Hacker News: notakio

New comment by notakio in "uBlock Origin Lite now available for Safari"

notakio — Mon, 11 Aug 2025 11:53:24 +0000

I simply meant that if you monitor a given application using on-system network tools, you quickly get an accurate idea of what/who that application talks to. And browsers are super-chatty to all sorts of destinations that are not immediately apparent to an end user who is just clicking around the web.

New comment by notakio in "uBlock Origin Lite now available for Safari"

notakio — Wed, 06 Aug 2025 12:55:51 +0000

Besides lsof and netstat?

New comment by notakio in "Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say"

notakio — Wed, 23 Jul 2025 20:50:09 +0000

We're still good now.

New comment by notakio in "Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say"

notakio — Wed, 23 Jul 2025 14:28:43 +0000

Whoops. I used hyperbole, and it went undetected. Here: s/the deciding factor/a deciding factor/g. We're good now.

New comment by notakio in "Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say"

notakio — Tue, 22 Jul 2025 13:17:40 +0000

One should be wary of anyone selling you a solution to your problems they know nothing about. Naturally, the only way to be entirely secure is to shutdown all the applications and decommission all the computers, a solution which the business side tends to finds unreasonable. Thus the tender balance between business needs and business risk emerges as the deciding principle.

But the numbers are the numbers in heterogenous environments, regarding security problems by platform. And if it rains perpetual Windows-based incidents on your security staff, and you don't consider the numbers when evaluating what you will and will not do, compute/services-wise, then you are statistically likely to see the same rate of incidents, at whatever cost that comes to the business, indefinitely.

New comment by notakio in "Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say"

notakio — Tue, 22 Jul 2025 11:35:40 +0000

If every car in your neighborhood that gets broken into is manufactured by a single manufacturer, it is in your interest in asking why that is, and perhaps considering that fact when shopping for a new car.

New comment by notakio in "Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say"

notakio — Tue, 22 Jul 2025 11:33:20 +0000

Very curious. Just based on the incidents we see, and analyze over time, almost all of them are compromised Windows systems. When I say "almost", I'll provide these stats: ~4500 Windows incidents over 5 years, vs. two Linux incidents.

Similarly, looking at vulnerability counts by vendor doesn't paint a rosy picture of our largest vendor Microsoft, either. But it pales in comparison to the incident statistics, which speak for themselves.

To Microsoft's credit, they've managed to turn their weaknesses into a secondary industry, wherein they now no longer sell just the disease, they also sell the cure. "Oh, your Windows systems have security problems? Have we told you about our expansive security solutions? They're only an additional $your_budget_doubled per year!"

New comment by notakio in "LetsEncrypt – Expiration Notification Service Has Ended"

notakio — Tue, 01 Jul 2025 11:45:55 +0000

No, LetsEncrypt was not an EFF project to begin with. Look, it works how it's documented to work. If you wish it worked some other way, to solve your particular suggested workflow, you're likely free to fork it and make it work that way.

Good luck.

New comment by notakio in "LetsEncrypt – Expiration Notification Service Has Ended"

notakio — Mon, 30 Jun 2025 13:47:32 +0000

No, it's not the LetsEncrypt people who make certbot. Certbot is an EFF project, managed by separate people. Additionally, most of the DNS implementations will require the use of a specific plug-in/library for your selected DNS platform, and those, also, are developed separately.

New comment by notakio in "LetsEncrypt – Expiration Notification Service Has Ended"

notakio — Mon, 30 Jun 2025 11:28:10 +0000

Regarding "the DNS record they had you add to begin with is still there", it generally isn't. Part of the automation process for certbot using the DNS-01 challenge is the removal of the DNS record, following successful validation of said record. In any complex DNS environment, leaving TXT records around just increases the debris.

New comment by notakio in "Microsoft donates the Mono Project to the Wine team"

notakio — Wed, 28 Aug 2024 12:21:25 +0000

This is compounded by their propensity to rename everything at periodic intervals.

New comment by notakio in "Tell HN: Microsoft.com added 192.168.1.1 to their DNS record"

notakio — Wed, 20 Dec 2023 14:15:26 +0000

For the Microsoft.com domain, proper, there seem to be no existing CAA rules, allowing each and every CA on earth to issue certificates based on whatever criteria the CA requires. What could possibly go wrong with that approach?

New comment by notakio in "Write more "useless" software"

notakio — Mon, 23 Oct 2023 13:13:13 +0000

I have not. I'm afraid I am a gaming luddite, though for no particular reason other than having a lengthy list of mental "to-dos" in front of it.

New comment by notakio in "Write more "useless" software"

notakio — Thu, 19 Oct 2023 12:34:59 +0000

The article contains solid advice that certainly transcends coding, alone; in my free time, I try to essentially "find work". Sometimes that work consists of writing software to solve weird little home "problems" that may or may not be actual problems. Sometimes that means building something as a joke, just for fun. Sometimes that work consists of over-engineering a water heater box-turned-space shuttle for my daughter. Or recording my dog's wheezing and turning it into "classic industrial" music. It all feeds the same internal need, though; to learn, to build, and to produce something, rather than to passively consume other people's products. It keeps my brain alive, and I find improved performance/innovation in other work-related projects, as a result of just staying active, mentally.

New comment by notakio in "BMW's Ultimate Driving Machine, for Driving Through Gunfire and Grenades"

notakio — Tue, 19 Sep 2023 14:56:12 +0000

And if you're the kind of person that travels in one of these, you likely also have a few additional vehicles in front of and behind your vehicle filled with highly-paid professionals ready and willing to carry you the last mile if your vehicle stops reason for any reason, to include mechanical failure.

The whole armored vehicle market is a relatively small one; it's interesting to learn that BMW is direct participant; I previously had no idea. I foresee a lot of wasted time scouring eBay looking for a project my family will resent me for later in my immediate future!

New comment by notakio in "Helicopter Footage Reveals State Trooper Surveillance Capabilities"

notakio — Fri, 25 Aug 2023 12:38:46 +0000

I was surprised to not see IR beacons on LEO units. In military operations with air surveillance, individuals/vehicles often use IR flashing and IR reflection to mark themselves to air assets. If MPD has the money for 1) an air surveillance unit (this cost is not trivial; SFPD, for example, hasn't had their own aviation section in decades due to the cost), and 2) decent thermal optics on said surveillance unit, then it surprises me they don't spring for sub-$100 IR beacons to distinguish their own personnel from everyone else, and enable rudimentary "blue force tracking", as it were.

New comment by notakio in "Stolen from Apple (2004)"

notakio — Tue, 22 Aug 2023 12:39:37 +0000

Agreed. I invariably lose hours to Folklore every time I end up there. I previously worked for an original Mac team engineer, and he had some fascinating stories, but Hertzfeld's writing allows me to revisit those and so many more tales from that period of Apple/Silicon Valley history, and all without annoying my former boss for more stories.

New comment by notakio in "The Cables That Run the Internet"

notakio — Tue, 01 Aug 2023 15:16:06 +0000

I vote for users. I'll stay down here with compute, I know how this ends.

New comment by notakio in "How does iCloud work? Plus a new version of Cirrus"

notakio — Mon, 24 Jul 2023 11:38:06 +0000

`brctl status` will return sync status data without requiring Finder. It isn't pretty, but it's usable via stdout and whatever tooling you'd want to use.

New comment by notakio in "S.F. says incidents by Cruise, Waymo driverless taxis are ‘skyrocketing.’"

notakio — Mon, 17 Jul 2023 11:31:41 +0000

SFPD won't do anything about property crimes, to include vandalism, other than to take a preliminary report, on a schedule determined by the department (eg: you call them, they show up 8-12 hours later, uninterested in taking your report). This is because, currently, their DA's office isn't going to prosecute any property crimes.

That can all change, but speculating about the nature or timing of any changes like that is well outside my area, so I'll sit and watch from a distance.

And, again, I'm not vested in any outcome here. It'll work out however it works out, and I'm 2000+ miles away from it, so it won't have much effect on my life.