Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmBoosting Dropbox upload speed—and making Windows’ TCP stack resilient to network reordering - Dropbox2021-05-18T22:04:37+00:00
https://dropbox.tech/infrastructure/boosting-dropbox-upload-speed
jmnetsh trace [...] correlates events on the wire with events that happen on the TCP layer, timers, buffer management, socket layer, and even the Windows asyncio subsystem (IOCP).
]]>windows tools cli networking dropbox iocp tcp ip internet kernelhttps://pinboard.in/https://pinboard.in/u:jm/b:9b45779da44f/Experiencing WSL as a Linux Veteran2020-01-20T10:22:54+00:00
https://ulsoy.org/blog/experiencing-wsl-as-a-linux-veteran-part-1/
jmlinux windows wsl desktop unix clihttps://pinboard.in/https://pinboard.in/u:jm/b:993f5487a928/malware piggybacking on CCleaner2017-09-18T13:56:14+00:00
http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html
jmOn September 13, 2017 while conducting customer beta testing of our new exploit detection technology, Cisco Talos identified a specific executable which was triggering our advanced malware protection systems. Upon closer inspection, the executable in question was the installer for CCleaner v5.33, which was being delivered to endpoints by the legitimate CCleaner download servers. Talos began initial analysis to determine what was causing this technology to flag CCleaner. We identified that even though the downloaded installation executable was signed using a valid digital signature issued to Piriform, CCleaner was not the only application that came with the download. During the installation of CCleaner 5.33, the 32-bit CCleaner binary that was included also contained a malicious payload that featured a Domain Generation Algorithm (DGA) as well as hardcoded Command and Control (C2) functionality. We confirmed that this malicious version of CCleaner was being hosted directly on CCleaner's download server as recently as September 11, 2017.
]]>ccleaner malware avast piriform windows securityhttps://pinboard.in/https://pinboard.in/u:jm/b:05eb69ba2b84/The World Is Getting Hacked. Why Don’t We Do More to Stop It? - The New York Times2017-05-15T09:09:01+00:00
https://www.nytimes.com/2017/05/13/opinion/the-world-is-getting-hacked-why-dont-we-do-more-to-stop-it.html
jmFirst, companies like Microsoft should discard the idea that they can abandon people using older software. The money they made from these customers hasn’t expired; neither has their responsibility to fix defects. Besides, Microsoft is sitting on a cash hoard estimated at more than $100 billion (the result of how little tax modern corporations pay and how profitable it is to sell a dominant operating system under monopolistic dynamics with no liability for defects).
At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, “pay extra money to us or we will withhold critical security updates” can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more.
Microsoft should spend more of that $100 billion to help institutions and users upgrade to newer software, especially those who run essential services on it. This has to be through a system that incentivizes institutions and people to upgrade to more secure systems and does not force choosing between privacy and security. Security updates should only update security, and everything else should be optional and unbundled.
More on this twitter thread: https://twitter.com/zeynep/status/863734133188681732]]>security microsoft upgrades windows windows-xp zeynep-tufekci worms viruses malware updates softwarehttps://pinboard.in/https://pinboard.in/u:jm/b:5288449ba31e/Cabel Sasser on Twitter: "From a "cash for phones" ATM in the mall (in maintenance mode): @daveaddey finds the most amazing UI ever created. http://t.co/0qKg68wHjQ 😧"2015-09-29T16:26:53+00:00
https://twitter.com/cabel/status/648680009381511168
jmembedded-software ui ux design graphics windows the-horror omgwtf atmshttps://pinboard.in/https://pinboard.in/u:jm/b:9b45bc91bb39/Revised and much faster, run your own high-end cloud gaming service on EC2!2015-07-10T22:49:32+00:00
http://lg.io/2015/07/05/revised-and-much-faster-run-your-own-highend-cloud-gaming-service-on-ec2.html
jmgaming games ec2 amazon aws cloud windows hackshttps://pinboard.in/https://pinboard.in/u:jm/b:aa886a192762/Meet the e-voting machine so easy to hack, it will take your breath away | Ars Technica2015-04-23T13:26:13+00:00
http://arstechnica.com/tech-policy/2015/04/meet-the-e-voting-machine-so-easy-to-hack-it-will-take-your-breath-away/
jmIf an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place—within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know. I’ve been in the security field for 30 years, and it takes a lot to surprise me. But the VITA report really shocked me—as bad as I thought the problems were likely to be, VITA’s five-page report showed that they were far worse. And the WinVote system was so fragile that it hardly took any effort. While the report does not state how much effort went into the investigation, my estimation based on the description is that it was less than a person week.
]]>security voting via:johnke winvote avs shoup wep wifi windowshttps://pinboard.in/https://pinboard.in/u:jm/b:6b81210c5c4d/Run your own high-end cloud gaming service on EC22015-04-20T20:22:35+00:00
http://lg.io/2015/04/12/run-your-own-high-end-cloud-gaming-service-on-ec2.html
jmaws ec2 gaming games graphics spot-instances hacks windows steamhttps://pinboard.in/https://pinboard.in/u:jm/b:7df32acf0f2e/Superfish: A History Of Malware Complaints And International Surveillance - Forbes2015-02-19T17:11:02+00:00
http://www.forbes.com/sites/thomasbrewster/2015/02/19/superfish-history-of-malware-and-surveillance/
jmSuperfish, founded and led by former Intel employee and ex-surveillance boffin Adi Pinhas, has been criticised by users the world over since its inception in 2006.
]]>superfish lenovo privacy surveillance ads java windows mac firefox pups ssl tls ad-injection komodiahttps://pinboard.in/https://pinboard.in/u:jm/b:d4e4b3072b48/Friends don't let friends use mmap(2)2014-05-27T22:14:56+00:00
https://bugzilla.mozilla.org/show_bug.cgi?id=1015957#c2
jmmozilla mmap performance linux io files memory unix windowshttps://pinboard.in/https://pinboard.in/u:jm/b:18ec4984330c/Skype's principal architect explains why they no longer have end-to-end crypto2013-06-24T14:06:20+00:00
http://markmail.org/message/exc3srjkx3uu66bz?q=android
jmskype p2p mobile architecture networking internet snooping crypto via:ip via:kragen phones windowshttps://pinboard.in/https://pinboard.in/u:jm/b:eb89b6f3e5d1/Microsoft's new IE "Ribbon" debunked2011-08-29T21:32:04+00:00
http://seldo.tumblr.com/post/9549775746/this-is-genuinely-microsofts-idea-of-a
jmdesign hci microsoft ui statistics user-hostile ribbon windowshttps://pinboard.in/https://pinboard.in/u:jm/b:81e9b140760d/JAM Software - SpamAssassin for Windows2010-09-17T10:37:49+00:00
http://www.jam-software.com/spamassassin/
jmwindows spamassassin anti-spam software win32 jam-softwarehttps://pinboard.in/u:jm/b:cccf02bcdc3d/Keyboard shortcuts for positioning windows in Mac OS X2010-07-30T12:54:24+00:00
http://fanf.livejournal.com/107843.html
jmmouse keyboard navigation windows shortcuts scripting ui automate4r automatorhttps://pinboard.in/u:jm/b:5a28ca0ab491/Track down your stolen laptop – Prey2009-10-19T22:00:59+00:00
http://preyproject.com/
jmprey theft laptop osx linux windows tracking recovery crime lojackhttps://pinboard.in/u:jm/b:a1a963d7c0a6/Security Fix - Clampi Trojan: The Rise of Matryoshka Malware2009-08-01T10:21:06+00:00
http://voices.washingtonpost.com/securityfix/2009/07/clampi_trojan_the_rise_of_matr.html?wprss=securityfix
jmjoe-stewart secureworks malware reverse-engineering clampi trojans banking security danger risks windows microsoft fraudhttps://pinboard.in/u:jm/b:fef3de2648ed/