Punkie

When I was in theater camp as a pre-teen, one of our actors was a very enthusiastic foot guy. I had heard of foot fetishes, but never understood them. But this guy was like an overexcited fan boy of feet. My curiosity triggered this guy into a huge brain dump, and one of the things he went on about about how feet were the “true expression of a person’s feelings.” Feet turned towards you? They like you. One foot pointed away? They don’t. He then showed me how girls’ feet would match their mood, so no matter what parts they were rehearsing, he could tell their underlying mood: anxiety, sadness, anger, happiness, etc… I have no idea if he was right, but that was my first exposure to another person’s fetish. I could only understand it abstractly, but I found it fascinating.

Thank you for this!

Source?

Also “without privacy” is also in question, because you could use cloth partitions hanging from a rod; something known to be used in stadiums to separate class.

Also does anyone still port knock these days?

If they did, would we know?

Basic setup for me is scripted on a new system. In regards to ssh, I make sure:

• Root account is disabled, sudo only
• ssh only by keys
• sshd blocks all users but a few, via AllowUsers
• All ‘default usernames’ are removed, like ec2-user or ubuntu for AWS ec2 systems
• The default ssh port moved if ssh has to be exposed to the Internet. No, this doesn’t make it “more secure” but damn, it reduces the script denials in my system logs, fight me.
• Services are only allowed connections by an allow list of IPs or subnets. Internal, when possible.

My systems are not “unhackable” but not low-hanging fruit, either. I assume everything I have out there can be hacked by someone SUPER determined, and have a vector of protection to mitigate backwash in case they gain full access.

See, I think one of three scenarios might have happened:

• Luigi didn’t do it. He was framed and set up because out of the hundreds of prank tips, this guy looked “close enough.”
• Luigi did it, but the evidence was made up to make the case solid and the police look competent. Luigi wasn’t stupid, but he’s boned anyway.
• Luigi did it, and he really was that stupid.

As a writer, one of the aggravating tropes we have to follow is, “make the story believable,” when reality sometimes doesn’t align with “a good story.” Some criminals are really that stupid, and some armchair theory, based on decades of movies, books, and TV shows, you expect “hey, this is what they SHOULD have done is.” And they didn’t. It’s like when a chessmaster has to watch complete amateurs play chess. “Obvious strategies” are ignored, and basically both players are just not thinking past their last move.

I also wonder what the trade value of gold might have been in that universe? For all we know, it might be an either/or situation. Like “Well, I could have my favorite takeout every Friday for a year, OR the newest smartphone.” Both are tempting but for different reasons. Like, “I could buy a lot of turnips, potatoes, and beer with one golden smurf and not have to worry every month if I have enough food, but then they taste REALLY good on their own.” Gargamel struck me as someone who didn’t have a lot of money, so having been poor myself, I understand this weird conundrum. Also, having a golden smurf to trade might bring unwanted attention from locals would who assume he has LOTS of them, and rob his home looking for them.

Give them time to write it up! They police are having problems with the shared Google Doc permissions.

I would argue that as god’s creation, sentences like that made by mortals are the true test of faith: what you know to be true versus what some angry person tells you. I’d like to think if this mythos is real, that those that stayed openly gay, for example, and didn’t hurt anyone were given the gold star upon arrival to heaven like, “You passed! You passed the test of faith! I knew you could do it, I believed in you!” And those that hid their gayness or condemned others, “Aw… sorry buddy. better luck next time, okay?”

Also, I keep seeing people quoting stuff outside of the bible like biblical truth, like The Rapture, and stuff from Dante’s Inferno which is, at best, Bible fan-fic.

I know this is a joke meme and all, but I get a pang about the “I keep having to feed it Benadryl” part because, while funny, some people are like that with kids and pets and that makes me sad.

I have been using Kubuntu as a daily driver for almost 10 year now, and never regretted it. I had one Windows box for things like special cases (like dumb website forms that won’t let me use Linux), Pearson Vue exams, and edge cases related to work, but it’s on standby as a secondary system I RDP into. I am not a gamer, so I didn’t need it for that. I saved so much money not having to buy hardware in the last decade or so.

Sadly, Windows 11 won’t work on anything I have (TPM issues, too old), so I recently got a cheap Windows 11 laptop before the tariffs hit and I pay more for dumb Windows-only reasons.

Linux all the way, man. Gave me a career, a life, and my hardware back.

One of my best friends lost her place of living when her boyfriend of 4 years said the relationship had actually ended in his head 2 years previously, but he needed the rent. But then he found a new girlfriend to grift from, “opened the relationship,” and they edged my friend out. I am still mad they did that to her; she was so heartbroken and damaged from that.

Layoffs are not bad press. Not to the shareholders, the only ones who matter to these types. I used to think “oh, layoffs mean the company isn’t doing so good,” but shareholders see “they reduced cost but lost no customers, thus increasing value of the company should it be sold.”

One revolution I have realized in baking is the recent trend to start talking about weight and not volume in recipes for certain dry ingredients like flour. Three cups of fluffy sifted flour is a lot less flour than three cups of densely packed flour. Same with brown sugar, or wondering if you need a “flat teaspoon” vs. a “heaping teaspoon” of something.

When eventually washed off, the aerogel is handily broken down by soil microbes.

I am not going to claim to be an expert on any of this BUT that wording sounds suspiciously like bullshit. Maybe it’s not, but it’s one of those phrases that sounds like when vitamin companies claim that more B12 has shown to fix whatever ails you. Or “our plastic is environmentally friendly: 100% recyclable, and breaks down into teeny micro-particles over time, and gets absorbed by the sea life like ordinary sand…”

That explains why it’s so hot outside.

I have had two tech jobs like that, even before COVID, starting in 2016. The first time, it was a company that outgrew their workspace. They put us in ‘rent-an-office’ spaces for a bit, and then my boss started working from home a few days a week. Then he allowed me to. We moved to a new office, but it was always empty in my section. That was fine, too, but the commute was terrible, so I started doing 2 days a week, then once a week, then a few times a month. I rarely saw my other coworkers in person, and nobody said anything aloud.

The next job started because of COVID, and when they started doing RTO, they also wanted to do “hot desking” (no assigned seating) and open office plans, and I was not having that. I was not going to work in a “cafeteria” like setting. So I got contracted work and have worked from home 100% for several years now. Nobody has office space, and we work all over the world to collaborate. I get paid very well.

I hope i never had to go back to an office. I reach retirement age in about 15 years, and I am hoping to make it.

Someone did a study at MIT about tin foil hats, and found that not only do they not screen radio interference, in some cases, can actually magnify them.

Conclusion: The helmets amplify frequency bands that coincide with those allocated to the US government between 1.2 Ghz and 1.4 Ghz. According to the FCC, These bands are supposedly reserved for ‘‘radio location’’ (ie, GPS), and other communications with satellites (see, for example, [3]). The 2.6 Ghz band coincides with mobile phone technology. Though not affiliated by government, these bands are at the hands of multinational corporations. It requires no stretch of the imagination to conclude that the current helmet craze is likely to have been propagated by the Government, possibly with the involvement of the FCC. We hope this report will encourage the paranoid community to develop improved helmet designs to avoid falling prey to these shortcomings.

Probably HR (or the NCS equivalent) never told the right people. I am not saying this is actually what happened, but a lot of IT bemoan the fact they are never told some rando employee was fired because HR neglects to inform them. Sometimes it takes months to discover, and even with a 90 day password/login lockout, some halfway decent admin could get around this by secretly building a back door, and using the messed up communication and politics between departments to hide this. Even in the 1990s, I saw people put in “time bombs” in their code that “if such and such is not updated in 6 months, run destructo-script A.”

But imagine someone like Kandula Nagaraju here. Worked in QA, probably did a great jobs with some skills, but had the personality of swallowing broken glass. He was terminated in October 2022 due to “poor work performance,” which could mean anything. “Not a team player.” Or maybe he really was an idiot: I mean, a smart person would have a conniption, but get employed elsewhere and then slam his former company at parties. “Those NCS folks didn’t know what they had with me!” But this guy was probably someone with some anger management issues, probably a jerk, and possibly stupid. He might have had revenge fantasies, and set up a small virtual server posing as a backup code mirror. But outside the audits, it allowed ssh from the outside, and hid it through a knockd daemon. Or maybe only launched ssh at certain hours before shutting it down again. Silently working away in a sea of virtual servers with little to no updated documentation. He gets in, has internal access, and runs a script with admin credentials because they don’t rotate their AWS keys/secrets quickly enough. Or didn’t even know he was let go.

After Kandula’s contract was terminated and he arrived back in India, he used his laptop to gain unauthorised access to the system using the administrator login credentials. He did so on six occasions between Jan 6 and Jan 17, 2023.

That’s embarrassing to the company. Not only did he get in, but SIX TIMES after he was let go. he probably knew what order to run the delete commands (like, say, an aws “terminate-instances” cli command from a primary node), and did so one by one, probably during hours with the least amount of supervision, where the first few alerts would take hours to get someone in the monitoring chain to wake an admin. Given his last day was in November, and he got back in January, the admins probably thought their 90 access credential rotation was “good enough,” but he got in on his 80th day or whatever.

I know this because I have had to do triage when a former contractor did this to a company I worked for. But instead of wiping out instances, he opened a new set of cloud accounts from the master account, put them in an unmonitored region (in this case, Asia), and spun up thousands of instances to run bitcoin mining. Only because AWS notified us of “unusual traffic” were we made aware at all, and this guy knew his shit and covered his tracks very well. He did it at a speed that could have only been automated. Thankfully, AWS did not charge us the seven figure amount that this activity amassed in just three days.