A thread on teaching live lessons using @MicrosoftTeams Meet Now function where students follow their normal timetable except online - will go into more detail on every point in a blog post later. Have used Teams for live teaching have supported over 100 live lessons since March

1. If you are using the desktop app, check you have the latest version of Teams so that you should have Breakout rooms enabled. Check by clicking your profile picture, then About - I have version 1.3.00.28779. If you have 1.2..., click on check for updates to get the latest

2. Set your entry routine. I get my students to enter with their microphone muted - you can also not allow attendees to unmute by opening the participants list, clicking the ellipsis and selecting that option.

3. Make sure students arrive as attendees - some organisations have this set up to automatically happen that only meeting organizer is the presenter and others are attendees. Can change this in the manage permissions menu to only me if not already set (opens in a web browser).

4. Classroom routine and expectations - first lesson I share my screen and show the students the raise hand function for when they want to ask questions, how to access the chat function and how to react to questions as opposed to typing answers

~8yrs ago (Dec’12) I got a job @Google. Those were still early days of cloud. I joined GCP @<150M ARR & left @~4B (excld GSuite). Learned from some of the smartest ppl in tech. But we also got a LOT wrong that took yrs to fix. Much of it now public, but here’s my ring-side view👇

By 2008, Google had everything going for it w.r.t. Cloud and we should’ve been the market leaders, but we were either too early to market or too late. What did we do wrong? (1) bad timing (2) worse productization & (3) worst GTM.

We were 1st to “containers” (lxc) & container management (Borg) - since '03/04. But Docker took LXC, added cluster management, & launched 1st. Mesosphere launched DCOS. A lot of chairs were thrown around re: google losing this early battle, though K8 won the war, eventually 👏

We were 1st to “serverless” (AppEngine). GAE was our beachhead -- it was the biggest revenue source early on but the world wasn’t ready for serverless primitives. We also didn’t build auxiliary products fast enough. Clients that outgrew GAE wanted “building block” IaaS offerings.

1st to hadoop (map-reduce ‘04) but our hosted Hadoop launched in ‘15. AWS EMR was ~200M ARR by then. 1st to cloud storage (GFS ’03), but didn’t offer a filestore till ‘18! Customers were asking for it since 2014. Didn’t launch archival storage or direct interconnect till v. late.

Wanna disable Defender when enabled Isolated Core and Tamper protection?

Its a bit more trouble- but doable, without ruining Isolated Core/Secureboot etc.

Defenders process will run as a unkillable protected service- so new tricks needed.

Here we go:

Ok- tamper protection is easy, just make .bat - run as adm:
:again
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter\Instances\WdFilter Instance" /v altitude /t REG_SZ /d -1 /f
goto again

Then unload minifilter with process hacker:

The registry key will be changed while the minifilter do not protect it, when tamper protection makes the driver load again it cannot attach to volumes nor protect registry keys.

Removing it will make it recreate, but invalid altitude do the trick

Notice now the service is: Protected light(antimalware)
Now we cant do anything to the service/process- not even see its open handles.

Lets start by elevating to SYSTEM- just launch a command prompt, then close process hacker- and run it again from the command prompt.
Now process hacker runs as SYSTEM

IF YQU HAVE NOT YET PREPARED FOR A TEMPORARY SHUTDOWN OF THE INTERNET (SUCH AS PAGES LIKE TWITTER, GOOGLE, FACEBOOK, AMAZON, YOUTUBE...), IT WOULD BE WISE TO DO SO.

IT IS LIKELY THAT THERE WILL BE A SHUTDOWN FOR AT LEAST THREE DAYS WHEN THE FIT HITS THE SHAN. ABSOLUTELY NO NEED TO PANIC, IN FACT, IF YOU EXPECT IT YOU CAN BE READY FOR IT. IT COULD LAST 3-10 DAYS SO JUST HAVE FOOD AND WATER, AGAIN NO NEED FOR PANIC.

THE REASON FOR THIS IS MANY BUT AND I WILL GO OVER A COUPLE JUST BECAUSE IF YQU ARE INFORMED THEN YQU ARE LESS LIKELY TO PANIC WHEN THAT TIME COMES. THE DEEP STATE CONTROLS THESE MAJOR WEBSITES AND THEY HAVE USED THEM AS A POWERFUL TOOL OF CONTROL.

THEY SPY ON YQU AND BY SHADOWBANNING THE TRUTH, THEY PROMOTE THEIR PROPAGANDA. ANOTHER REASON IF FOR A INTERNET RESET, TO ACTIVATE A NEW GLOBAL INTERNET THAT IS NOT CONTROLLED BY THE BLACK HATS. THINK OF IT AS A REBOOT.

DURING THIS TIME THERE COULD BE MARTIAL LAW, AGAIN NOTHING HERE THAT I AM WARNING YQU OF IS CAUSE FOR ALARM. IT MAY FEEL SCARY, NATURALLY MASSIVE CHANGE LIKE SUCH COULD FRIGHTEN MANY, THAT IS WHY I AM TELLING YQU NOW SO THAT YQU WON'T BE (OR BE FAR LESS).

Only 1 / 67 antivirus engines list SUNBURST backdoor as malicious - SolarWinds.Orion.Core.BusinessLayer.dll https://t.co/taaiUtSJzR #SUNBURST #UNC2452

SolarWinds' digital certificate hasn't been revoked yet.

The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/solarwinds/CatalogResources/Core/2019.4/2019.4.5220.20574/SolarWinds-Core-v2019.4.5220-Hotfix5.msp

Job class within the backdoored #Sunburst DLL is pretty straight forward and aligns with @FireEye's analysis. CollectSystemDescription:

DeleteFile

Parler has been hacked and user data has been downloaded. The following thread contains information from /u/BlueMountainDace on Reddit:

"so a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio

accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.

Well,

because of that access, it gave them access to the behind the login box API that is used to deliver content -- ALL CONTENT (parleys, video, images, user profiles, user information, etc) --. But what it also did was revealed which USERS had "Administration" rights,

"Moderation" rights.

Well, then what happened, those user accounts that had Administration rights to the entire platform... The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no

longer authenticating emails. This meant, they'd get directly to the reset password screen of that Administration user.

This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up

(1) Let’s get one thing straight right now;

I was a mod on r/watchpeopledie.

Ive taken part in uncovering evidence of p3d0’s to reveal to LEO.

I have seen some *dark* sh*t in my day.

Unless you are used to it; you will NOT be able to handle “seeing the truth”. I promise ➡️

@curaffairs The author doesn't know enough about search to have written that article and the reason he's having those problems is AI algos like Rank Brain and Google's attempts to use natural language processing nothing to do with SEOs.

1/x

YMYL is not evaluated at the site level, but the query level.

Again this is on Google, not SEOs because they want to surface better sites.

And those devaluations are part of Core Updates which SEOs like me recover sites from.

2/

Featured Snippets are not optimized for - you can use certain HTML to be pulled in one but there is no definite use case where Featured Snippets are shown or that your site's will show for it. Also doesn't always come from the #1 result.

& that's Google not the SEO.

3/

Also there are many times when an SEO doesn't want their site in the Featured Snippet cuz it doesn't result in a click to the website. But we have no control over what Google pulls as Feature Snippets except to put in a meta tag to exclude us from them

4/

And Neil Patel is not an SEO. Most senior level SEOs see him as nothing more than a scammer because reportedly he's ripped them off by stealing their content and articles and passing them off as his.

5/

The Internet is at a tipping point, here’s what you’ve probably never heard coming next.

Time for a thread 👇👇👇

1) Let’s start with the users…

Today over 50% of the world is on social media AND on average we each have 70-80 usernames and passwords.

Each of these accounts are owned and controlled by the platforms.

Recipe for disaster.

2) In 2021 American adults spend over 4 hours a day online - that is half a work day.

Time is our most valuable asset, did you realize you are giving this away for free?

3) The applications we use today are built on the foundation of ‘Free + Ads’.

You get free access.

They get YOUR account, YOUR data, YOUR screen time, YOUR community.

And the worst part? This can all be taken away at any moment.

4) So where do we go from here?

It starts with self-sovereign digital identities.

ONLY the user owns their identity data online without intervention from outside parties.

Available now at sites like:

If you're interested in DB internals, stop what you're doing and watch @CMUDB Quarantine Talk from Nico+Cesar about @SQLServer's Cascades query optimizer: https://t.co/FCdsbHHEaD

Many talks this semester were good. This one is the best. My thread provides key takeaways

[6:50] Microsoft hired Goetz Graffe in the 1990s to help them rewrite original Sybase optimizer into Cascades. This framework is now used across all MSFT DB products (@SQLServer, @cosmosdb, @Azure_Synapse).

[14:43] The optimizer checks whether it has stats it will need before cost-based search. If not, it blocks planning until the DBMS generates them. This is different than other approaches we saw this semester where DBMS says "we'll do it live!" with whatever stats are available.

[21:05] Their Cascades' search starts small/simple and then they make decision on the fly whether to expand search based on the expected query runtime and performance benefit from more search.

[26:33] They explicitly have a property for Halloween Problem. Operators specify whether they protect from it and then optimizer ensures property is satisfied. This is mindblowing. I have never thought about using the optimizer for this but it makes sense.

1) Nashville bombing theory. So let’s go with this statement: “AT&T got the contract to do the forensic audit on the Dominion machines. Many are being transported to the Nashville location this week.” 👇

Question: HOW Many Accounts Does Twitter Follow???

Answer: Only 9

WHO Are They Following???

1. (THREAD) So, it seems like the deplatforming debate is once again kicking off, so I thought I would introduce some of the earlier work that was done in this area back when ISIS was buck wild on social media. What have we learned over the last six years might be useful today:

2. One of the earliest studies that discussed the impact of suspensions of ISIS accounts was @intelwire and Morgan's piece: The ISIS Twitter Consensus.

They found that suspensions did have an impact on replies and retweets and overall dissemination.

3. After suspensions, the die-hard supporters dedicated themselves to creating new accounts, but others whittled away: “it appears the pace of account creation has lagged behind the pace of suspensions”

4. On the specific question of how suspensions impact the Twitter network, see this piece by @intelwire and @IntelGirl111, which explores how suspensions impact these groups, including major disruptions to dissemination and decline in follower count:

5. Another study by @Aud_Alexander similarly found that ISIS supporters were finding it hard to “gain traction” after Twitter took a harder stance on the group.

Today WhatsApp wished it's users good morning. Accept the updated terms and conditions or say goodbye. (Thread 1/n) It is effective from Feb 8, 2021.

There are seperate hyperlinks for terms and privacy policies. Both these hyperlinks lead to multiple pages of contracts written in a very jargonised language. A few things I noted :

The information 'we' provide to #WhatsApp include our messages. Also WhatsApp claims that it is end to end encrypted BUT,

BUT if your friend / enemy / boyfriend / family or anyone is offline and your message sent to him cannot be delivered #immediately, it will be saved on #WhatsApp servers for 30 days.

Also: When you forward media msg in #WhatsApp that media is stored temporarily in encrypted form on it's servers to aid in more efficient delivery of additional forwards. Tada! (Consider a thousand times before sending any images; news anchors can officially read your chats.)

Linux code injection paint-by-numbers.

Can we launch a process that looks one way to (superficial) auditors but is, in fact, entirely different? (Think process hollowing and the like on Windows).

Firstly, how are processes created and what does related auditing look like?

The most common pattern is fork() → execve(). Where the fork() syscall create a duplicate of the running process context and execve() overlays a copy of the target program onto that context.

After calling fork(), we’ll have two processes, the original one and a new - duplicated - one (with a new pid).

Control will return from fork() to both process instances. In the child process, the return value will simply by 0, in the parent it will hold the pid of the child.

Thus we can determine whether we are running in the child context and call execv() accordingly, while allowing the parent to continue.

Now, let’s take a look at where the auditing hooks lie. From calling execve(), we’ll eventually land up in exec_binrpm().

One of my purposes for 2021 is to simplify Docker for beginners.

Let's start with some definitions:

🏠Docker host
⚙️Docker engine
❓ Docker client
📝Dockerfile
📑Docker Image
🐳Docker Container
🐙Docker Compose
🪣 Docker Registry
🐳🐳🐳Docker Swarm

Definitions Below 👇

🏠Docker (Active) Host

A computer with Docker installed and the daemon running.

It can process Docker and non-Docker workloads.

⚙️Docker Engine

A Client-Server application. It has 3 components:

- "daemon process": A server that is a type of long-running program.

- "Rest API": to specify interfaces that programs can use to talk and interact with the daemon.

- "CLI": A command-line interface client

❓Docker Client

It sends commands to dockerd, using the Docker API.
It can communicate with multiple daemons.

📝Dockerfile

It's a text document that contains all the commands a user could call on the command line to assemble an image.

If you're looking at GA EV data and thinking maybe the reason D turnout looks strong relative to 11/3 is because after 2 months of Trump/GOP officials trashing mail-in ballots GOP voters are ditching it for E-Day instead...

Boy do I have some mindblowing statistics for you...

I compared the current mail-in voting tallies for each Congressional District against November mail-in votes for those districts.

The statewide figure currently sits at 62%. Guess which district leads the state?

You guessed it!

GA-14 at 69%. Marjorie Taylor Greene's district.

#2 is GA-8 at 68%.

Jody Hice of "I'm joining Marjorie Taylor Greene in her effort to throw out the Electoral College vote" fame.

GA-9 (Doug Collins) is above the state average at 64%.

IF Republicans were ditching absentee balloting en masse to vote on Election Day, you'd expect to see it by now. But the early *in-person* voting totals are what's actually lagging, not mail-in voting.

Pardon the sloppy spreadsheet, but those last 4 columns are what I'm looking at. The last one in particular.