Activity
Noted:
Having a website isn't about blogging, it's about you
A lot of people choose not to have a website because they believe they have nothing to put there. I believe they think this because they equate “having a website” with “having a blog”. But this isn’t the case! An IndieWeb site for example is nothing more than having your...
published April 17, 2024 Logged:
Collection all the things!
This site is built using Jekyll, and one of Jekyll’s (and other SSGs I’m sure) most powerful features is Collections - used to group related content together. When I was building the Activity log page recently, I was looking for ways to pull in content from around the site to...
published April 16, 2024 Noted:
Favorite iPad apps
@kir5ty My top (3rd-party) iPad apps FWIW… (in no particular order)
published April 16, 2024 Noted:
Nostr vs. Mastodon
@Rabble, a Nostr advocate and developer recently posted a list of shortcomings of Mastodon / ActivityPub as it relates to Nostr. [1]
published April 15, 2024 Changed:updated April 21, 2024 11:12 pm EST
Weekly Changes 4/15/24-4/21/24
April 21, 2024
- 12 new infosec blogs this week
- 👋 🌎
- Added MagicDot to named vulns list
April 19, 2024
- Added links to Delta around the site
- Published Privacy policy
- Added SHINE to security team names
April 17, 2024
- Published privacy.txt
- Added ShadowRay to named vulns list
- Added ICS Advisory Project, Spy.pet & Are We Hacked? to infosec tools list
- Added PodcastAP to Mastodon post
- Noted Having a website isn’t about blogging, it’s about you
- Added Notes to tags page
- Theme now auto-responds to user dark/light preference
April 16, 2024
- Added CIPHERLEAKs & LeakyCLI to named vulns list
- Added Is it quantum safe? to infosec tools list
- Completely removed Font Awesome from the site
- Noted Favorite iPad apps
- Dev-logged Collection all the things!
April 15, 2024
- Added Why No IPv6? to infosec tools list
- Noted Mastodon vs. Nostr
- Added DEMONS to named vulns list
- Added Fediverse links to blogroll
- Added SPEAR to security team names
Noted:
Security lone wolf
CIS Critical Security Controls and/or NIST CSF as frameworks to help put you in the right mindset. But so much of what you should do first depends on some variables imo.
published April 11, 2024 Noted:
The joy of incremental website improvements
I’ve been thinking about this post https://jamesg.blog/2024/03/04/incremental-website-improvements-joy/ from @[email protected] and it just really hits home. My site has been around nearly 5 years and in that time I have gone through very active periods in terms of working on / writing for the site and very much inactive periods. But...
published April 11, 2024 Logged:
Devlog 1: initialization
As I introduced here, this is a new content series for the site dedicated to discussing/sharing code, how-to’s, resources and more - specific to how I am building this site and related Shellsharks properties (i.e. podcast, Fediverse, etc…)
published April 10, 2024 Posted:
A Multiplicity of Writing
A look at the various forms of writings across the site.
published April 9, 2024 Posted:
Creating an Activity Feed with Jekyll
How to create a unified, IndieWeb-inspired "Activity" feed with Jekyll.
published April 9, 2024 Noted:
Indieweb chat: CSS naked day & community
@[email protected] One of the things I like most about my #indieweb site is everything I’ve put into its design via the CSS. To remove it seems like a cool enough flex in terms of playtesting your HTML-fu but less so (IMO) in sharing your unique, authentic self which is what...
published April 8, 2024 Noted:
The Activity feed
Pushing further into #indieweb *stuff*, I’ve just published v1 of my “Activity” feed, a unified chronological timeline featuring all of my site notes, posts and logs.
published April 8, 2024 Changed:updated April 13, 2024 10:14 am EST
Weekly Changes 4/8/24-4/14/24
April 13, 2024
- 9 new infosec blogs this week
- Starsharks 94
- Added Cheat.sh to infosec tools list
April 11, 2024
- Adding podcast backlog to collection
- Added The DDoS Report & MVSP to infosec tools list
- Noted The joy of incremental website improvements & Security lone wolf
April 10, 2024
- Turned the Changelog into a Jekyll collection
- Initialized devlog series
- Published All Content RSS Feed & devlog RSS feed
- Added Fedi Circles to Mastodon post
- Started converting archived podcasts into a Jekyll collection
April 9, 2024
- Added Kobold Letters, BatBadBut & Native BHI to named vulns list
- Posted Creating an Activity Feed with Jekyll
- Posted A Multiplicity of Writing
- Starsharks 93
April 8, 2024
- Published Activity feed page!
- Noted the activity feed
- Added benefits of a personal fediverse instance to Owning My Own Social post
- Added EveryoneShouldBlog.txt to You Should Blog post
- Noted Indieweb chat: CSS naked day & community
Noted:
Does Meta want to destroy the Fediverse?
There is a lot of consternation within the traditional “Fediverse” community around what Meta’s entrace means for the future of the network. Setting aside fears around moderation, surveillance capitalism, data harvesting & other threats to marginalised communities (which I admit are very real and valid things to be concerned about),...
published April 4, 2024 Noted:
Contrasting timelines: Fedi vs Threads
Here are some observations on who/how I follow on Threads vs Mastodon and the downstream effects those follow decisions have on my respective social timelines.
published April 4, 2024 Noted:
Breaking in is the hard part
In response to one Reddit user’s breaking into infosec plight…
published April 3, 2024 Noted:
Infosec work life balance
A commonly asked question is whether infosec / cybersecurity is “stressful” and generally “what is the work life balance like?”. I think there are three main things that contribute to whether a job is stressful, none of them particularly unique to infosec.
published April 3, 2024 Noted:
Cybersecurity: A life-long pursuit
A redditor asks… So I know that Cyber Security is a field with a lot of knowledge that needs to be gained and I am aware that it changes everyday and you can get left behind. But surely there is a point where you reach a level where you have...
published April 2, 2024 Noted:
The current infosec job market
I see a lot of questions about the infosec / cybersecurity job market…
published April 2, 2024 Noted:
Should Meta re-make Reddit?
Meta should come out with a Reddit clone and federate that. Because Reddit sucks now.
published April 1, 2024 Noted:
5 fingers, 5 liquids
I’m not a big April Fools person but in the spirit of silliness, here is a thought experiment / game to play… My wife was listening to a podcast* which asked, “If you could (magically) make each finger on one hand produce a liquid, what 5 liquids would you choose”....
published April 1, 2024 Changed:updated April 7, 2024 12:00 pm EST
Weekly Changes 4/1/24-4/7/24
April 7, 2024
- 14 new infosec blogs this week
- Added Ahoi Attacks to named vulns list
April 5, 2024
- Added CVEDEB to infosec tools list
- Replaced FontAwesome with Phosphor icons
- Added GifCities to IndieWeb post
April 4, 2024
- Added Mastodon List Manager to Mastodon post
- Added CONTINUATION Flood & Crescendo to named vulns list
April 3, 2024
- Added After The Beep to IndieWeb post
- Added MastoVue to Mastodon post
April 2, 2024
- Added infosecstreams to Getting into infosec post
- Published stanadlone architecture page
- Added The Password Game to infosec tools list
- Added Gandalf to online training list
April 1, 2024
- Added Honest Security to infosec tools list
- Added Sepia Search & Fedi CW to Mastodon post
Journaled:
Captain's Log, Entry: March 31, 2024
Apparently my site blew up on TikTok. The video from @bytesizedsecurity sent my page views through the roof. I had 1000% of the normal clicks within the first 4 days of March. The video itself has nearly 400k views! This had the side effect of blowing through my Font Awesome...
published March 31, 2024 Posted:
xz/liblzma Compromise Link Roundup
Links to analysis, discussion and more related to the xz/liblzma compromise (CVE-2024-3094).
published March 31, 2024 Noted:
Why does the Fediverse churn?
@multiverseofbadness Though a lot of people might point at HoA culture as a primary reason people are driven from here I think it’s something else…
published March 29, 2024 Noted:
The whimsical corners of the Fediverse
One thing I find ever-delightful about using #Mastodon (as part of the wider #Fediverse) is the experience of encountering folks from unique or whimsically-named instances. A lot of who I follow on this particular account is in infosec and most of those folks (smartly) live on infosec.exchange. But I’ll come...
published March 29, 2024 Noted:The elephant in the
The elephant in the room thread
A common myth about elephants is that they are afraid of mice. But would a Mastodon (a prehistoric elephant) be afraid of a Lemmy (the mascot being a mouse-like rodent)? In the Fediverse, the answer to this is a definitive “No”! One (of many) thing(s) that is so interesting and...
published March 27, 2024 Noted:
[email protected] toot archive
Now that I’ve moved to my personal Mastodon instance, I had been wondering how I could archive all my old posts from infosec.exchange. Welp, I came across this…
published March 26, 2024 Noted:
Power-boosters of the Fediverse
I’ve written a bit about discoverability on Mastodon but wanted to emphasize one sure-fire way to unearth a ton of interesting content from the less-visited corners of the Fediverse and that is to find & follow accounts that boost liberally. I refer to these accounts as “Power-Boosters” and they are...
published March 26, 2024 Changed:updated March 31, 2024 12:00 pm EST
Weekly Changes 3/25/24-3/31/24
March 31, 2024
- 15 new infosec blogs this week
- Published xz/liblzma Compromise Link Roundup
- Added xzorcist to named vulns list
- Published March Captain’s Log entry
March 30, 2024
- Added Ass Bleed CVE-2024-3094 to named vulns list
- Added @[email protected] to botsin.space post
- Added threatcl to threat modeling post
March 29, 2024
- Added fediview to Mastodon post
- Updated some #fedicards
- Added Bukmark Club to IndieWeb post
- Added GDPR Enforcement Tracker & Risk Explorer for Software Supply Chains to infosec tools list
March 28, 2024
- Published Owning My Own Social post
- Added A Cyber Threat Intelligence Self-Study Plan to threat modeling post
- Added Fediverse.info to Mastodon post
- Added The Hacking Games to online training list
March 27, 2024
- Added Diagram.website to IndieWeb post
- Added WallEscape to named vulns list
March 26, 2024
- [email protected] toot archive is live!
- Added DevSec Hardening Framework to infosec tools list
March 25, 2024
- Added GNV Smallweb Index & An indie web primer to IndieWeb post
- Added Happy 25th birthday to the “backbone of my internet”, RSS feeds to RSS post
- Added ZenHammer to named vulns list
Noted:
Spit a verse, drop some knowledge
Alright fedi’, spit a ‘verse, drop some knowledge.
published March 22, 2024 Noted:
I don't think they ready for this Fedi
As it pertains to #threads users dipping their toes into the #fediverse…. [To the tune of “Bootylicious” by Destiny’s Child] 🎶 I don’t think they ready for this Fedi 🎶
published March 22, 2024 Noted:
Mammoth Indiesec Smart List
If you are in #infosec / #cybersecurity and looking for an easier way to follow interesting infosec accounts that are relatively high signal-to-noise without having to scour the Fediverse, consider checking out the #mammoth Mastodon client and subscribing to the new #indiesec Smart List! Smart Lists are a unique feature...
published March 21, 2024 Changed:updated March 24, 2024 12:00 pm EST
Weekly Changes 3/18/24-3/24/24
March 24, 2024
- 24 new infosec blogs this week
- Switched over to shellsharks.social references
March 22, 2024
- Added PowerOutage.us to infosec tools list
March 20, 2024
- Added Loop DoS, Unsaflok, FlowFixation & GoFetch to named vulns list
March 19, 2024
- Added TrailDiscover to infosec tools list
March 18, 2024
- Added MacDirtyCow to named vulns list
- Added The Architecture of Mastodon & How to talk to your relatives about Mastodon to Mastodon post
- Updated robots.txt based on this
- Added Scribbles explore, Dead Simple Sites, NowNowNow, Uses.tech & Kirbysites to IndieWeb post
- Added VulnLab to online training list
- Added Exposing.ai & Social Minefield to infosec tools list