Activity
Mon
Wed
Fri
Sun
Dec
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
What is this?
Less
More

Memberships

Rocking

Public • 9 • Free

18 contributions to Rocking
Email is stupid/broken/unmanageable
I was today years old when this first penny dropped for me. Email Link-following. Cool term, what does it mean? In hindsight, it's obvious. In order to protect you from bad guys including bad links in the email they send to you, your email server is most likely... wait for it... waaaaaiiit... "clicking" on every link, in every inbound email, to check it, before sending it on to you. Once more, in case the significance of that went skating past you, like it has me... Every.link.in.every.inbound.email. The tactic works, and is pretty much the only way it can be done, but gracious, there are some privacy issues, right there! And, while we're stirring this *particular "email is stupid"* pot.... here's another GEM. "Microsoft says that Midnight Blizzard, a cyber unit inside Russia's SVR Foreign Intelligence Service, has begun using a clever new technique to compromise victims and deploy malware on their systems. The technique involves sending malicious RDP configuration files to victims via email." Translation: This version of Ivan has stopped trying to break into your computer. Now, he'd like you to click on this file that he's sent to you via email, which will connect you to him! With every administrator privelege that Windows can give, and then some. Read every byte on every hard drive. Install any software on your computer. Terrifying as it is, you just have to say, this.is.brilliant! "I won't call you, I'll just give you my number. You'll call me." It's also absurdly stupid. Configuration files are common and necessary. Almost every application has one. Most of them are text files. Or they should be. Text files are pretty harmless. Buuuut... *sinister voice* what happens when you make a configuration file executable? Believe it or not, this is not the first time Microsoft has done this. They used to have a ... feature ... where if you downloaded a file like a .doc for example, if it was associated with an application in Windows, IT WOULD RUN THAT APPLICATION! And before you think "Well, that's quite useful and convenient?" I'll just remind you that .py and .bat and .vbs and .cmd and .js are ALSO examples of text files that are associated with an application. (python3.exe, cmd.exe, vb.exe etc).
0
0
Something scary for tonight
[attachment]
2
3
New comment 6d ago
Something scary for tonight
1 like • 6d
Very apt 😄
Xneelo Heads-up
Seems like the scammers that have been targeting Xneelo customers recently with all manner of email malfeasance, have had a light-bulb idea, and are ramping up their operations during Xneelo's billing run. Stay alert, and remember you can check if an invoice is valid by checking in the Control Panel, yeah?
2
0
What interesting project have you worked on this year?
Curious to see what projects people have been working on this year. Share below (if it's NDA type stuff then rather done, but tell us it's top secret anyway). I'll go first.
1
2
New comment 10d ago
1 like • 10d
In service of our move AWAY from Google Mail, but wanting to maintain lookup access to the substantial archive (trove) of my emails over the years, And NOT wanting to install yetan email client, just to be able to use Google's (admittedly wide-supported) one-size-fits-all mbox takeout format, I sat down with Claude, and created Python/Flask mbox search application, which outputs via an HTML/CSS/JS web page. We created an intermediate JSON data file from the mbox, stripping the un-needed metadata to improve search speed. The raw mbox is 1.9GB, the JSON file is under 39MB. Searching is blindingly fast. The search is full-text across the email addresses, subject and body. Results are displayed as a uniformly-formatted, truncated list, and have in-place expansion. An unexpected (not really really unexpected, iih) hurdle, was the widely disliked HTML signatures that overly grandiose people/companies choose/are forced to, use. Scalpel'd those out, after a bit of a challenge to identify them, in emails swimming with HTML. The result was worth it. Job done. Thanks Claude 👏🏻
What's your goto tech content ?
Where do you go for tech content? Podcasts, YouTube, Newsletters? And who do you follow the most? LTT? MKBHD?
Complete action
2
4
New comment 14d ago
1 like • 14d
Oh, and RSS :) In fact, probably RSS more than anything else, word for word.
1 like • 14d
@Shawn Jooste Haha.. You asked :) RSS: OMG!omg ubuntLinux and OMG!Ubuntu(https://www.omglinux.com/ https://www.omgubuntu.co.uk/) It's FOSS (https://itsfoss.com) Windows Latest (https://www.windowslatest.com) GHacks (https://www.ghacks.net) Bleeping Computer (https://www.bleepingcomputer.com/news/security) The Hacker News (https://thehackernews.com) Podcasts: Security Now (https://twit.tv/shows/security-now) AI Inside (https://www.patreon.com/aiinsideshow) This Week in Tech (https://twit.tv/shows/this-week-in-tech) Youtube: Chris Titus Tech (https://www.youtube.com/@ChrisTitusTech) Jeff Su (https://www.youtube.com/@JeffSu) mobiscrub (https://www.youtube.com/@mobiscrub) Techhut (https://www.youtube.com/@TechHut)
1-10 of 18
Andre van Rooyen
3
36points to level up
@andre-van-rooyen-4239
Lead update and reboot guy

Active 3h ago
Joined Oct 4, 2024
powered by