potatopotato @ potatopotato @sh.itjust.works

Posts

0

Comments

158

Joined

2 yr. ago

As you've probably seen you can buy semi dumb security cameras from Armcrest/Loryta/Empiretech/whatever that'll run off of a barrel jack and/or Ethernet cable. Most of them have the option to insert an SD card and they'll event log to that, at which point just don't plug in the Ethernet cable except to manually pull recordings.

One other thing to think about is maybe consider "Frigate NVR" running on a pi or something and connected to cameras on it's own wifi or Ethernet network that's isolated from the Internet and your LAN. It'll make local access easier because as with just about anything security related you'll want to periodically check to make sure it's actually working. You should be able to setup the pi to serve as the WiFi access point for all this.

If you want to play true Scotsman, the embedded devs like to make fun of the web devs for being scared of bitfields and refusing to do logic with anything other than string matching and manipulation.

. . .

Secretly it's partially because we're absolutely terrified of strings in any form and simply refuse to use them.

There are a lot of sub disciplines to the field, some benefit a lot from GPT or blindly copying from SA, some don't, but that's ok either way. Keep your skill sets broad and you'll survive.

Not stealthy though, no railgun, it's just an A-10 with a Japanese body kit installed 0/10

We need an A-11 already. Make it stealthy and give it a giant railgun or something. Give the world what it wants: even bigger flying gun.

I used to do some work with Qualcomm and ARM IP. They both need to die. ARM is holding back all manner of technologies with their absolutely insane and byzantine licensing scheme and Qualcomm is one of the most evil tech companies in existence, you just don't hear about them because their particular evil is constrained to B2B interactions.

They better not have changed the fucking pinout again...

Also, Xilinx, get your shit together and release a PCIE 4 capable device in this price bracket already

Would nose or ai generated slop with ai generated titles do more damage to the model?

I smell parallel construction. You expect me to believe a McDonald's employee called in the shooter just off the shitty photos? The chances of that are astronomically low.

He doesn't give me gun nut vibes either...

• he actually did gray man correctly
• he probably didn't test fire his gun setup
• his gun setup was extremely minimalist
• he seems to have used a Temu fuel filter sort of suppressor instead of assembling one with a booster (no it wasn't a fucking welrod lmao)

The gun part feels a bit like an afterthought that he spent a couple nights googling on and then threw together. The fact that he's eluded capture for so long on the other hand suggests that's where he put all his effort. I'd bet he's probably an intelligence/cyber security/IT/SWE professional with an axe to grind and less to lose than he should.

To add to this, a lot of what keeps us safe is the friction of bureaucracy. Authoritarians cannot micromanage every decision you make or round up every person they want because those actions take time and resources that aren't infinite. But you can reduce the time and resources required if you make identification more convenient and therefore enforcement more targeted. Maybe now they can justify making you present ID every time you pay cash at Starbucks, buy a backpack, get on a bus, use a bike share, watch hot snuff porn, you name it.

I wonder if the algorithm picked up on people talking about UHC frequently talking about Peak Design and decided to play those ads...

Based on all the Arma footage already in the news I thought this was always the plan...

They're the data carrying lines, if you cut them it'll still charge, but no USB data can use the port.

Nothing is perfect. Your goal is to make attacks expensive as shit. Like ideally requiring dozens of hours of electron microscope time to pull off.

You can do a lot to that end though.

Use a mostly read only OS if you can, if you're enterprising, a custom yocto build with most of the rootfs read only, otherwise a statically defined system like nix that can be readily deleted and rebuilt in minutes. There are configs out there for deleting root on every bootup and having the system automatically repopulate the filesystem. Enable secure boot if you can, it's frankly your best line of defense. Any of these options are sufficiently weird that designing exploits for them would be a suffer fest.

Forget nail polish, fill screw holes with RTV and if you're enterprising, the USB ports. At that point you can still get into the system but it'll be obvious that someone scraped the shit out. You can simply swap the ports for fresh ones with a solder job if needed. If you don't need this, use epoxy, get some all over the case seam. For the charging port, if it's USB C PD, I'd need to reread the spec but you should be able to cut D-/D+ and the SS lines with an exacto blade right next to the connector and still be able to charge, just don't hit the VCC, GND, and CC lines.

Finally, make a kwikset key trap and use it as either a lockbox lock for your stuff or the lock to your house. Kwikset should lull people into a false sense of insecurity but if they try to pick it they'll suddenly be in a situation where they either need to go overt or somehow replace your lock before you get back. Keep things weird, your goal is to get an adversary, even one with infinite resources, to make ridiculous mistakes.

GNU radio: hard mode enabled.

Yeah they were trying to see if it was workable. It wasn't so they built the ka52. It was appealing for a game though because it wouldn't require multi crew networking or an AI copilot, something they added around a decade later in development for other systems.

The DCS Ka-50 isn't a real aircraft, it was a development platform that was abandoned by the Russians and only a few were made, all in different configurations. The devs made it then made a paid upgrade package that slapped a bunch of random stuff like missile sensors and air to air missiles onto it. They did this while staunchly maintaining that all the western aircraft had to be perfect to the rivet, including removing weapons systems and features from aircraft that verifiably had them but not within the absurdly narrow window of the one they wanted to model.

Depending on the chipset you can usually set rtc wakeup timers, though that typically implies sleep rather than power off so you'd still have some power draw when the device should be off. Similarly, if you're trying to log GPS you'll have to wake up for enough time to get a GPS lock so even at something like a 10 minute logging interval you'd get some noticable power consumption. Much much more if you're trying to log voice or video.

Also DCS world with the Ka-50 and all the AMRAAM drama, yet another Russian dev team doing Russian dev team things