Buckets of *cide, herb and insect, through the cycle. Those no till fields full of crops are some of the most disgusting things I have ever seen. That soil will have applications and applications of *cide soaked in it top to bottom. Like eating plants from a toxic waste dump.

Disgusting. That's the critical national need for glycosphate. Feeding us all engineered stuff from toxic waste dumps so farmers can not need workers or mowing and tilling equipment.

Mac Neo is the anti KGB device in a svelte shell. It is a long term strategic play and nothing running Windows will compete against it because Windows is the cancer.

Windows PCs will continue their decline unless Microsoft gives up its privatized KGB aspirations. Active Directory will not carry them forever once enough of the younger generation use Mac for data possession and privacy, meaning all their bits including passwords are not dark pattern snarfed by the OS.

Windows is horrific. Mac Neo is to Windows what Keanu Neo was to the Matrix. It does't even matter how much better PC hardware could be at the same price point since the Windows is basically a conduit to storing all your data and private info on Microsoft's computer instead of yours. Microsoft is even driving that dark pattern crap into the professional space and automatically grabbing passwords etc. via Edge.

They are committing long slow seppuku and do not realize it because Office 365 is letting them bilk enterprise customers, but the IT world knows that dark pattern crap portends a change in vendor eventually.

You can't even stop edge from syncing enterprise admin credentials on the latest versions. It is like getting violated by Microsoft every day where they beat you and take your password book if you are enteprise admin.

Microsoft has gone to the dark side so far they are broom handling their enterprise admin customers with dark pattern credential grabs and no way to know where the data sits.

Bring on the Neos and an alternative to AD. Windows 11 and their new direction of hovering, copying and moving all data is such a betrayal of ethical system administration from when they were young. It will take a decade, but Neo is here now. It has begun.

N =20 million using single payer data:

https://pmc.ncbi.nlm.nih.gov/articles/PMC12095670/

AI hallucinates. That is a fact. Trusting language models to fill spreadsheet cells ought to be an arrestable offense.

https://theincidentaleconomist.com/wordpress/on-piketty-and-...

All software can come on three editions. Stainless drivers that were never rusty, oxidized drivers that used Rust on existing code, and Iron editions which is where someone converted the Rust back to C using the new phosphoric tool...

Diversity can be our strength.

Making Iron C/c++ code can be called acid washing if it was rusted.

Fifty percent accuracy. That's terrible.

I realize the security relevance of that, but I do not have daily images to restore from if something happens. I got locked of a key only box one time with an error after a reboot, and never want it to happen again. It felt like being robbed.

The problem is not wardrivers. The problem is your neighbors running 24x7 cyber operations. It happens everywhere. When I moved to a house there was a persistent attacker, and finally I setup my own key and authentication infrastructure.

They broke everything.

Finally I had to go EAP TLS and rotate certificates every three months.

Evil twin attack that keeps switching sides... The first of its kind, soon to be automated into a single button if it isn't already.

Does the temporal key mechanisms prevent them from taking a key they denial of serviced their way to while I was work -- do the temporal mechanisms prevent them from sniffing all my packets when I get home. They will not use it to get data during the denial of service.... But if they can get that radius key and use it five hours later during some backups or something...

That is the question.

I have been relying on EAP TLS via wifi so my phones could upload their photos and videos to Nextcloud.It was way cheaper than doing it via AWS, which is what I used to do and used ethernet LAN connections only. If this works asynchronously across time to allow authentication to my network which uses EAP TLS, will knock me out of being able to use Nexctloud on my mobile devices since plugging an ethernet in after I take photos is too cumbersome to do very often.

I love Nextcloud, but do not want to pay Amazon for EC2 etc.

My read is this allows them to mimic both client and access point to assemble the handshake and obtain radius authentication. Rather than have to verify a certificate on the client or crack complex passwords, they pretend to the client sending the response it sends when the certificate is verified. Then they switch MAC to the SSID MAC and send the next part to the client. Previous evil twin attacks were one sided rather than basic frame assemblers.

I read that paper as describing a successful reconstruction of the Radius authentication handshakes at layer 2 after the fact for use later rather than caring about actual certificate validations. Basically handing a three letter agency quality tool to the Kali Linux fan club.

I am hoping I read it wrong,

My concern is doing it asynchronously against things when no one is watching.

Basically it takes turn being the client and the AP both so that it can get the traffic from both. It is an evil twin attack doubled.

It might have broken EAP TLS.

If your wifi is off when you are not using it and you are not getting denial of serviced while using it and you have only one Mac for your SSID, this attack is not occuring.

Essentially everyone with the SSID on multiple access point MAC addresses can get pwned.

Neighhood hackers drove me to EAP TLS a few years ago, and I only have it on one frequency, so the attack will not work.

The mitigation is having only a single MAC for the AP that you can connect to. The attack relies on bouncing between two. A guest and regular, or a 2.4 and 5, etc.

I need to research more to know if they can read all the packets if they pull it off on EAP TLS, with bounces between a 2.4 and 5 ghz.

It is a catastrophic situation unless you are using 20 year old state of the art rather that multi spectrum new hotness.

It might even get folks on a single SSID MAC if they do not notice the denial of service taking place. I need to research the radius implications more. TLS never sends credentials over the channel like the others. It needs investigation to know if they get the full decryption key from EAP TLS during. They were not using TLS because their tests covered Radius and the clients sending credentials.

It looks disastrous if the certificates of EAP TLS do not carry the day and they can devise the key.

That is my take.