Skip to main content

Posts

I established a Church - The Church of Open Source Software and Hardware

I might have finally lost my marbles. But don't run away. Let me walk you through the process. It used to be that we experienced freedoms: We could own our own PCs, computer equipment, laptops, etc. Our ability to repair or use our own equipment was not restricted in any way. Our lives were not spied on by cameras everywhere we go trying to track our behaviors and identify us individually to decide whether or not we are allowed to do something. Everything was generally affordable. The stuff we bought lasted many, many years. The software we used was optimized to run on a potato. And we were promised, at one point, fiber optic Internet would be run to every home. Then we wake up one day and see direct government intrusion, corporate greed, blatant disregard for the right to data privacy and personal privacy, alleged fraud and price fixing but no one held to account for those alleged crimes, and much more happening everywhere. Then you wonder what happened and, more impo...
Post a Comment
Read more
Recent posts

Make middle-click work or get off the Web!

I'm tired of seeing it happen and this seems to be getting worse rather than better over time, so I'm going to rant about it now. If your website doesn't properly support middle-click (and right-click) for linking documents, then you're doing web development wrong! In fact, in the United States, it's actually illegal. For the uninitiated normal human who might stumble upon this post, HTML is how web pages are designed. HTML is defined as a limited set of "HTML tags" (or just "tags") that define the structure of how the web browser is supposed to render a HTML document. As time has marched forward and specifications for HTML have evolved/adapted to the changing needs of the web, the set of "HTML tags" has changed too. However, what hasn't ever changed is that if you want to form a link between two documents, the ONLY acceptable tag is the "a" tag, which is shorthand for "anchor." The "a" tag is ...
Post a Comment
Read more

CrowdStrike Falcon was ALWAYS a bad idea

On Friday, July 19, 2024, a single piece of software ground a good chunk of the planet to a screeching halt when someone at CrowdStrike deployed a system driver file filled with zeroes. Threat and state level actors can only dream of having backdoor, kernel level access to the OS of the hundreds of thousands, if not millions, of machines that CrowdStrike Falcon has been installed on. If you are a top level IT manager and use Microsoft Defender, SentinelOne, Huntress, or other Enterprise Endpoint Detection & Response (EDR) remote management solutions, you are probably patting yourself on the back and thinking to yourself, "Whew! We just dodged a bullet!" No. You are still someone who doesn't actually understand the fundamentals of system and network security. True system and network security isn't dependent upon a single piece of magical software that solves all of your problems. It is a combination of first hardening of the mind to trust nothing and trust ...
Post a Comment
Read more

The EU Digital Services Act (DSA) is very bad for everyone

The European Union is, once again, attempting to dictate global policy way outside their jurisdiction. I run uBlock Origin and Ghostery (you should too!), which already deals with the things GDPR was largely concerned with. The GDPR made the average web browsing experience worse, not better. The Digital Services Act (DSA) expands upon GDPR in a way that supposedly targets very large companies but, digging into it, it actually appears to affect businesses of all sizes. Let's say you run a small business and you have a website. That website has a domain (DNS) that is issued by a registrar (e.g. GoDaddy, NameCheap, etc.) and is hosted on a third party service (e.g. a VPS provider like AWS, DigitalOcean, OVH, etc. or a shared hosting provider like 1&1, GoDaddy, etc.) and then speeds up global content delivery of static assets via a CDN (e.g. CloudFlare). If you are a website developer/admin, all of this sounds perfectly normal and completely innocuous to you. Now let's ...
Post a Comment
Read more

The craziest command line I've run to date

Here is a lovely but slightly redacted image: There's a lot going on here, so let me explain. First off, the Command Prompt is no ordinary Command Prompt. See the title bar of the window? 'cmd.exe' is running as NT AUTHORITY\SYSTEM, the most powerful user account in Windows, on my desktop as a child process of a non-elevated process via the assistance of a temporary NT System Service. A procedure that had never been done before May of 2021. I recommend reading this post (and watching the really cool video I made about it) if you haven't already done so. In short, we're already in completely uncharted territory on Windows. Since the parent process is running as NT AUTHORITY\SYSTEM, it is one step away from being able to create security tokens for other users without the user's credentials (i.e. without the user's password, biometrics, etc). The above command creates an elevated token for a user in the Administrators group from scratch, routes st...
2 comments
Read more

PSA: "There is MULTIPLE" is wrong

Okay, I'm writing this post because I'm tired of hearing "There is [MULTIPLE]" spoken everywhere and figured I'd attempt to fix this particular pet peeve. "There is" or "There's" followed by a 'multiple' is incorrect English. Likewise, "There are" or the cringe-worthy "There're" followed by a 'singular' is also incorrect. Substituting "There's" when "There are" (or "There're") should be used is also incorrect. Let me provide an example: "There's no problems to report." No. You are wrong. "There ARE quite a few problems to report." Especially with your lack of decent English. Has everyone forgotten how to speak English properly? Knowing how to communicate with complete, properly formed sentences is the foundation of a stable, functional society. Congratulations! You are about to learn how to decide when to say IS vs. ARE, which...
Post a Comment
Read more

Starting Processes on Microsoft Windows in a Completely Brand New Way

I recently came up with a completely brand new way to start processes on Microsoft Windows that's never been done before. Specifically, starting a child process of a non-elevated user as a completely different user. For those who want to understand and learn new things, here's an in-depth video on how it all works: The video covers the complex topic of Microsoft Windows security objects, moves into looking at security objects with the CubicleSoft GetTokenInformation tool , trash talks Microsoft a few times, gets into a very brief demo of some major enhancements of the CubicleSoft CreateProcess command-line tool , and finally covers how the new enhancements to the CreateProcess command-line tool work under the hood. In the video though, I only briefly demo the CreateProcess tool. That may be a slight disservice to the work that was done. So in this post, I want to cover some of the really cool things that were hand-waved over. First off, did you know that an Administ...
Post a Comment
Read more