Recent Updates Toggle Comment Threads | Keyboard Shortcuts

  • cqwww 9:12 am on October 12, 2017 Permalink | Reply  

    Debugging internet issues 

    If you’re on osx, if you have something like brew.sh, install mtr.

    Once you have mtr installed, you can test your internet connection with any computer on the network, or internet. For example “mtr google.com” will show all of the computers between your computer, and Google’s webservers. Not only does it show you the internet address of all of these computers, as long as you’re running mtr you will see how long it takes a packet of data to transit this route.

    Most notably on the right hand column, you want to see 0% packet loss. Under the ping section you want to see under 100ms, or 1/10th of a second latency, especially if you want to do something like Skype/video chat.

    If the first “hop” is the problem, it’s likely something in your house. If it’s the second or third, or shares the same domain name as your ISP that is showing packet loss or over 1000ms (1 second) in latency, it might be worth a call to your ISP and see if they can fix it.

    You can get more detailed tutotials from DigitalOcean and Linode.

    You might also want to try something like Speedtest for an online bandwidth test.

     

     

     
  • cqwww 8:55 am on October 12, 2017 Permalink | Reply  

    first steps on osx after security — install brew 

    If it’s your first time on osx, or just setting up a new machine, or doing a re-install, there are a few things I install by default. Before you start the software installing, you should think about security first… configuring your firewall and encrypted partition(s). As for the software:

    The first thing I do is point my browser to http://brew.sh/ and install it. Go to Applications -> Utilities -> Terminal and paste:
    ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
    Once that is done:
    $ brew doctor
    and make sure there are no errors. If you see any errors, search for them online and fix them. After that I install:

    Most of these can be installed in terminal from the command line. For example, if I want to see if Sublime Text is there:
    $ brew search sublime
    Caskroom/cask/sublime-text
    $ brew install Caskroom/cask/sublime-text

    and it should install. This is a lot easier than searching online, downloading, and installing each.

    Every week or two, you should run the following to keep things updated:
    $ brew update && brew upgrade && brew cleanup && brew cask cleanup && brew doctor

     
  • cqwww 12:44 pm on September 16, 2017 Permalink | Reply  

    Most of the best InfoSec professionals I know don’t have a related degree 

    https://twitter.com/Freeyourmindkid/status/908739486967791621

    Susan M CSO Equifax

    Susan M — CSO of Equifax has only a music degree

     
    There have been several people and media outlets commenting that the CISO of Equifax has a music degree. 

    Infosec is an industry that in my experience is led mostly by smart people who are obsessed with infosec, are self-taught, and transitioned to experience.
     
    I’m personally self-taught. I was given the title of global security expert by Canada’s biggest company, and privacy expert & international trainer for the International Association of Privacy Professionals (IAPP).
     
    I have no degrees. Although I did get my reverend certificate one late night on the internet 😀
    On a slightly more serious note, I remember a first meeting a technical mentor, Marcus, when he mentioned that if I like infosec so passionately, I likely also enjoy amateur (ham) radio, photography, model rocketry, lock picking etc. People in InfoSec often have deep and creative hobbies, and many of them. So having a passion for music also makes a lot of sense, and does not devalue the individual’s competence in terms of information security capabilities, as least on its own.

    Equifax surely made some epic mistakes, which should actually impact credit reporting moving forward as industry fraud level is too high now to trust any of the data points used by Equifax. But let’s not make it unnecessarily personal when the individuals degree doesn’t have any relevance.

    More of my thoughts on Equifax as posted on Twitter

     
  • cqwww 11:08 am on September 11, 2017 Permalink | Reply  

    I met a nice young woman on the week-end. In the first few minutes of meeting she told me she had a really high IQ, while ordering a Caffè Americano. She mentioned she had a late night drinking (alcohol) the night before, as she ordered in her second Americano. Then she told me how much she was against anyone who does any type of drugs.

     
  • cqwww 6:03 pm on September 8, 2017 Permalink | Reply  

    Is reading the bible hate speech in Canada? 

    My friend Steve, an advocate for free speech in the U.S, and I were discussing hate speech, where I highlighted that most progressive countries have hate speech laws now, including defined hate speech laws in Canada.
    From Wikipedia,

    Section 318 prescribes imprisonment for a term not exceeding five years for anyone who advocates genocide. The Code defines genocide as the destruction of an “identifiable group.” The Code defines an “identifiable group” as “any section of the public distinguished by colour, race, religion, ethnic origin or sexual orientation.”

    Section 319 prescribes penalties from a fine to imprisonment for a term not exceeding two years for anyone who, by communicating statements in any public place, incites hatred against any identifiable group where such incitement is likely to lead to a breach of the peace.

    Steve then asked,

    Would reading the old testament where genocide is advocated by the deity and portraying this as ethical (particularly to children) count?

    I started to think about genocide in the bible (wow, there’s more than I recall) including children, and started with a re-read of Deuteronomy 22:13-21 which ends with

     If, however, the charge is true and no proof of the young woman’s virginity can be found, 21 she shall be brought to the door of her father’s house and there the men of her town shall stone her to death. She has done an outrageous thing in Israel by being promiscuous while still in her father’s house. You must purge the evil from among you.

    If there’s no evidence a woman being married is a virgin, she is evil and should be stoned to death sounds like a recommendation for genocide to me. So that has me wondering if Steve has a point; I’m pretty sure that that being a sexually active single woman is sexual orientation (as defined in section 318 above) and this appears to advocate for the genocide of any such human who attempts to marry — would reading sections of the bible (or Quran) aloud like this one classify as hate speech?

     

     
  • cqwww 10:59 pm on August 29, 2017 Permalink | Reply
    Tags: email, inbox 0, optimization   

    I managed to delete +100 emails tonight just by scrolling down to year old emails. What’s your best tip for heading to Inbox 0? From minimal research, it seems like the best solution for handling email is turn off all notification on mobile and desktop, and only check it certain times a day, for a certain period of time. i.e. 3 x 20 minutes/day. What works best for you?

     
  • cqwww 10:34 pm on August 29, 2017 Permalink | Reply  

    What are your thoughts on the 0x project? (https://0xproject.com/)

     
  • cqwww 5:22 pm on August 29, 2017 Permalink | Reply  

    Let’s start collecting data on Canada’s oligarchies 

    Last night at an ideas Vancouver meeting, Steven and I had an idea on how we could start collecting the data on what interactions are like with Canada’s oligarchies. We’re thinking initially ISPs, cell phone companies, and airlines.

    Imagine you sign up for this oligarchy data collection website, and you agree it can record your transactions. The system would be setup with with something like Twilio to proxy and record the phone calls, and an email proxy to intercept email conversations, initially.

    In a short order, the website could start to show statistics, like how long we really wait on hold for each of these services. In longer order, when you want to do something, like renew your cell phone plan, the website would know which services other customers have been offered, and how they got their in the phone tree. This service could streamline that for you, so you could click a link, “Renew Telus mobile” and it would dial the number, and enter all of the necessary numbers with pauses to get you to a person/renewal the fastest.
    You could also click in app if you think something was a lie or falsehood, and it could now be referenced.

    It’s not a technical problem to create this website, it just needs the financing to get off the ground. Maybe this is something that GenSqueeze or OpenMedia might be interested in, or we could crowdsource it and see what happens?

    What else could we do with such a website? Would you be interested in participating?

     
  • cqwww 3:44 pm on August 29, 2017 Permalink | Reply
    Tags: disrupt   

    Someone should make a bot & plugin that auto clicks every ad seen on every website, while dynamically adjusting User-Agent strings etc. How hard could we make it to discern the difference between bot & human? Advertisers would stop paying, unless ad networks could prove real human eyes/traffic.

    Kris in a 2600 Facebook group in a thread on how one could have a serious impact on the online advertising industry
     
  • cqwww 9:00 am on August 29, 2017 Permalink | Reply  

    vim: vi improved. A text editor worth learning. 

    vim is the improved version of vi (short for visual editor) which is an old school text editor for UNIX based operating systems (Linux, BSD, OSX etc). Once you download vim, and note, this is not simply point and click editor, there is a learning curve.

    There is a lot of documentation to get started. Give yourself about 10 hours just to get used to navigating the editor to edit traditional documents, there’s that much of a learning curve. You might find it easier to learn by playing the vim adventure game or the less pretty but arguably more useful, try out vim genius until you can pass level 4.

    If you decide to stick with it, you may want to print out a cheat sheet.

    I’ve been using it for 20 years(!), and still don’t use 1/2 the features. However even with that, I can navigate a text file faster than all these newbies with their supposedly easy notepad and Word docs. If you really want a powerful, graphical editor, check out sublime text or visual studio code.

    And once you’ve fully mastered vim, you should give emacs a try. Just kidding, no rational human should use emacs. If you’re not aware, the term “editor wars” is famously coined due to the religion of which editor you prefer, vi or emacs.

     
  • cqwww 9:03 am on August 28, 2017 Permalink | Reply  

    It’s not about being offended, it’s about being oppressed. If you, or your family/people weren’t oppressed by the person in the statue, maybe you should listen, instead of criticizing. If after listening, you can look at that person, and their family/people in the eye (not on FB) then you (may) have an argument.

    Kris, replying to a bunch of fellow white guys arguing about how all statues should come down as the humans weren’t perfect
     
  • cqwww 8:12 pm on August 8, 2017 Permalink | Reply  

    Finding a non-US path of Totality 

    For those that don’t want to, or can’t, touch US soil at all (most of the world right now, it seems), what do you recommend for seeing the eclipse on the 21st? I’m debating renting a charter with a group of people, let me know if you’re interested.
    There are a couple of cruises, but they start/end on US soil. I’d love to find a way to be on the Path of Totality that does not involve US soil.

    Nasa’s eclipse maps

     
c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
shift + esc
cancel