“Diffusion models (and the like) are VERY cool in concept, but the tech is being abused to punch down instead of up or sideways.”

Amen!
https://furry.engineer/@anomalocarididae/114959597303007293

ACARS Message From: C-GJAZ / QK8623

Message: THE CEREMONY WAS MEH.... BUT THE RECEPTION WAS AMAZING

Track Aircraft

Area: Buffalo, NY, USA

#acars #vdlm2 #CGJAZ #QK8623

ACARS Message From: C-GJAZ / QK8623

Message: YOURE WELCOME. BORED NOW ...WHAT HAPPENS WHEN TWO ANTENNAS GET MARRIED

Track Aircraft

Area: Buffalo, NY, USA

#acars #vdlm2 #CGJAZ #QK8623

The Voids have paused their zoomies for a daily maintenance cycle

#Caturday
#Cats
#CatsOfMastodon

@davep Went to a fortune-teller. Knocked on the door. She replied: "Who is there?". So I left again.

#directorytraversalmemes

Getting ready to fly soon. Don't forget to:
- Backup your stuff in case your phone / laptop is lost
- Charge everything (toothbrush, pencil, phone, etc)
- Update everything
- Empty your fridge of stuff that will go bad
#RoadToDefCon #DefCon

Me having to use Twitter

Update: I am ordering more stickers, to meet the demand.

I got some fun laptop stickers printed recently.

I opened a little shop to sell these: https://ko-fi.com/nsmsn/shop

You can order 2 for $6 USD or 4 for $10 USD.

@benpate dropping one truth bomb after another at #Fedicon

had a fun visitor this morning

If you are interested in seeing how IDS rules work, or in trying to write your own, take a look to see how an expert does it. #cybersecurity

From: @da_667
https://infosec.exchange/@da_667/114956581334907929

Wow, after 25 years of #Unix / #linux experience, I learned that you can filter output in #less.

Press ampersand (&) and enter a regex to show only lines matching the regex.

Press ampersand (&) and then exclamation mark (!) to apply an inverse filter.

@mainframed767 make sure you have one version of your latest slides as a PDF for presentation. Have it on USB, email it to yourself, and put it on the cloud where you can reach it from someone else’s computer.

Worst case scenario, you lose your laptop and USB and have to borrow a computer to do your presentation. You can’t be sure it’ll have the right OS or software or anything, but it’ll be able to display a PDF full screen.

Also, squirrel away copies of your slides in multiple locations you can reach via your phone, laptop, things you remember in your head, from the hotel computer, where ever.

A friend of mine was had his presentation ona USB stick. He got up on stage and plugged it in, opened the slide deck… and it was just the title slide. He’d copied the first draft instead of his completed deck. And he didn’t have anything else…

Make sure you have multiple copies. You shouldn’t need them, but if you do you’ll be thankful past you had the foresight to prepare.

With #DEFCON33 basically a week away and #BSidesLV/#BlackHat in 3 days I wanted to use this time to to share a blog post I wrote a while ago that is still very relevant if you're one of the lucky few selected to give a talk. For those who don't know I'm a speaking coach at BlackHat, the chair for the BsidesLV proving ground track and have been a BSidesLV mentor for more than 10 years.

------------

Everyone wants you to give the best talk you can. You’re awesome, your talk is awesome, why let small things make it less so. These are my opinion and this list is in no way exhaustive. Some of these come from some of the talks I’ve given, some come from mistakes I’ve made and/or seen other people make.

TL;DR: Rehearse your talk and Have FUN!

1) Watch other talks. This sounds dumb but you really can’t know what you want your talk to be like without watching some talks on the subject at the same venue. Take what you liked from some talks and try an incorporate it in to your talk. Obviously you won’t be Dan Kaminsky (I still miss him) up there but you should have at least a general idea of what made a great talk great and an ok talk just ‘ok’.

2) Balance your slides. You’re not talking at a Ted conference. Cat memes are fun for a bit but eventually people want to see something informative. On the same note, this isn’t an IEEE symposium so try and make your slides a little fun. This doesn’t mean use every color on the spectrum of visible light, but does mean to make it entertaining. Again, using number one above you should be able to tell how much information is good. With the slides, however, make sure they are consistent across the board. If you use a fade animation use it on ALL slides

3) You can’t force funny. If you want to have a fun, funny talk (who doesn’t) don’t try and force it on the audience with comics or memes. I get it, the XKCD comic is super relevant to the point you were trying to make and thats fine. But by the 6th one it gets tiresome and distracting. Also, your super relevant funny in joke with your ‘crew’ might not play well in front of such a diverse audience (trust me on this one) and nothing crushes your soul more than this awesome joke you had bombing at the beginning of your talk. But don’t be discouraged, if you’re passionate about the topic and have a sense of humor that will come out no matter how serious your slides are.

4) Ignore the ‘Rules’. You’ve seen them, the ‘Rules for effective presentations’. You can get away with ignoring those. You can have 1 or 10 bullets on your slides, it’s fine, so long as it feels natural. HOWEVER there’s one unbreakable rule: DO NOT READ YOUR SLIDES WORD FOR WORD. In fact, I almost prefer more information in slides than less, makes it easier for offline viewing. But you need to speak about the slides not *the* slides. Also, you don’t need an agenda, thats what the abstract is for, but ALWAYS include a (short) bio section about why we should listen to you.

5) Practice your demos. I don’t care how many times you tested the demo at home. Until you run through the entire demo start to finish, at least 5 times, you’ll forget it on stage. While you practice, take notes so you can refer to them when you’re in front of 1,000+ people freaking out. But more importantly…

6) RECORD YOUR DEMOS. I prefer LICEcap and record animated GIFs that auto play in PowerPoint so it doesn’t ruin the flow of the talk. This tool works great in Windows, Mac and Linux (under Wine). But you don’t have to use that, you can record videos, screenshots, whatever. I don’t care how you do it, but do it. I can promise you the demo will work at home, in your hotel room, in the room your speaking in, even the last test, right before your talk will work without fail. But then, right in the heat of your talk, with all eyes on you and the camera staring in to your soul, just as you're about to wow the audience, it won’t work. You’ll forget a flag and someone from the audience will yell out ‘YOU HAVE SOURCE AND DEST IP WRONG, IDIOT’ (the idiot isn’t spoken except for in your head). Or you forget to get on the wifi network again after the laptop went to sleep, or your server died, or someone in the audience is fucking with you, or you forgot to sacrifice to the demo gods. Whatever. It won’t work 100% of the time, guaranteed, unless you record it. I can promise you, if you record the demo your demo’s will work 100% of the time because that’s how it works.

Also, this is something that always bugs me, make you terminal/browser font HUGE. When you’re doing demo’s 2 feet from your monitor its easy to see. When someone is 100 feet away maybe not so much.

7) Rehearse, rehearse, rehearse, rehearse, rehearse. Rehearse your talk. I can tell you there’s nothing worse than watching a talk and the person speaking has no idea what point the slide, that they wrote 5 months ago, is trying to make. I’m sure it was a great point 5 months ago but that awkward ‘huh, I don’t actually know what this slide is talking about’ while they read the slide hurts. This isn’t the only reason. You can’t tell how your talk flows without rehearsing it. You can’t know that the slide your wrote 2 months ago actually doesn’t make any sense. You can’t tell that the demo you said you’d perform would work better in the middle instead of at the end. You’ll also know your slides well enough that you can talk about upcoming slides, or hint at things to come making your talk more interesting. And if you think ‘well, I wrote the slides the night before I know them, I don’t need to rehearse’ shut your damn mouth and think again. And when I say rehearse, I don’t mean ‘mumble your way through the slides at your desk in front of the computer.’ I mean stand the fuck up and pace the room with a clicker like you would on stage and run through your demos. You’ll feel like an idiot, but you’ll feel like an even bigger idiot when you make a fool of yourself in front of 500 people and 6,000 youtube viewers.

Here’s how I do it.

- Slides are done when they’re due (or at least a week before the conference)
- Before you leave for the conference rehearse the slides in the comfort of your home, office, conference room, whatever. Use this time to adjust your slides, demo’s etc. Stand up, pace the room, pretend you’re in front of the audience.
- When you get to the hotel, plug your laptop in to the TV and give your talk to your hotel room like you would if you were on stage. You can still make some changes at this point, its fine. But if you make any major changes you should run through it again.
- Go down and check out the room your going to talk in.
- The day of your talk (or the night before if its a first thing in the morning talk) rehearse one last time. Try not to make any more changes at this point, it is what it is.

You should also be using this time to….

8) TIME YOUR DAMN TALK. If the talk is slated for 45 minutes, try for about 50-55 minutes when you’re rehearsing it. When people get nervous they might forget the funny 2 minute anecdote or talk fast or skip something in the demo, its cool, it’s not your fault. You can always try to pad out the talk but that only happens if you’re good at improv and public speaking. For example, at Thotcon I was about 50% through my slides in the first 10 minutes of my 45 minute talk. While speaking to the content on stage, in my head I was thinking ‘shit shit shit, what story can I tell to pad this out’. I eventually told the story about RACF and John the ripper and finished on time. I can tell you, however, that when a talk is slated for 45 minutes and goes 25, that sucks for the audience. Because everyone in the room knows there’s more than 25 minutes worth of content but the speaker didn’t prepare it. On that same note, seeing someone rush through their last 20 slides in a minute because they were giving a 1.5 hour long talk in a 20 minute slot sucks just as much. You should know that your talk takes Allotted time +/- 5 minutes. And don’t rely on a super robust question period to pad out the time. If they even allow questions, people signed up for a talk not a panel.

9) Bring your own equipment. Maybe you have the most common laptop on the planet with all the modern audio and visual connections available. Oops, the conference only has display port and thats the ONE port your new laptop doesn’t have and they don’t have a display port to HDMI connector. I guess you could use a different laptop that someone gave you (but you never rehearsed with so you have no idea how it works) and I sure as hell hope you recorded those demos in an easy to use format because who knows what codecs are on this loaner laptop. Oh, maybe your friend can run and buy one of those cables last minute, hope he gets back before the talk. All of this last minute panic could be avoided if you bring your own cables. Also, bring your power supply and plug in your laptop. Something happens to laptops and I guess they get stage fright or something cause I’ve seen batteries I swore were at 100% flash the ‘low battery warning’ during a talk (thankfully I was at the end of the talk).

10) Backup your (recorded) demos and slides. You’ve spent MONTHS on research and preparing for this awesome talk. Why risk losing all your perfected slides and demos because the person on the flight to Vegas spilled their coffee on your laptop. Just put the current slides somewhere, anywhere. I use Dropbox and OneDrive but you can use whatever you like from Github to your VPS on the dark web.

11) Show Up Early. Plan to be at the talk before yours. Check in with the organizers if you’re supposed to but generally be in the room you’re speaking at an hour before your talk. This lets you feel out the room and know what you can expect from the space. It also gives the organizers one less thing to worry about.

12) Pictures! If you’re putting pictures in your presentation, just make them take up the whole screen. You don’t need a title and if you thought the picture was good enough to include why not make it large enough so those in the back can see it? If you REALLY need a title just say it out loud.

THIS IS BY FAR THE MOST IMPORTANT ONE.

11) Have Fun. Seriously, you worked so damn hard to get to this point. Once you get on stage take a deep breath and try and take it all in. The camera, the audience, it’s all for you, they’re all here for you, to see you speak and silently judge you. Hahaha you’re freaking the F out right now if you’re giving a talk this week. Good, freak out before the talk, not during the talk. But seriously, have fun up there and know they came to hear you speak on this topic because you’re awesome.

Hopefully this will help some people give the best talk they can give. Looking forward to seeing some awesome talks! Below are some optional rituals and things I do and then powerpoint tips I’ve found useful.

hacker: i am spying on you through your webcam

linux user: omg you got it working?

Hey everyone, I spent a few hours cleaning up some notes I put together for our newly appointed intern to show him how I go about turning github repos with proof of concept code/screencaps into detection for both Snort and Suricata.

In this post, I covered:

• Where to find official documentation for both Snort and Suricata

• How to properly archive proof of concept code so that the code isn't deleted on a whim and lost forever

• The exploits themselves

• What the rule looks like in Suricata, including a break-down of the rule structure, keywords used, why we use them

• An identical break-down for Snort that shows how we achieve feature parity between two vastly different IDS engines.

https://www.totes-legit-notmalware.site/home/detection-exercise-d-link-dir-513-cves-2025-8184-8169-and-8168

as always, happy hunting.

#directoryTraversalMemes

Has your perspective or personal posture changed toward LLMs and generative AI this year? Please, boost for reach.

@neurovagrant @cR0w we should do this then flee to the woods