jpcosta | 6 months ago | on: Copilot broke audit logs, but Microsoft won't tell customers
What was the answer? Asking for a vp friend
jpcosta's comments
jpcosta | 1 year ago | on: ESP32 Undocumented Bluetooth Commands: Clearing the Air
Unfortunately, all too common in the security field.
jpcosta | 2 years ago | on: Lotus 1-2-3
This is fascinating, but at the same time I got to ask. Wouldn't it easier for a person as experienced as Tavis Ormandy to simply write a console version of a spreadsheet software from scratch using a modern stack?
jpcosta | 4 years ago | on: Ivermectin: Much More Than You Wanted to Know
There are medical bodies staffed by professionals that study these matters, and the states (should) base their decisions on what their findings are. To me the problems starts when decision makers and then the general population start trusting fringe conclusions and trying to interpret medical data when they have no training to do so.
jpcosta | 4 years ago | on: Phrack Issue 70
neutered in what sense? besides doing the keynote speech of course
jpcosta | 4 years ago | on: How to prevent email spoofing, using an unholy combination of silly standards
Maybe try running a business?
jpcosta | 4 years ago | on: “They introduce kernel bugs on purpose”
That seems to me like an unjustified and unjust generalization.
jpcosta | 5 years ago | on: 30K Macs are infected with ‘Silver Sparrow’ virus and no one knows why
I don't really think it pays off to make such distinction between virus and trojan.
`Trojan` is often used to refer to malware that provides a backdoor into your system, and if someone gets to run code on your machine it isn't your machine anymore.
jpcosta | 5 years ago | on: Our Dumb Security Questionnaire
where would one hire an auditor like this? asking for a friend
jpcosta | 5 years ago | on: Password-cracking theory against Assange unravels at extradition trial
You still have to prove who had the gun in the first place
jpcosta | 6 years ago | on: Osquery: SQL-powered operating system instrumentation, monitoring, and analytics
afaik one of the main motivations that led to start osquery project was precisely to have a cross platform tool to allow collecting much needed information from all your hosts in an enterprise setting
jpcosta | 8 years ago | on: The dots do matter: how to scam a Gmail user
I really wish this was the norm!
I have a very common name and signed up for gmail address right at the start. I now receive tons of spam because there are people who sign up to the weirdest things with my gmail handle.
jpcosta | 8 years ago | on: Naming things (2015) [pdf]
BRAFWTNEGASSAY would make sense to the owner of the file or someone working in that particular project. Consider it a project name, or a keyword that is relevant in that particular context.
If you're working with files from different sources with multiple contributors this sort of approach works brilliantly.
You could have named it differently: 2013-06-26_KUTKLOON7_Plasmid-Cellline-100-1MutantFrac
Creation date can sometimes be lost if you copy/move the file between different mediums
jpcosta | 8 years ago | on: “Which word begins with “y” and looks like an axe in this picture?”
I would love to see a deep investigation proving/disproving this point
jpcosta | 9 years ago | on: Avoid Non-Microsoft Antivirus Software
I completely agree with you, I find this "disable antivirus" to be such a bad advice!
Yes, it may work for tech savvy or security aware person. If you know what you're doing you're much less likely to get into problems.
It won't work for general public though.
And the argument being made that "for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors" could be made for any piece of software your install.
jpcosta | 9 years ago | on: Ant colony discovered in an abandoned Polish nuclear weapons bunker
eventually the pile of dead ants will be so high that it will reach the top of the vent putting an end to this madness
jpcosta | 11 years ago | on: Obfuscating “Hello World” in Python
I don't think python's syntax is icky at all and I hope you're not judging it by the looks of an obfuscation challenge.
jpcosta | 11 years ago | on: Source code of Polish electoral voting system?
There is no way to avoid that in the polish language, as someone else pointed out already. Nouns and sometimes even verbs or adjectives have gender, and you need to use either the male form or female form according to the situation
jpcosta | 12 years ago | on: ‘Superbugs’ found breeding in sewage plants
Could UV light be used at waste plants and hospitals to help prevent this kind of bacteria from spreading?
jpcosta | 12 years ago | on: A killer app for Bitcoin? – Spam and Phishing Emails Killer
What if someone flags your emails as spam deliberately, just in order to cause harm?
page 1