Lockpicking Floppies!

I don't know why twitter is refusing to insert a card for this one. In any case, It's the @LockPickingLwyr, and it's a floppy-drive-lock.
so I've been meaning to do a video or thread on these sorts of locks myself. I have several, of different designs.
generally they're all designed vaguely like this one: it's a plastic insert that goes into the floppy drive, then it has some bit that rotates with the key to hold itself inside.
and they pretty much universally use super-cheap low-security tubular locks like this. You can probably pick most of them with a ballpoint pen
Although I do take slight issue with the floppy drive used in the video: They use a USB floppy drive, which has a molded wavy front.
That's not the type of drive it's supposed to be used in, as you can see from the box.
If you put it into an internal 3.5" disk drive, it'll get a much tighter fit. This won't help much if at all with the security, but it'll definitely work better.
in any case, yes: they're not really designed for "serious" security.
This is basically just made for things like "we have a computer in the church office, and we're tired of bored kids installing videogames"
(my church's lounge had a little 286 in it which had scorched earth preinstalled on it, so why would we need to install games?)
ANYWAY I love that I have a personal brand such that this kind of video comes out while I'm asleep and I wake up to like 20 mentions about it
that's not sarcasm. I love that so many people across the world saw floppy disks show up on something and their first thought was FOONE MUST KNOW ABOUT THIS

More from foone

More from Tech

I think about this a lot, both in IT and civil infrastructure. It looks so trivial to “fix” from the outside. In fact, it is incredibly draining to do the entirely crushing work of real policy changes internally. It’s harder than drafting a blank page of how the world should be.


I’m at a sort of career crisis point. In my job before, three people could contain the entire complexity of a nation-wide company’s IT infrastructure in their head.

Once you move above that mark, it becomes exponentially, far and away beyond anything I dreamed, more difficult.

And I look at candidates and know-everything’s who think it’s all so easy. Or, people who think we could burn it down with no losses and start over.

God I wish I lived in that world of triviality. In moments, I find myself regretting leaving that place of self-directed autonomy.

For ten years I knew I could build something and see results that same day. Now I’m adjusting to building something in my mind in one day, and it taking a year to do the due-diligence and edge cases and documentation and familiarization and roll-out.

That’s the hard work. It’s not technical. It’s not becoming a rockstar to peers.
These people look at me and just see another self-important idiot in Security who thinks they understand the system others live. Who thinks “bad” designs were made for no reason.
Who wasn’t there.

You May Also Like

Recently, the @CNIL issued a decision regarding the GDPR compliance of an unknown French adtech company named "Vectaury". It may seem like small fry, but the decision has potential wide-ranging impacts for Google, the IAB framework, and today's adtech. It's thread time! 👇

It's all in French, but if you're up for it you can read:
• Their blog post (lacks the most interesting details):
https://t.co/PHkDcOT1hy
• Their high-level legal decision: https://t.co/hwpiEvjodt
• The full notification: https://t.co/QQB7rfynha

I've read it so you needn't!

Vectaury was collecting geolocation data in order to create profiles (eg. people who often go to this or that type of shop) so as to power ad targeting. They operate through embedded SDKs and ad bidding, making them invisible to users.

The @CNIL notes that profiling based off of geolocation presents particular risks since it reveals people's movements and habits. As risky, the processing requires consent — this will be the heart of their assessment.

Interesting point: they justify the decision in part because of how many people COULD be targeted in this way (rather than how many have — though they note that too). Because it's on a phone, and many have phones, it is considered large-scale processing no matter what.
#தினம்_ஒரு_திருவாசகம்
தொல்லை இரும்பிறவிச் சூழும் தளை நீக்கி
அல்லல் அறுத்து ஆனந்தம் ஆக்கியதே – எல்லை
மருவா நெறியளிக்கும் வாதவூர் எங்கோன்
திருவாசகம் என்னும் தேன்

பொருள்:
1.எப்போது ஆரம்பித்தது என அறியப்படமுடியாத தொலை காலமாக (தொல்லை)

2. இருந்து வரும் (இரும்)


3.பிறவிப் பயணத்திலே ஆழ்த்துகின்ற (பிறவி சூழும்)

4.அறியாமையாகிய இடரை (தளை)

5.அகற்றி (நீக்கி),

6.அதன் விளைவால் சுகதுக்கமெனும் துயரங்கள் விலக (அல்லல் அறுத்து),

7.முழுநிறைவாய்த் தன்னுளே இறைவனை உணர்த்துவதே (ஆனந்த மாக்கியதே),

8.பிறந்து இறக்கும் காலவெளிகளில் (எல்லை)

9.பிணைக்காமல் (மருவா)

10.காக்கும் மெய்யறிவினைத் தருகின்ற (நெறியளிக்கும்),

11.என் தலைவனான மாணிக்க வாசகரின் (வாதவூரெங்கோன்)

12.திருவாசகம் எனும் தேன் (திருவா சகமென்னுந் தேன்)

முதல்வரி: பிறவி என்பது முன்வினை விதையால் முளைப்பதோர் பெருமரம். அந்த ‘முன்வினை’ எங்கு ஆரம்பித்தது எனச் சொல்ல இயலாது. ஆனால் ‘அறியாமை’ ஒன்றே ஆசைக்கும்,, அச்சத்துக்கும் காரணம் என்பதால், அவையே வினைகளை விளைவிப்பன என்பதால், தொடர்ந்து வரும் பிறவிகளுக்கு, ‘அறியாமையே’ காரணம்

அறியாமைக்கு ஆரம்பம் கிடையாது. நமக்கு ஒரு பொருளைப் பற்றிய அறிவு எப்போதிருந்து இல்லை? அதைச் சொல்ல முடியாது. அதனாலேதான் முதலடியில், ஆரம்பமில்லாத அஞ்ஞானத்தை பிறவிகளுக்குக் காரணமாகச் சொல்லியது. ஆனால் அறியாமை, அறிவின் எழுச்சியால், அப்போதே முடிந்து விடும்.