Brutkey

Paco Hope
@paco@infosec.exchange
Paco Hope
@paco@infosec.exchange

I think video game voice actors do a better job than these english dub actors. But I can't watch #monsterdon with subtitles. I look down too much.

Paco Hope
@paco@infosec.exchange

NO! August is NOT #pumpkin season. Nor is it #oktoberfest ! Seen in my #grocery store today.

Photo of a 12-pack of various pumpkin beers from Elysian Photo of a 6-pack of Samuel Adam’s β€œJack-O” pumpkin beer Photo of Sierra Nevada Oktoberfest Festbier Photo of cans of β€œAll Hallows Treat” beer
Paco Hope
@paco@infosec.exchange

Just before the end of #caturday I found this very lumpy bathmat in the bathroom.

#MrMittens #catsofmastodon #mastocats

Photo of a grey knit bathmat quite lumpy and kinda blocking the doorway to the bathroom. Photo at floor level looking sideways at the lumpy bathmat. A cute little tabby cat face is just visible underneath a hood of bathmat.
Paco Hope
@paco@infosec.exchange

A friend of mine is an artist selling on #threadless. She sold a print for $83 this week, and received $8.

What is the fediverse favoured Etsy/threadless option? I want to help her move to something better. There was a co-op set up some time ago wasn’t there?

#maker #crafting #artist

Paco Hope
@paco@infosec.exchange

Out of 5000 entrants, a good friend made it to the top 13 in the β€œinstrumental” category. Check out her cover of Smells Like Teen Spirit on the #cello. Vote for her if you feel so moved.

https://www.unsignedonly.com/fandemonium

Paco Hope
@paco@infosec.exchange

Wanna watch #monsterdon without adverts? Wanna save the Internet archive some bandwidth? Both of these versions are available via torrents, I'm torrenting them, and so are others. Download and enjoy.

https://retro.pizza/@CactuarJoe/114978115182932229

Paco Hope
@paco@infosec.exchange

I bought some glasses from Zenni and I got their "EyeQLenzβ„’β„’ with Zenni ID Guardβ„’β„’" (now with 100% more trademarks!) It's meant to interfere with IR cameras and therefore interfere with facial recognition.

I don't know enough to explain a lot about it. What I can confirm is that it definitely interferes with FaceID on my iPhone.

The "EyeQLenz" is one of these lenses that darkens in sunlight. And as far as I can tell that's mandatory if you also want the IR blocking. That technology has come a long way, though. Indoors I find them perfectly clear, not like weak sunglasses. Outdoors they get darker, but never as dark as sunglasses. It's still pretty good.

The IR blocking messes with the iPhone. If I have a COVID mask on and my glasses indoors, it doesn't work. If I don't have a mask on indoors FaceID often works, but takes a while and bit of repositioning a few times.

Outside, after they've had a minute to darken, FaceID doesn't work well at all. I really wanna try them with one of these low-light wildlife cameras that relies on IR illumination. I wonder if my glasses will look bright white (reflecting all the IR) or really black (absorbing it).

So it's anecdotal, but it definitely is doing something. πŸ˜€πŸ˜€

Paco Hope
@paco@infosec.exchange

Any #infosec folks wanna help me with some decent data to backup the following point? I am trying to make the point to some executives that a #password policy requiring minimum 8 characters with 1 symbol, mixed case, and 1 number is just not reasonable in 2025. (I'm commenting on another company's policy, not my own!)

What is a good example of a policy (e.g., NIST 800-63 or whatever) that said 49 bits was no good?

I currently say: 49 bits of entropy was unacceptably low in 2005. It is unthinkably low in 2025. What can I point to that might resonate better than "bits of entropy?"

Using the classic method with Shannon's estimate, I figure it's on the order of 49 bits of entropy but that's only if it's purely random from the full character set, and we konw that's not true.

I'm not looking for rhetorical suggestions. I'm good at rhetoric. I'm looking for references I can point to (like "XYZ published in 2011 that the minimum acceptable password was 56 bits of entropy")

feel free to boost for fun
#security #cybersecurity

Paco Hope
@paco@infosec.exchange

I feel like this is overblown. LLMs in medicine is bad. But this is a 2-letter misspelling that is massively spun up into a big story. I mean, it might have been sloppy use of an AI, but β€œhorrified” over a β€œmade up body part” is a little over the top. It doesn’t help to make mountains out of molehills. There are enough genuine mountains.

https://futurism.com/neoscope/google-healthcare-ai-makes-up-body-part

Paco Hope
@paco@infosec.exchange

This is interesting. Eye drops to help see better.

I don’t know anything about β€œnew atlas” as a website, but they link to the company’s press release at the end. This β€œarticle” is barely more than a distillation of the press release with a stock photo of an eye. It’s easier to read than a press release, but it adds little.

When RFK Jr realises the FDA approved something useful, he will declare eyesight β€œwoke” and get the approval reversed. Unless republicans hold lots of stock in the company.

https://newatlas.com/aging/age-related-near-sighted-drops-vizz/

Press release:
https://ir.lenz-tx.com/news-events/press-releases/detail/39/lenz-therapeutics-announces-us-fda-approval-of-vizz-for-the-treatment-of-presbyopia