surgeory to remove our godamn smiles.

  143. http://twitpic.com/4enum - TOS Enterprise NCC1701 entering the water in the Baltimore Kinetic Sculpture Race

  144. @electricfork want to come early? The Kinetic Sculpture Race is going to go right past my house. Bring something to grill. At waterfront now

  145. Skating to the square for a used book sale http://is.gd/w7pk and then to the waterfront for the Kinetic Sculpture Race. http://is.gd/vXWN

  146. Many shortened urls last forever. Anyone ever rainbow table them? What percentage of the urls point to darknets? Contain auth creds?

  147. @pearsontowers: Awesome Moneyshot / Johnny Rotten set http://is.gd/vN6G <- great setlist and a cool bit of history!

  148. @dionthegod ‘we were’ got lost in editing, became ‘were’ and implied ‘they were’. My ego is already a lumbering Stay Puft, be careful.

  149. Going to Artful Gourmet to avoid the snarling traffic downtown, then open for the weekend w/ @vurtyou out of town.

  150. @XSSExploits http://is.gd/vWfD played like a pentest to me.

  151. @XSSExploits that was an excellent play in three acts. I’m not normally into tragedies but with writing like that, who wouldn’t be?

  152. @censey I bought a year of trst.us, have a dev, going for sushi. http://trst.us/

  153. @sdwilkerson @dionthegod mentioned #vzdbir, I said ‘oh it was nothing’, everyone agreed, and were all humbled by his pdf exploit earnings

  154. @sdwilkerson I bought your last Guinness @charmsec with my “CONGRATS ON CRACKING THE CODE” Amex card.

  155. @censey let’s do it. We can partner with http://www.stopbadware.org/ - do you have a name in mind? (slightly serious)

  156. @StrongwaterSec Just commands? Grab everything! Tweak something like http://is.gd/vRvi to be trusted, maybe throw it at a serial device?

  157. There is this weird small computer on my desk – has keys 0-9, *, and #, and I don’t know how to make the red blinking light on it stop.

  158. > @pearsontowers: Awesome Moneyshot / Johnny Rotten set http://is.gd/vN6G <- great setlist and a cool bit of history!

  159. 2009 Great American Beer Festival: 9/24-26, Denver, CO. I had a lot of fun last year who wants to go this year? http://is.gd/vJue

  160. It looks like userscripts.org needs an @attritionorg style Going Postal section: http://is.gd/vJoi