Will Dormann is on Mastodon
@wdormann.bsky.social
I play with vulnerabilities and exploits.
While this site initially showed promise, I've grown tired with its lack of improvement.
You'll find me @[email protected] on Mastodon.
While this site initially showed promise, I've grown tired with its lack of improvement.
You'll find me @[email protected] on Mastodon.
There is nothing that distinguishes a CVE that is disputed because it's fake and one that is disputed because the vendor didn't want to acknowledge it.
This is a problem.
This is a problem.
October 12, 2025 at 9:13 PM
There is nothing that distinguishes a CVE that is disputed because it's fake and one that is disputed because the vendor didn't want to acknowledge it.
This is a problem.
This is a problem.
Did one really need to look any further than hearing that it used "bitcoin style encryption"?
June 5, 2025 at 7:08 PM
Did one really need to look any further than hearing that it used "bitcoin style encryption"?
Eh, I just enabled passwordless for my 20-year-old hotmail account.
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
May 1, 2025 at 3:21 PM
Eh, I just enabled passwordless for my 20-year-old hotmail account.
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
When you log in to windows using a Microsoft account (eg hotmail), you can use that account's credentials to RDP in.
No RDS AAD or web view here.
No RDS AAD or web view here.
May 1, 2025 at 1:02 PM
When you log in to windows using a Microsoft account (eg hotmail), you can use that account's credentials to RDP in.
No RDS AAD or web view here.
No RDS AAD or web view here.
I don't know what RDS AAD is.
Simple repro:
1) Log in to Windows 11 with a Microsoft account (eg hotmail)
2) Enable RDP
3) Connect to Windows via RDP using hotmail account
4) Change hotmail password
5) Connect to Windows via RDP using old hotmail password
Simple repro:
1) Log in to Windows 11 with a Microsoft account (eg hotmail)
2) Enable RDP
3) Connect to Windows via RDP using hotmail account
4) Change hotmail password
5) Connect to Windows via RDP using old hotmail password
May 1, 2025 at 12:01 PM
I don't know what RDS AAD is.
Simple repro:
1) Log in to Windows 11 with a Microsoft account (eg hotmail)
2) Enable RDP
3) Connect to Windows via RDP using hotmail account
4) Change hotmail password
5) Connect to Windows via RDP using old hotmail password
Simple repro:
1) Log in to Windows 11 with a Microsoft account (eg hotmail)
2) Enable RDP
3) Connect to Windows via RDP using hotmail account
4) Change hotmail password
5) Connect to Windows via RDP using old hotmail password
I'm using a web browser for this website.
April 28, 2025 at 7:44 PM
I'm using a web browser for this website.
Testing GIF upload from an iPhone...
April 28, 2025 at 7:07 PM
Testing GIF upload from an iPhone...
With BlueSky, animated GIFs are uploaded with the video icon.
Because GIF89a files are clearly videos and not images.
Cross-posting apps don't recognize this silly behavior. (Yet??)
Because GIF89a files are clearly videos and not images.
Cross-posting apps don't recognize this silly behavior. (Yet??)
April 28, 2025 at 4:45 PM
With BlueSky, animated GIFs are uploaded with the video icon.
Because GIF89a files are clearly videos and not images.
Cross-posting apps don't recognize this silly behavior. (Yet??)
Because GIF89a files are clearly videos and not images.
Cross-posting apps don't recognize this silly behavior. (Yet??)
If the desire is to implement your own homemade WDAC block policies, tread lightly. If you simply apply a "block this thing" policy, you might very well end up preventing Windows from booting, as a "block this thing" without a corresponding "allow this", well...
WDAC will only block and not allow.😬
WDAC will only block and not allow.😬
March 12, 2025 at 1:25 PM
If the desire is to implement your own homemade WDAC block policies, tread lightly. If you simply apply a "block this thing" policy, you might very well end up preventing Windows from booting, as a "block this thing" without a corresponding "allow this", well...
WDAC will only block and not allow.😬
WDAC will only block and not allow.😬
If you wish to inspect an on-device (binary) policy file, you'll need WDACTools: github.com/mattifestati...
With this, you can run ConvertTo-WDACCodeIntegrityPolicy to get a stripped-down human-readable XML policy.
With this, you can run ConvertTo-WDACCodeIntegrityPolicy to get a stripped-down human-readable XML policy.
GitHub - mattifestation/WDACTools: A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies - mattifestation/WDACTools
github.com
March 12, 2025 at 1:19 PM
If you wish to inspect an on-device (binary) policy file, you'll need WDACTools: github.com/mattifestati...
With this, you can run ConvertTo-WDACCodeIntegrityPolicy to get a stripped-down human-readable XML policy.
With this, you can run ConvertTo-WDACCodeIntegrityPolicy to get a stripped-down human-readable XML policy.
If you enable HVCI and then run:
ApplyWDAC -auto -enforce
you'll be good to go, as it will pull the more-complete online list. github.com/vu-ls/applyw...
If you can't enable HVCI, you'd need to wait for MS to fix WDAC to get complete coverage. But that's not going to happen if I am to believe MSRC.
ApplyWDAC -auto -enforce
you'll be good to go, as it will pull the more-complete online list. github.com/vu-ls/applyw...
If you can't enable HVCI, you'd need to wait for MS to fix WDAC to get complete coverage. But that's not going to happen if I am to believe MSRC.
GitHub - vu-ls/applywdac
Contribute to vu-ls/applywdac development by creating an account on GitHub.
github.com
March 12, 2025 at 1:17 PM
If you enable HVCI and then run:
ApplyWDAC -auto -enforce
you'll be good to go, as it will pull the more-complete online list. github.com/vu-ls/applyw...
If you can't enable HVCI, you'd need to wait for MS to fix WDAC to get complete coverage. But that's not going to happen if I am to believe MSRC.
ApplyWDAC -auto -enforce
you'll be good to go, as it will pull the more-complete online list. github.com/vu-ls/applyw...
If you can't enable HVCI, you'd need to wait for MS to fix WDAC to get complete coverage. But that's not going to happen if I am to believe MSRC.
You've made both of these statements:
- Threat actors are manipulating the ICT to bypass detection
- Run the ICT checker
Doesn't the former sort of invalidate the latter? 🤔
Or is hope that you've got one of the not-so-good attackers that result in an ICT flagging something?
- Threat actors are manipulating the ICT to bypass detection
- Run the ICT checker
Doesn't the former sort of invalidate the latter? 🤔
Or is hope that you've got one of the not-so-good attackers that result in an ICT flagging something?
January 9, 2025 at 3:17 PM
You've made both of these statements:
- Threat actors are manipulating the ICT to bypass detection
- Run the ICT checker
Doesn't the former sort of invalidate the latter? 🤔
Or is hope that you've got one of the not-so-good attackers that result in an ICT flagging something?
- Threat actors are manipulating the ICT to bypass detection
- Run the ICT checker
Doesn't the former sort of invalidate the latter? 🤔
Or is hope that you've got one of the not-so-good attackers that result in an ICT flagging something?
I suppose my gripe about the wording is that electricity itself has no sound.
*Physical objects* energized by electricity can emanate sound by vibration. 😀
*Physical objects* energized by electricity can emanate sound by vibration. 😀
December 26, 2024 at 2:33 PM
I suppose my gripe about the wording is that electricity itself has no sound.
*Physical objects* energized by electricity can emanate sound by vibration. 😀
*Physical objects* energized by electricity can emanate sound by vibration. 😀
Electric vehicles run on DC. Not AC.
December 26, 2024 at 5:48 AM
Electric vehicles run on DC. Not AC.
"they can hear electricity circulating but not enough to power anything else"
I'm curious what electricity sounds like?
I'm curious what electricity sounds like?
December 26, 2024 at 5:12 AM
"they can hear electricity circulating but not enough to power anything else"
I'm curious what electricity sounds like?
I'm curious what electricity sounds like?
Sounds about right for the person who left the Superbowl early because Biden's Tweet got more attention than his. 😂
But heck, drawing attention to your and @kateconger.com 's book is surely a good idea. Everybody should read it!
But heck, drawing attention to your and @kateconger.com 's book is surely a good idea. Everybody should read it!
December 25, 2024 at 6:27 PM
Sounds about right for the person who left the Superbowl early because Biden's Tweet got more attention than his. 😂
But heck, drawing attention to your and @kateconger.com 's book is surely a good idea. Everybody should read it!
But heck, drawing attention to your and @kateconger.com 's book is surely a good idea. Everybody should read it!
No, I don't have a Facebook or Reddit account.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
December 2, 2024 at 9:21 PM
No, I don't have a Facebook or Reddit account.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
BlueSky is the first social media app I've ever used that has a different icon to pick depending on what file type the media is.
This seems unnecessarily complicated.
This seems unnecessarily complicated.
December 2, 2024 at 9:08 PM
BlueSky is the first social media app I've ever used that has a different icon to pick depending on what file type the media is.
This seems unnecessarily complicated.
This seems unnecessarily complicated.
The fact that BlueSky decides to take the GIF I uploaded and convert it to MP4 does not change the fact that what I'm loading is a GIF file and not a movie file. 🤷♂️
December 2, 2024 at 8:53 PM
The fact that BlueSky decides to take the GIF I uploaded and convert it to MP4 does not change the fact that what I'm loading is a GIF file and not a movie file. 🤷♂️
Wait...
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
December 2, 2024 at 8:17 PM
Wait...
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
There goes my hopes for a viable post-Twitter platform where we all hang out.
😡
😡
November 18, 2024 at 3:31 AM
There goes my hopes for a viable post-Twitter platform where we all hang out.
😡
😡
Oh, BlueSky doesn't even support uploading animated GIFs.
FFS why is this platform so slow to improve?
FFS why is this platform so slow to improve?
November 18, 2024 at 3:06 AM
Oh, BlueSky doesn't even support uploading animated GIFs.
FFS why is this platform so slow to improve?
FFS why is this platform so slow to improve?
So you have to use BlueSky directly to get animated GIFs? Lame...
November 18, 2024 at 3:04 AM
So you have to use BlueSky directly to get animated GIFs? Lame...
Eventually your client will get throttled with an HTTP 429 (Too many requests), or the site will otherwise fail.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
November 16, 2024 at 8:14 PM
Eventually your client will get throttled with an HTTP 429 (Too many requests), or the site will otherwise fail.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.