BC TECH

Saved by @SteveeRogerr

foone
@Foone 4 years, 4 months ago 1113 views

Save to PDF Share See On Twitter

Lockpicking Floppies!

I don't know why twitter is refusing to insert a card for this one. In any case, It's the @LockPickingLwyr, and it's a floppy-drive-lock.

so I've been meaning to do a video or thread on these sorts of locks myself. I have several, of different designs.

generally they're all designed vaguely like this one: it's a plastic insert that goes into the floppy drive, then it has some bit that rotates with the key to hold itself inside.

and they pretty much universally use super-cheap low-security tubular locks like this. You can probably pick most of them with a ballpoint pen

Although I do take slight issue with the floppy drive used in the video: They use a USB floppy drive, which has a molded wavy front.
That's not the type of drive it's supposed to be used in, as you can see from the box.

If you put it into an internal 3.5" disk drive, it'll get a much tighter fit. This won't help much if at all with the security, but it'll definitely work better.

in any case, yes: they're not really designed for "serious" security.
This is basically just made for things like "we have a computer in the church office, and we're tired of bored kids installing videogames"

(my church's lounge had a little 286 in it which had scorched earth preinstalled on it, so why would we need to install games?)

ANYWAY I love that I have a personal brand such that this kind of video comes out while I'm asleep and I wake up to like 20 mentions about it

that's not sarcasm. I love that so many people across the world saw floppy disks show up on something and their first thought was FOONE MUST KNOW ABOUT THIS

More from foone

foone
@Foone

I was todays years old when I learned that Final Fantasy VII's Midgar Zolom is an exceptionally badly translated reference to Jörmungandr, the world serpent from Norse mythology.

The other name for Jörmungandr is Miðgarðsormr, which got rendered into katakana as ミドガルズオルム, or "Midogaruzuorumu".
But when it was translated back into English, the translator didn't get the reference.

So they split that into the city name Midgar and the rest as... "Zolom".
Which is not a word.

It was supposed to be a bit of a pun in Japanese. Midgar, the big city in FF7, is named after Midgard, the Old Norse name for the Earth (as opposed to the other realms of the Nine Worlds)

so obviously a big snake living near the city of Midgar would be the Miðgarðsormr, since that basically translate as "Midgard Serpent"

foone
@Foone

A fun fact on the wikipedia page for the metal–oxide–semiconductor field-effect transistor:
it is the most frequently manufactured device in history, and the total number manufactured from 1960-2018 is 13 sextillion.

That's 13,000,000,000,000,000,000,000.

Though this picture is a bit misleading.

Even with devices this small, we couldn't make 13 sextillion of them in 60 years.

So imagine a chip like this. It's the 555 timer, which is one of the most popular integrated circuits ever made.

In 2017, it was estimated a billion are made every year.

And at the heart of it is the die, which looks like this:
(from Ken Shirriff's blog)
https://t.co/mz5PQDjYqF

And that's fundamentally a bunch of CMOS transistors (along with some diodes and resistors), which are a type of MOSFET. How many of them are on a 555?

about 25. Not many, but it's a very simple chip.

Advertisement

foone
@Foone

So I was in the shower this morning, and started wondering:
Do you think the people implicated in Jeffrey Epstein's book had a general "Dead men tell no tales" slush fund?
Or did they have to separately organize his assignation?

I'm just imagining that on August 10th there's a big traffic jam of hired killers all running into each other like

some guy's sneaking out of a vent when a guard walks in, sees him, and goes "HALT!" and the vent guy goes "SHIT!", then notices the guard's ill-fitting suit. "Wait, ...Steve? Is that you?"

"Alex! I haven't seen you since the Reno heist! What are you doing here?"
"Same thing as you, looks like."

"I'll be damned. Well, I've already knocked out the guard, you want to let me finish this?"
"Yeah, go ahead. I'll get paid either way."

foone
@Foone

Tomorrow is gonna be fun for anyone in charge of requisitions.

There's gonna be a bunch of SRE teams asking for lockpicks, crowbars, hydraulic rescue tools, chainsaws, and some breaching shotguns

new SRE exercise:
imagine all the digital locks have broken and are keeping you out, and you can't connect in via the network.

how long until you get a console on the main servers?

now figure out how much money you'd lose being down for that long. Multiply out hours-of-downtime by money-per-hour.
There's your budget for designing Creative Solutions to bypass all your security

Although before you go trying to kick down doors:
Remember that doors are secured between the uprights and aren't as easy to smash open as movies might lead you to believe.
But the wall next to the door is probably just drywall and a little insulation.

drywall is also pretty cheap to repair.

foone
@Foone

gonna get in line for the vaccine because I've heard all these urban legends about tracking microchips

and I think I might be able to root it and install Doom

supposedly bill gates is involved, right?
so it's probably like a miniaturized 386 running ROM-DOS.

the doctor walks in, looks down at my charts, and sighs.
"well, the bad news is that you've got the virus. I'm sorry..."
"and the good news?"
"well..."
*at doom's gate starts faintly playing from my

it took them four tries to figure out that I had the virus, because every time they did a nasal sample, the diagnosis machine kept glitching and playing a youtube video

I laugh in the hospital bed while they're like "ma'am sir ma'am sir, please, this is serious: we can't treat you. Our ventilator keeps trying to reboot in to Windows 3.1 and play skifree. we're quarantining you here so you don't spread this DIGITAL VIRUS to other patients"

More from Tech

Patrick McKenzie
@patio11

A thread on HN about bad code in legacy projects both makes me think how little we've learned as a discipline over the years and, honestly, how little credit we give ourselves for some pretty major

Fun going down this list and thinking: "Hmm, plausible at a well-run modern software shop", "Hmm, possible, but requires implausible tradeoffs", "Literally disallowed by languages", and "If you were to attempt doing that our test suite wouldn't let you merge."

I think we as an industry celebrate (not quite the right word) failure too much and don't celebrate success nearly enough. There is no DailyWTF for competent execution, word of which generally stays pretty local to the source while incompetence passes into legend.

Alrighty let me try to thread the needle on being the change I want to see in the world while not giving away anything that will get me in trouble:

Ruby has wonderful developer ergonomics. Typed languages are easier for machines to guarantee the correctness of. We built a type checker for Ruby (and I believe it is slated for OSS release sometime).

c.f.

Jessie @ Chicago
@jessiedotjs

Why did I leave Google? A thread.

This thread is going to include quotes from Wired's "Three Years of Misery Inside Google, the Happiest Company in Tech" because I'm not a professional writer

When I joined Google, I fell in love with the company immediately. I was excited to come to work, not just for the technical challenges, but because I really felt I was making a difference and working for the good guys.

I spent 20% of my week working on an app that helped people find lost loved ones after natural disasters. I spent more free time speaking to students about technology and diversity. For an entire school year, I taught CS classes twice a week at a local low income high school.

The company was open. We had a weekly meeting called TGIF where anyone in the company could ask questions of, and raise concerns with, the execs. We got real answers.

Advertisement

Alex Stamos
@alexstamos

The entire discussion around Facebook’s disclosures of what happened in 2016 is very frustrating. No exec stopped any investigations, but there were a lot of heated discussions about what to publish and when.

The story doesn\u2019t say you were told not to... it says you did so without approval and they tried to obfuscate what you found. Is that true?
— Sarah Frier (@sarahfrier) November 15, 2018

In the spring and summer of 2016, as reported by the Times, activity we traced to GRU was reported to the FBI. This was the standard model of interaction companies used for nation-state attacks against likely US targeted.

In the Spring of 2017, after a deep dive into the Fake News phenomena, the security team wanted to publish an update that covered what we had learned. At this point, we didn’t have any advertising content or the big IRA cluster, but we did know about the GRU model.

This report when through dozens of edits as different equities were represented. I did not have any meetings with Sheryl on the paper, but I can’t speak to whether she was in the loop with my higher-ups.

In the end, the difficult question of attribution was settled by us pointing to the DNI report instead of saying Russia or GRU directly. In my pre-briefs with members of Congress, I made it clear that we believed this action was GRU.

Austin Energy
@austinenergy

LIVE: ❄️ City of Austin leadership including @AustinEnergyGM will address the unprecedented severe weather.
💻 Due to tech limitations, it will only be available via Facebook Live here: https://t.co/PchiwUgP0M
We will be live-tweeting in this thread.

Mayor Steve Adler: This will require us all to come together and help one another.
City Manager Spencer Cronk: As a City, we are doing our best to help those in need.

Cronk: Stay off the roads and conserve energy. Every little bit helps.

COA Office of Homeland Security and Emergency Management Director Juan Ortiz: Currently we have a warming center at the Palmer Events Center. You can show up at any time. As of this morning, cold weather shelters remain active. 282 were sheltered overnight.

Ortiz: Urge residents to conserve much power as possible to help with the emergency issues. We are working with critical facilities to ensure that access to those facilities remain open, so ambulances can get in.

Brian Balfour
@bbalfour

⚡️🧠Impact = Environment x Skill

A framework for making big career decisions by @iambangaly (Reforge Partner, Former Instacart, Instagram)

Full post -> https://t.co/dU0l7e0BWR

🧵 Thread...

1/ Career decisions about your next role/opp are the most impactful decisions you might make in your career. As an operator, all of your eggs are in one basket at a time, and we get a limited number of swings at the plate. So getting good at these decisions is important...

2/ At FB, Bangaly managed Rotational PM's. At the end of a rotation, he'd have the same convo: How are you going to choose your next rotation/role?

As a result, Bangaly got a lot of reps guiding this type of decision and created a framework to help with it...

3/ The framework is Impact = Skills x Environment

The goal is not to try and boil this type of decision down to a spreadsheet of inputs that spits out the answer, but rather it helps with 4 things...

4/ It can help with:

- Identify individual variables that are inputs into the decision.
- Evaluate each individual variable in a structured way.
- Understand the relationship between each variable.
- Narrow the decision down to the most important variable

...

You May Also Like

Anshul Pandey
@Anshulspiritual

THE IMPORTANCE OF DEVI BEEJ / BIJA MANTRA.

Once Suutji in his discourse with King Janmajeya repeated the words of Vyasji regarding the pronounciation of the word ऐ. Vyasji had heard the importance of this word in a meeting of all important saints at Naimisharanya.

There this story was discussed.

In that gathering of such great sages, Rishi Jamdagni asked a question to all the eminent luminaries. He wanted to know which diety is the most revered and gets satisfied easily with our prayers. So Lomash rishi replied that Devi

Bhagwati was one such diety. She will be satisfied and is ready to grant you a boon even if you just say the first letter of her beej mantra. In this context he narrated the story of Satyavrat. The story is as follows.

There lived a Brahmin named Devdutt in Kosal.

He was childless. He arranged for an elaborate yagya for a intelligent son to be born. He invited all the eminent rishi's to conduct this Yagya. Rishi Suhotra, Pael, Brahaspati Yagyavalka were assigned different tasks. Rishi Gobhil was asked to sing the Saamved.

He sang the verses very well, but he had to take respite in order to breathe between two verses. This angered devdutt. He spoke his thoughts to Gobhil rishi.

The rishi got very angry as devdutt did not realise the practicalities of singing. He cursed devdutt that

Aditya Todmal
@AdityaTodmal

A THREAD ON @SarangSood

Decoded his way of analysis/logics for everyone to easily understand.

Have covered:
1. Analysis of volatility, how to foresee/signs.
2. Workbook
3. When to sell options
4. Diff category of days
5. How movement of option prices tell us what will happen

1. Keeps following volatility super closely.

Makes 7-8 different strategies to give him a sense of what's going on.

Whichever gives highest profit he trades in.

I am quite different from your style. I follow the market's volatility very closely. I have mock positions in 7-8 different strategies which allows me to stay connected. Whichever gives best profit is usually the one i trade in.
— Sarang Sood (@SarangSood) August 13, 2019

2. Theta falls when market moves.
Falls where market is headed towards not on our original position.

Anilji most of the time these days Theta only falls when market moves. So the Theta actually falls where market has moved to, not where our position was in the first place. By shifting we can come close to capturing the Theta fall but not always.
— Sarang Sood (@SarangSood) June 24, 2019

3. If you're an options seller then sell only when volatility is dropping, there is a high probability of you making the right trade and getting profit as a result

He believes in a market operator, if market mover sells volatility Sarang Sir joins him.

This week has been great so far. The main aim is to be in the right side of the volatility, rest the market will reward.
— Sarang Sood (@SarangSood) July 3, 2019

4. Theta decay vs Fall in vega

Sell when Vega is falling rather than for theta decay. You won't be trapped and higher probability of making profit.

There is a difference between theta decay & fall in vega. Decay is certain but there is no guaranteed profit as delta moves can increase cost. Fall in vega on the other hand is backed by a powerful force that sells options and gives handsome returns. Our job is to identify them.
— Sarang Sood (@SarangSood) February 12, 2020

Advertisement

Groww
@_groww

You want to buy a house.

You take a loan from the bank.

The bank asks you, “what if you don’t pay back?”

You say, “take my home and sell it”.

(Thread)

That makes sense. The bank gives you a loan and in case you don’t pay, the bank will take over your house and sell it and recover its money.

That’s collateral.

Banks also lend money to big corporations. With them, banks don’t always have collateral.

So a loan where the bank has collateral is considered safer for the bank.

In the early 2000s, the banks in the USA were giving out loans to people for buying houses.

The economy had just recovered from the tech bubble in 2000 where many banks had given out loans to businesses that had shut down.

In that backdrop, the banks found giving home loans safer.

Brian Cates
@drawandstrike

A lot of people don't understand that Trump & his incoming team didn't face a normal transition period, like it was over a in a matter of a few weeks or months.

The DOJ transition period JUST ENDED when Sessions left. Almost 2 exact years to get it there.

Pompeo at the CIA took over a year before he was done and ready to shift over to the State Department.

All kinds of stuff has been going on behind the scenes nobody leaks or talks about.

We only had the barest mention of the fact the Clinton Email investigation restarted

Nobody leaked in a year that Huber was deep diving into the Clinton Foundation.
Keep that in mind as all the usual suspects continue to INSIST nothing is happening/going to happen.

Jaya_Upadhyaya
@Jayalko1

SRI KANTESH HANUMANTHA, KADARAMANDALAGI (KAR)
#bharatmandir

KANTESHA means Prabhu full of brightness.
Here, Sri Hanuman appears with a front face and sparkling eyes. Earlier, the village was also called KANTESHPURI on the name of Kantesha Hanuman.

Several thousands of years ago, Hanuman lived in this village. He once saw the Sun and mistaking it to be a fruit, began flying towards it. Since then, this village came to be known as Kadara Man Dalagi. (Kadar means rays, mandala is cluster of rays).

It is believed that King Janmejaya had set up the shrine to get rid of his difficulties.
There is a small pond on the right side of the kshetram where Teppotsava (Float festival) is celebrated.

Kanaka Dasa has praised Sri Kantesha in his various poetic compositions.

Kanaka Dasa was the first devotee to popularize the power of Kantesha. It is said that once Kanaka Dasa was deeply wounded in a battle. To seek blessings, he visited Tirupati but Sri Venkatesha appeared in his dream and advised him to see Kantesha first before seeing him.