A thread on teaching live lessons using @MicrosoftTeams Meet Now function where students follow their normal timetable except online - will go into more detail on every point in a blog post later. Have used Teams for live teaching have supported over 100 live lessons since March

1. If you are using the desktop app, check you have the latest version of Teams so that you should have Breakout rooms enabled. Check by clicking your profile picture, then About - I have version 1.3.00.28779. If you have 1.2..., click on check for updates to get the latest

2. Set your entry routine. I get my students to enter with their microphone muted - you can also not allow attendees to unmute by opening the participants list, clicking the ellipsis and selecting that option.

3. Make sure students arrive as attendees - some organisations have this set up to automatically happen that only meeting organizer is the presenter and others are attendees. Can change this in the manage permissions menu to only me if not already set (opens in a web browser).

4. Classroom routine and expectations - first lesson I share my screen and show the students the raise hand function for when they want to ask questions, how to access the chat function and how to react to questions as opposed to typing answers

~8yrs ago (Dec’12) I got a job @Google. Those were still early days of cloud. I joined GCP @<150M ARR & left @~4B (excld GSuite). Learned from some of the smartest ppl in tech. But we also got a LOT wrong that took yrs to fix. Much of it now public, but here’s my ring-side view👇

By 2008, Google had everything going for it w.r.t. Cloud and we should’ve been the market leaders, but we were either too early to market or too late. What did we do wrong? (1) bad timing (2) worse productization & (3) worst GTM.

We were 1st to “containers” (lxc) & container management (Borg) - since '03/04. But Docker took LXC, added cluster management, & launched 1st. Mesosphere launched DCOS. A lot of chairs were thrown around re: google losing this early battle, though K8 won the war, eventually 👏

We were 1st to “serverless” (AppEngine). GAE was our beachhead -- it was the biggest revenue source early on but the world wasn’t ready for serverless primitives. We also didn’t build auxiliary products fast enough. Clients that outgrew GAE wanted “building block” IaaS offerings.

1st to hadoop (map-reduce ‘04) but our hosted Hadoop launched in ‘15. AWS EMR was ~200M ARR by then. 1st to cloud storage (GFS ’03), but didn’t offer a filestore till ‘18! Customers were asking for it since 2014. Didn’t launch archival storage or direct interconnect till v. late.

@curaffairs The author doesn't know enough about search to have written that article and the reason he's having those problems is AI algos like Rank Brain and Google's attempts to use natural language processing nothing to do with SEOs.

1/x

YMYL is not evaluated at the site level, but the query level.

Again this is on Google, not SEOs because they want to surface better sites.

And those devaluations are part of Core Updates which SEOs like me recover sites from.

2/

Featured Snippets are not optimized for - you can use certain HTML to be pulled in one but there is no definite use case where Featured Snippets are shown or that your site's will show for it. Also doesn't always come from the #1 result.

& that's Google not the SEO.

3/

Also there are many times when an SEO doesn't want their site in the Featured Snippet cuz it doesn't result in a click to the website. But we have no control over what Google pulls as Feature Snippets except to put in a meta tag to exclude us from them

4/

And Neil Patel is not an SEO. Most senior level SEOs see him as nothing more than a scammer because reportedly he's ripped them off by stealing their content and articles and passing them off as his.

5/

Wanna disable Defender when enabled Isolated Core and Tamper protection?

Its a bit more trouble- but doable, without ruining Isolated Core/Secureboot etc.

Defenders process will run as a unkillable protected service- so new tricks needed.

Here we go:

Ok- tamper protection is easy, just make .bat - run as adm:
:again
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter\Instances\WdFilter Instance" /v altitude /t REG_SZ /d -1 /f
goto again

Then unload minifilter with process hacker:

The registry key will be changed while the minifilter do not protect it, when tamper protection makes the driver load again it cannot attach to volumes nor protect registry keys.

Removing it will make it recreate, but invalid altitude do the trick

Notice now the service is: Protected light(antimalware)
Now we cant do anything to the service/process- not even see its open handles.

Lets start by elevating to SYSTEM- just launch a command prompt, then close process hacker- and run it again from the command prompt.
Now process hacker runs as SYSTEM

Only 1 / 67 antivirus engines list SUNBURST backdoor as malicious - SolarWinds.Orion.Core.BusinessLayer.dll https://t.co/taaiUtSJzR #SUNBURST #UNC2452

SolarWinds' digital certificate hasn't been revoked yet.

The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/solarwinds/CatalogResources/Core/2019.4/2019.4.5220.20574/SolarWinds-Core-v2019.4.5220-Hotfix5.msp

Job class within the backdoored #Sunburst DLL is pretty straight forward and aligns with @FireEye's analysis. CollectSystemDescription:

DeleteFile

Linux code injection paint-by-numbers.

Can we launch a process that looks one way to (superficial) auditors but is, in fact, entirely different? (Think process hollowing and the like on Windows).

Firstly, how are processes created and what does related auditing look like?

The most common pattern is fork() → execve(). Where the fork() syscall create a duplicate of the running process context and execve() overlays a copy of the target program onto that context.

After calling fork(), we’ll have two processes, the original one and a new - duplicated - one (with a new pid).

Control will return from fork() to both process instances. In the child process, the return value will simply by 0, in the parent it will hold the pid of the child.

Thus we can determine whether we are running in the child context and call execv() accordingly, while allowing the parent to continue.

Now, let’s take a look at where the auditing hooks lie. From calling execve(), we’ll eventually land up in exec_binrpm().

50 free tools and resources you're gonna love!

🧵

1. UI Garage
Daily UI inspiration & patterns for designers, developers to find inspiration, tools and the best resources for your project.

Link:

2. Remove bg
Remove Image Background: 100% automatically – in 5 seconds – without a single click – for free.

Link:

3. uiGradients
A handpicked collection of beautiful color gradients for designers and developers.

Link:

4. Blender
Free and Open 3D Creation Software.

Link:

Whatsapp will start forcing users to share personal data with Facebook which is it's parent company. It doesn't come as a surprise since all the major giants of Silicon valley; Google, Amazon, Facebook, Microsoft etc are deeply integrated with US intelligence agencies.

THREAD

In 2013, Edward Snowden, an employee of National Security Agency, revealed that the US govt was running a vast Internet surveillance program and tapping every major Silicon Valley platform and company— Facebook, Google, Apple, Amazon including mobile games like Angry Birds.

[1]

The most astonishing program revealed by Snowden’s disclosures is called PRISM, which involves a sophisticated on-demand data tap housed within the datacenters of the biggest and most respected names in Silicon Valley: Google, Apple, Facebook, Yahoo!, and Microsoft.

[2]

These devices allow the National Security Agency (NSA) to extract whatever the agency requires, including emails, attachments, chats, address books, files, photographs, audio files, search activity, and mobile phone location history.

[3]

Edward Snowden also revealed the Mass Metadata Surveillance System of America's National Security Agency (NSA) in his documents. Let's suppose if NSA had found someone dialing number of an al Qaeda member, and assume that this person had phoned 100 other people over the...

[4]

1. (THREAD) So, it seems like the deplatforming debate is once again kicking off, so I thought I would introduce some of the earlier work that was done in this area back when ISIS was buck wild on social media. What have we learned over the last six years might be useful today:

2. One of the earliest studies that discussed the impact of suspensions of ISIS accounts was @intelwire and Morgan's piece: The ISIS Twitter Consensus.

They found that suspensions did have an impact on replies and retweets and overall dissemination.

3. After suspensions, the die-hard supporters dedicated themselves to creating new accounts, but others whittled away: “it appears the pace of account creation has lagged behind the pace of suspensions”

4. On the specific question of how suspensions impact the Twitter network, see this piece by @intelwire and @IntelGirl111, which explores how suspensions impact these groups, including major disruptions to dissemination and decline in follower count:

5. Another study by @Aud_Alexander similarly found that ISIS supporters were finding it hard to “gain traction” after Twitter took a harder stance on the group.

What are the implications of using hacked data for research?

A short thread inspired by the fact that, before AWs took it down, #Parler was extensively hacked and user data was leaked.

The #Parler dataset seems crazy interesting for doing research, and my first reaction after the breach was to shre it with other #CompSocSci ppl.

However, I started having second thoughts, so what follows is to organize ideas and have it somewhere I can look back to.

2/n

Generally speaking, as far as the ethics of research goes a good advice would be to handle hacked data with caution.

First of all, there's an issue of quality. Data might be altered or incomplete, and the source cannot be considered accountable (assuming src is anonymous).

3/n

Secondly and more importantly, a researcher using the data would probably be violating users’ consent and acting against the data collector's will.

Finally, users’ privacy is at stake, since researchers could see material that users didn’t agree for other people to see.

4/n

Sharing private information without consent might put people at risk of harm.

This is all the more true in cases such as the #ParlerHack, where the leaked information is of particularly sensitive nature, and there’s a high risk of unintended consequences.

5/n

In my quest to write a fast IPv4+6 parser, I have written a slow-but-I-think-correct parser, to use as a base of comparison.

In doing so, I have discovered more cursed IP address representations that I was previously unaware of.

A thread!

We start out simple, with IPv4 and IPv6 in what I'll call their "canonical form":

192.168.0.1
1:2:3:4:5:6:7:8

Various specs call these "dotted quad", dot-separated fields each representing 1 byte; and "colon-hex", colon-separated fields each representing 2 bytes.

The first bits of complexity come from IPv6. In canonical form, common addresses would end up with long runs of zeros in the middle. So, "::" allows you to elide 1 or more 16-bit blocks of zeros:

1:2::3:4 means 1:2:0:0:0:0:3:4

Next up, for cursed historical reasons, IPv6 permits you to write the final 32 bits of the address in dotted quad form. Effectively, you can splat an IPv4 address onto the end of IPv6 addresses!

1:2:3:4:5:6:77.77.88.88 means 1:2:3:4:5:6:7777:8888

And of course, you can combine the two!

fe80::1.2.3.4 means fe80:0:0:0:0:0:102:304

I was hacking a game and accidentally invented a word for when you think someone is trans and you're proud of them for coming out but then you find out they aren't

someone is excited to watch bill nye in science class

This happens because one of the ways I figure out which memory location needs to be modified is by memory-searching for all occurrences and changing the first letter of them

so like if I know the next line of dialog is "Die"
I change it to "Aie" "Bie" "Cie" "Eie" "Fie"

then I see which one shows up in the game

X : Can you apply pace layers to maps?
Me : You can but what is where evolves. However, same rules apply to things, practices, data, knowledge and ethical values. All are forms of evolving capital. In the mapping world, we refer to this with pioneers, settlers and town planners.

X : What's the robot for?
Me : Image from an older presentation slide, don't worry it has no relevance.
X : Is this linked to diffusion?
Me : Not simply. Evolution of a single component can consist of many hundreds of diffusion curves i.e. a virus diffuses but it also evolves.

X : Why have you got DevOps in legacy? We haven't even started yet.
Me : That's not my problem. I would take a look at serverless.
X : DevOps is serverless.
Me : Some of the practices maybe co-opted (see ITIL vs DevOps) but the new faction will decide what it is or isn't.

X : I also disagree with your methods graphic.
Me : Do you mean this? As applied to the following map?
X : Yes. Lean is suitable for innovation.
Me : Ah, that depends upon what you mean by innovation. If you mean Genesis then lightweight XP has it beat.

X : I disagree.
Me : Well, I've had 15 years of people telling me that Agile works everywhere or Lean works everywhere or Six Sigma works everywhere and why all the competing methods don't. I have no interest in the conversation. Use appropriate methods based upon context.

time to get back to "repairing" old computers

The funny thing about making the 8-bit-guy into a meme about "repairing" computers with powertools is that the obvious heightening joke would, like, the "8 rounds guy", who fixes computers with firearms

but that would also be him, given that he's also a big gun enthusiast.

so it's inherently hard to satirize the repairing-computers-with-dremels guy, since they're also the guns-guy.

you'd have to go up to like a mythbusters level of overkill.

"this hard drive from 1986 won't spin up. We tried freezing it, tapping it with a rubber hammer, and opening the case to lower the friction... there's only one option left: GET OUT THE C4 EXPLOSIVES!"

➡️Found IP address in the Dominion Server,kidnapped in Frankfurt,2020 US elections manipulating actors:
👉Belgrade,Serbia(OSF/Soros)
👉Iran(Edison/BMA)
👉HSBC Bank,Canada(Eric Coomer)
👉DVSCORP(UNICOM China)
👉CTCL(Mark Zuckemberg)
👉Indivisible .org(ACORN,OBAMA Political Group)

1)➡️ Belgrade, Serbia(OSF/Soros)
Esiste un collegamento diretto con Belgrado, in Serbia, e ci sono, o c'erano, numerosi dipendenti Dominion in Serbia. Sempre in Serbia esiste la Open Society Foundation, proprieta' di Soros, che appartiene ad una delle 1/2

5 Fondazioni nell'europa dell'est, facenti capo alla sede madre a Barcellona (stessa citta' della Syct) la sede di Bruxelles per l'advocacy, e le sedi di londra e Berlino per i temi globali. La sede di New York coordina il tutto. 2/2

2)➡️ Dal 2004, in qualità di unico fornitore di dati sui sondaggi del giorno delle elezioni per il National Election Pool, 👉Edison Research ha condotto sondaggi di uscita per proiettare e analizzare i risultati di ogni principale elezione presidenziale US. Edison 1/4

Research fornisce sondaggi di uscita e tabula il voto nazionale in ogni contea degli Stati Uniti per ABC News, CBS News, CNN e NBC News.
I clienti di Edison Research includono Activision,Amazon,AMC Theatres, Apple,Disney,Dolby Laboratories, Facebook,Google,Oracle,The US 2/4

Another long thread. Bear with me till the end please. These are my views, and not necessarily of those associated with me. Though those associated with me have been incredibly supportive. I thank everyone who messaged me. I thank @databoydg for inspiring me to say this next. 1/n

First, @databoydg: I hope this makes justice to what you've tried to teach me. I'm sorry if I'm a slow student. In this second part of the story, I'm a privileged academic having a drink in Montreal after a #neurips conference with @sindero 2/n

Simon says to me: I feel we need to do something about this (stark lack of minority representation in ML). We agree we'll do something about it, but it feels like we're at the bottom of Everest and have to climb it without any gear 3/n

Time goes by and with the creation of the @turinginst I suggest in the first meeting that we should use it as a public platform to improve the numbers of Black people in UK universities. I encounter a lot of resistance (to be honest, it felt aggressive) and defensiveness 4/n

I was told that was an Oxford and Cambridge problem only by another academic. I felt silenced. Ironically, by both men and women. 5/n

The Internet is at a tipping point, here’s what you’ve probably never heard coming next.

Time for a thread 👇👇👇

1) Let’s start with the users…

Today over 50% of the world is on social media AND on average we each have 70-80 usernames and passwords.

Each of these accounts are owned and controlled by the platforms.

Recipe for disaster.

2) In 2021 American adults spend over 4 hours a day online - that is half a work day.

Time is our most valuable asset, did you realize you are giving this away for free?

3) The applications we use today are built on the foundation of ‘Free + Ads’.

You get free access.

They get YOUR account, YOUR data, YOUR screen time, YOUR community.

And the worst part? This can all be taken away at any moment.

4) So where do we go from here?

It starts with self-sovereign digital identities.

ONLY the user owns their identity data online without intervention from outside parties.

Available now at sites like:

I have been a Substack and Patreon user for a few years now. And though more than one social media giant has, in recent months, expressed the desire to help writers and journalists monetise their audience, there are very good reasons to take these SOPs with a pinch of salt.

Because the reason Patreon and Substack came into existence was not the need for a new business model. It was as a cure for the old business model - an algorithm-driven ad revenue system that powered the attention economy. The attention economy turned audiences into scrollers...

...who were in it for the next viral hit. Quality of information suffered, the nature of discourse suffered, and as a result, democracy itself suffered. Much of this was enabled by the social media giants who are trying to copy the Substack and Patreon model right now in an...

...attempt to "put creators first". But what we must not lose sight of is that the Substack / Patreon model only emerged as a result of the bad practices the social media giants enabled. The algorithm made a toxic internet possible and they were what hit back. Today, multiple...

...podcasting tools video streaming services have donation buttons built in. But it was not always so. I applaud all attempts that anyone makes to help independent media not have to rely on ad money, but I am not going to ever be able to see Facebook's newsletter tool as a...

Parler has been hacked and user data has been downloaded. The following thread contains information from /u/BlueMountainDace on Reddit:

"so a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio

accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.

Well,

because of that access, it gave them access to the behind the login box API that is used to deliver content -- ALL CONTENT (parleys, video, images, user profiles, user information, etc) --. But what it also did was revealed which USERS had "Administration" rights,

"Moderation" rights.

Well, then what happened, those user accounts that had Administration rights to the entire platform... The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no

longer authenticating emails. This meant, they'd get directly to the reset password screen of that Administration user.

This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up