[+] timb_machine: @matalaz In most cases, it will be outside of registrar policy (if anything). Particular registrars may have local… https://twitter.com/i/web/status/867285379900112897

[+] timb_machine: @msuiche @blackswanburst Did the Mutex change?

[+] timb_machine: write("HTTP/1.1 200 OK\nX-Encrypted: 0\n\n<key material>\n\n"); # The key server is sending session key in plain text HTTP #notwcry #sadly

[+] timb_machine: @paperghost @davidrook Any commentary about such events tells you more about commentators politics than it offers practical value.

[+] timb_machine: @CiPHPerCoder Business logic?

[+] timb_machine: @hackerfantastic @LauriLoveX @malwaretech Why would the black list prevent spread? Host still resolves and results in 200, no?

[+] timb_machine: @twitter->mute($uninformed_speculation); # I love the race to tar, feather and then ambulance chase malware victims

[+] timb_machine: @cynicalsecurity s/pop/persist on/g

[+] timb_machine: @cynicalsecurity NCs actually had RISC OS in ROM. Bar physical access, pop that.

[+] timb_machine: @ropnop I'll add that to my list of reasons to hate Python.

[+] timb_machine: @cynicalsecurity Not the only ones. ISTR Sun had something similar and then of course there was ill-fated Network C… https://twitter.com/i/web/status/862723357917184000

[+] timb_machine: @4Dgifts @tqbf @matthew_d_green Weirdly similar to how we do it

[+] timb_machine: OH: "I for one would like to welcome America's new Russian overlords"

[+] timb_machine: $day = 1; $bugs = 0; # Unisys mainframe behaving in unexpected fashion, it seems well thought out

[+] timb_machine: #gothproximitywarning

[+] timb_machine: return EWRONGTHREAT; # Reading vendor docs and they have section on file perms entitled Fire Protection Plan. Arson as a new threat model

[+] timb_machine: @travisgoodspeed Anytime neighbour

[+] timb_machine: @travisgoodspeed Can always forward port from http://archive.debian.org or http://snapshot.debian.org

[+] timb_machine: @0x47DF Building security system?

[+] timb_machine: @hanno ETOOMUCHFAITH

[+] timb_machine: @hanno Probably just as well it isn't given level of understanding. Would devolve to more "something must be done".

[+] timb_machine: @crstig \o/

[+] timb_machine: @silpol @matthew_d_green If you're read in on evidence of motivations you'll either be expected to keep quiet or yo… https://twitter.com/i/web/status/860924451805855745

[+] timb_machine: @silpol @matthew_d_green It's easier to ascribe motivation to the people making the accusations than to the anonymo… https://twitter.com/i/web/status/860923619660230658

[+] timb_machine: @_jsoo_ @matalaz Every leak is now the Russians. You didn't get the memo?

[+] timb_machine: @systemdsucks In fairness, other systems (Windows, AIX, Solaris) have had binary (audit) logs for years.

[+] timb_machine: @liamosaur @cnbrkbolat How exactly do you know what RU objectives are?

[+] timb_machine: @s7ephen Not sour enough. Needs more lemon.

[+] timb_machine: @gsuberland @taviso @natashenka I vote PowerShower

[+] timb_machine: @lyon01_david #glorioustroll

[+] timb_machine: @matthew_d_green Do they? Or do they just dislike the US and their allies?

[+] timb_machine: RT @BSidesKnoxville: Thank you to all our fantastic 2017 speakers! Thank you for all the time and care you put into each talk! #BSK2017

[+] timb_machine: @x0rz <3

[+] timb_machine: @natashenka I heard @securelyfitz was playing with boot loaders yesterday \o/ PS: Nice talk

[+] timb_machine: @travisgoodspeed @lixmk Any plans to start a mission, leaving copies in hotel bedrooms of the world?

[+] timb_machine: @botherder ++; # Should be mandatory step for any proposed research projects

[+] timb_machine: @gsuberland ++

[+] timb_machine: @c7zero @richinseattle Looking forward to your talk :)

[+] timb_machine: @0xcharlie @x0rz Lets /teach people to threat model/. Number 1 killer in our industry is people not accurately unde… https://twitter.com/i/web/status/859531873042739204

[+] timb_machine: @djshadow ++; #Football, sunshine and tunes FTW

[+] timb_machine: @FishermansEnemy @GlytchTech Hindu I think

[+] timb_machine: @marcan42 @paxteam @stalkr_ Blame certain embedded vendors for pissing in the pool. Sad but I don't blame @paxteam… https://twitter.com/i/web/status/857613282131226624

[+] timb_machine: @0wasp Containers + BTRFS is a dream for management

[+] timb_machine: @gsuberland @CiaranmaK All thanks to a forward thinking Kiwi.

[+] timb_machine: @comex LOL.

[+] timb_machine: @paxteam @stalkr_ Any way for individuals to subscribe? There was a reason I used to donate... I used it.

[+] timb_machine: @_larry0 @v14dz Nice writeup

[+] timb_machine: @RichFelker @CopperheadOS Suspect much of blame is with those who used and didn't comply.

[+] timb_machine: @gsuberland @sqshr What do you take us for... amateurs? ;)

[+] timb_machine: @gsuberland @sqshr Also Broken BUS.

[+] timb_machine: @sqshr is currently playing with the #cantbus as implemented by @gsuberland #iotgoth

[+] timb_machine: @gsuberland @sqshr Thanks luv

[+] timb_machine: @wendynather Unless you're actively trading on Internet, most of your systems are going to be on internal segments.… https://twitter.com/i/web/status/856846460859678721

[+] timb_machine: @wendynather Apart from anything, what else are you going to assess on an "internal" system...

[+] timb_machine: @wendynather For sure, almost all of the time...

[+] timb_machine: @wendynather :P s/foreign/weird :)

[+] timb_machine: @wendynather We wouldn't say white box, we'd lay out the attack surfaces we're going to look at and engage with the… https://twitter.com/i/web/status/856845080270954498

[+] timb_machine: @wendynather There are edge cases where it's not true, but what you're describing feels like our norm..

[+] timb_machine: @wendynather The VA/pen test/whitebox thing feels quite foreign to how we operate in UK & from what I gather how we… https://twitter.com/i/web/status/856844000141213700

[+] timb_machine: @wendynather Hence, we end up selling attack surface centric services... what I suppose you would call "white box"

[+] timb_machine: @wendynather The reason I'm asking... VA is more typically understood here as "throw Nessus etc at it"

[+] timb_machine: @wendynather i/c fuzzing, reversing, config reviews etc?

[+] timb_machine: @wendynather Does VA include finding currently unknowns?

[+] timb_machine: @Mario_Vilas @matalaz Not "too proud" to admit I enjoyed ADM, TESO and LSD warez back in the day. Never popped anyt… https://twitter.com/i/web/status/856805859652927488

[+] timb_machine: @SecureSamurai @Viss @x0rz @c0mmand3rOpSec @Jhaddix @strukt93 Pedants might point out that OS X /doesn't/ run "on top of" UNIX...

[+] timb_machine: @x0rz You do realise there are bad drivers that have passed their driving exam and doctors who make mistakes... #saynotoqualifications

[+] timb_machine: @dcuthbert @fl1bbl3 RST

[+] timb_machine: @cybergibbons All controls are about changing economic model to better suit defender. Cost benefit analysis depends… https://twitter.com/i/web/status/856269919285071872

[+] timb_machine: @quentynblog Meh, speaking as one who lives in a family of teachers, taking kids out of school during term time is insufferably selfish

[+] timb_machine: @ThorneintheSide @Brentford_Bob @BrentfordFC Meh, ra-ras tried to shut the club down. Fulham just built a statue to Michael Jackson.

[+] timb_machine: What happens if we all turn our washing machines and TVs on when we get in? https://twitter.com/NGControlRoom/status/855314049038286849

[+] timb_machine: Oh wow. Thank goodness there aren't knives in every home in the land... https://twitter.com/cybergibbons/status/855307473632153600

[+] timb_machine: @TheRealRevK He who screens the UART pwns the Thing.

[+] timb_machine: $cpubugs += 1/0; # Counting is hard (and not just for x86): http://www-01.ibm.com/support/docview.wss?uid=isg1IV93885

[+] timb_machine: @N_alomary @gsuberland @SHA2017Camp Then come hack our CTF in 2018, we will expect you... :)

[+] timb_machine: @N_alomary @gsuberland I'm sure we will attend. In the meantime, we're going on our summer holidays to .nl for @SHA2017Camp \o/

[+] timb_machine: @munmap https://blogs.securiteam.com/index.php/archives/3134 < Nice bug :)

[+] timb_machine: @RoganDawes @mainframed767 Looking forward to some deep/dirty ACF2 on Z

[+] timb_machine: @RoganDawes @mainframed767 I've booked Z/OS and ClearPath mainframe jobs this week \o/

[+] timb_machine: #soddergoth https://twitter.com/gsuberland/status/854512190417756160

[+] Sponsored: 64% off Code Black Drone with HD Camera

[+] sodnpoo.com - u8plus smart watch quick teardown and uart

[+] Guido Vranken

[+] SAP System Directories on UNIX - SAP NetWeaver by Key Capability - SAP Library

[+] Vlad Tsyrklevich's blog

[+] Pentester.es

[+] nVisium Blog

[+] Finding Bad Characters with Immunity Debugger and Mona.py « Bulb Security

[+] Active Directory Security » Active Directory, Security, PowerShell, Tech Notes, & Geek Trivia...

[+] Mainframe Security – Thoughts and Techniques on a new/old platform

[+] Travis Goodspeed's Blog

[+] A brief look at the Acer ChromeBook #2

[+] A brief look at the Acer ChromeBook #1

[+] Dead bugs society

[+] A brief look at the RIM PlayBook

[+] Breaking cpau, a dummies guide

[+] Bypassing the Android pattern lock

[+] Introducing VulnApp

[+] Exploiting the Linux linker

[+] Dumping Samba hashes

[+] Defcon 18 CTF qualifiers: who is the h4x13st h4x0r of them all

/meta