noride

noride , 12 days ago

I think they totally got that, and their point was painting Stonehenge didn't help stop climate change, as evidenced in the last panel.

noride , 28 days ago

A lot of negativity around Ubiquity in here, which is surprising to me, honestly. I had their USG for years and loved it, recently swapped it out for the Dream Machine and love it. Really don't understand the complaints about linking it to the cloud. I just didn't bother, everything works fine. Additionally, I managed to get a Debian container running on it and installed ntopng, it's been awesome for getting realtime visibility into my network traffic.

E. I should add I have 6 of their switches and 3 access points, one of which is at least 7 years old and still receiving updates.

noride , 29 days ago

You have to open with "Chugga Chugga Choo Choo, we're all gonna run a train on you!" Or it's just a plain ole gangbang.

noride , 1 month ago

We were very *very *close to replacing our ~700 office Cisco SD-Wan environment with VeloCloud, which is owned by VMware. The Broadcom merger put the brakes on the project completely, they missed out on a few million dollars on that effort alone.
The Velo guys were totally in the dark on what was coming down the pipe for them, Broadcom forced them to change hardware vendors on day one, for example.

noride , 1 month ago (edited 1 month ago)

You aren't wrong, per se, I think you just don't fully grasp the attack vector. This is related to DHCP option 121, which allows routes to be fed to the client when issuing the ip address required for VPN connectivity. Using this option, they can send you a preferred default route as part of the DHCP response that causes the client to route traffic out of the tunnel without them knowing.

E. It would likely only be select traffic routing out of the tunnel. I could, for example, send you routes so that all traffic destined for Chase Bank ip addresses comes back to me instead of traversing the tunnel. Much harder to detect.

noride , 1 month ago

The Killswitch only checks that VPN is up, not whether traffic is correctly routed over it.

noride , 1 month ago

Full tunnel would not mitigate this attack because smaller routes are preferred over larger ones. So, sure, 0.0.0.0/0 is routed over the tunnel, but a route for 8.8.8.8/32 pointing to somewhere layer2 adjacent, pushed via DHCP option 121, would supercede that due to being more specific.

noride , 2 months ago

Also used to track ransom notes, etc.

noride , 2 months ago

Are you really implying clandestine abduction is an acceptable method to deal with an overstayed visa?

noride , 5 months ago

It sounds like they went BTC -> Monero -> BTC. It's not outlined explicitly in the article, but I am guessing it's the on/off ramping that got him popped.

noride , 5 months ago

Is this image from Samsara, or was it Baraka?

noride , 5 months ago

I decided to stop being lazy and did a reverse image search. Looks like it's Baraka (1992), which explains why I recognized it, because that is my go-to movie for recreational psychedelics. :D

noride , 5 months ago

Sony has had a product like that for over a decade. HMZ-T1