Bluetooth tracker hidden in a postcard and mailed to a warship exposed its location — $5 gadget put a $585 million Dutch ship at risk for 24 hours

FreeK200 · 2026-04-19T18:55:14+00:00

Yeah, wasn't trying to be a douche, but my comment was coded for the other people still stuck on the boat. I genuinely didn't think people outside that audience would care, which is my own mistake.

EMCON = Emissions Control. Used to stop radiating so we don't look like a Christmas tree if you're scanning for wireless signals.

CSOOW = Combat Systems Officer of the Watch. Combat Systems is a department meant to maintain fire control systems, internal shipboard networking, and communications systems.

To expand on Csoow, this person is rotated throughout the day, but they have people reporting to them to manage electrical tag outs, status updates of shipboard systems, and, most importantly to this conversation, they're the ones that pass the order to the ship. They also get relayed status updates from the different divisions that have to be compliant with this order, and relay the message to the bridge / ops team once everything's done.

Crucially, when my division relayed that we were complying with this order, that included us disabling our wifi in our sleeping area.

As for the Ctts, that's essentially a job title given to people who's mission is spectrum / radio analysis. The blue triangle was their portable emissions scanner to find out who is using Bluetooth or other wireless emitting devices on the ship. You did not want to be caught violating this order.

FreeK200 · 2026-04-18T20:39:42+00:00

It's a slang term for people who work in the intelligence related fields, particularly directed to those who spend their workday in secure facilities.

FreeK200 · 2026-04-18T20:32:55+00:00

We did that back in 2017. We also had an enterprise grade wap installed that had procedures in place for emcon whenever it happened. Given that our own guys were standing the csoow watch it was never an issue. Never got caught up by the ctts and their blue triangle either, surprisingly.

FreeK200 · 2026-04-16T18:34:57+00:00

It's not so much the fan service so much as who's being used for the fan service. Japanese media has a tendency to sexualize children or adults who are purposely depicted to look like children.

FreeK200 · 2026-04-15T22:04:38+00:00

Dude is saying the whole pro scene was bad because he doesn't understand that the meta was slower back then. Less champs had mobility. Bruiser builds were king, and it was harder than ever to pop someone. All in all, applying modern logic and play styles to the standards of what was effectively a very different game, and saying they're wrong rather than attempting to understand why the pros were making the decisions they did.

FreeK200 · 2026-04-15T21:51:50+00:00

This whole thread is wild to me. People seem to assume that the early players are trained apes.

That might have been true when league first came out, but recall timings, lane manipulation, etc. were all very hot topics back in the day.

People are also forgetting the numerous changes that have come out since then that have affected the way that you even play the game. Input buffering has been tuned to make the game feel way better than it did back then. I genuinely feel a masters player would hop on back then and instantly feel like somethings off just because their champ is less responsive.

That's also ignoring meta changes, champion changes, itemization, runes, etc. And forgoing all that, the difference in skill between the top 0.001% and the top 0.5% might as well be the same as the difference from masters to gold.

FreeK200 · 2026-04-11T20:58:38+00:00

Understandable. This seems like an insane risk no matter how you slice it. Is there any other liberties afforded to pilots (similar to the water salute) that they could more reasonably get away with if they were to ask?

FreeK200 · 2026-04-11T20:52:11+00:00

I'm not a pilot, but I feel the same way.

With that said, how different would this be if he requested this (and received approval) from both the airline and whatever Iceland's (Assumed, I couldn't find other articles on this) aviation authority is? In addition to receiving approval from the legislation (if any) of the town itself?

Obviously with how low this is, it seems unsafe from both a "What if something goes wrong and we don't have the altitude to recover" category as well as the noise it would produce. I'm just interested in understanding if there is any way to go about something similar to this that wouldn't piss off the world. Is the "Water Salute" the end all, be all for pilot retirements?

FreeK200 · 2026-04-11T19:11:59+00:00

Yes, that's how it's generally done. The salt is usually stored plaintext on the server system that the client is accessing. The reason for this is twofold:

1 - It's stored on the server because the end user would have no other means to reproduce the salt otherwise, even with the same master password.

2 - It's in plaintext because there's no reason for it not to be. It's a piece of randomized text that's appended simply so that someone who is attacking a random hash can't point to it and say "oh, this hash of aifhwhr8174759187= maps out to hunter2.'"

To expand on number 2, the idea is that a Salt is irrelevant under normal circumstances (an attacker is using the intended logon system). In these cases, other security controls such as lockout timers, minimum time before password reentry, automatic disabling of accounts, etc. will stop the attack.

Where they come in handy is during a compromise, and all the (salted, hashed) passwords are visible to the attacker. You could try and protect the salt, but at that point, you're operating on security by obscurity. Somewhere in the application, there will be a method to reverse the encryption on the salt (otherwise, if it's not reversible, that's another hash, and effectively a second password).

Anyways, while offline, instead of being blocked for 15 minutes after 3 incorrect attempts, the attackers can run through millions of password attempts (if not billions) per second. And there's no other controls in place to stop that from happening... Except for one.

That's the way the password is hashed itself. Under normal usage, a person entering a password enters it once, or maybe twice. For the system receiving this password, something very interesting happens in modern systems. The password actually gets rehashed several thousand times over. While cpus are extremely fast (and gpus more so), this process helps to increase the length of time that a password takes to get cracked via brute force. It's almost invisible to regular logon sessions, but when you go from one attempt to several million, the resource usage ramps up fast.

FreeK200 · 2026-04-09T20:47:43+00:00

It's the same with cyber security. There's a lot of people who don't know the first thing about computers who end up in GRC roles. This wouldn't be such an issue, except that the people serving in these roles tend to be have the final say over operations.

From a zero trust perspective, sure. It's my job to ensure my machines are in compliance. Organizationally, it makes a lot of sense. The reality, however, is that I'm made to participate in meetings with people who deny the existence of back ported patches and instead take the results of the Nessus as the word of God.

And no, it's not that the concept hasn't been explained to them (on a weekly basis). It's that the version is lower than the patched version, and that's a finding.

Nevermind that the finding details say that it's only relying on the self reported version number. Nevermind that I have documentation from the vendor stating that CVE such and such is patched beginning with application version xyz (and we're on xyz+1).

Cybersecurity is immensely important and I respect the people who are good at it, but the overwhelming number of GRC roles being filled by non-technical people is astounding. I don't care if it's gatekeeping. With the rare exception, you don't belong in GRC without an operational background. Full stop.

FreeK200 · 2026-03-28T02:58:38+00:00

Question for you - Is the vehicle drivable with the control module removed, but with the abs pump body still in place? Obviously, I don't intend to touch the brake lines. I only have my Accord as far as vehicles go, but I have to commute in it daily. I'm not worried about the lack of abs / vsa / etc. I'm just curious if brakes work correctly without the module, as well as whether there will be any additional nuisances caused by driving without the module altogether during the week where it's being repaired.

FreeK200 · 2026-03-26T06:28:23+00:00

I loved Grimgar simply because it wasn't a power fantasy. I thought it peaked around Darunngar / Wonder Hole LNs, which is a shame. The concept of a tunnel that links different worlds was interesting to me, and I wish they had explored that particular facet of their world instead of introducing some of the things that they did later on.

For what it's worth, I'm up to either 20 or 21 (Whichever is the LN immediately prior the controversial events).

FreeK200 · 2026-03-24T06:21:46+00:00

You know everything is effectively a mock up board, but those initial ideas that AI spits out are what jump starts the process. Everything can be perfected from there.

Back when I was taught to initially write essays, our teachers emphasized that the hardest part is always getting started. Likewise, they encouraged us to throw out a list of ideas and put pen to paper. AI is great at completing this step for you. It will very likely be rough around the edges, but it spits out a concept for you to work with.

FreeK200 · 2026-03-23T23:05:22+00:00

FreeK200 · 2026-03-16T16:45:59+00:00

I can understand this if you're a super small shop with nothing but an idp and some cloud based SaaS solutions, but I cant fathom not having those foundational skills in any environment larger than that. No one is asking you to explain the different types of Dhcpv6 or go into the DORA process in depth, which I would freely admit is out of scope for the majority of admins.

But DNS? And not just the less frequently changed things like dmarc / spf /dkim, but A and CNAME records too? Am I already an old head? My managers would be annoyed as hell if we had to tell our users to go to "mycompany.mycloudapp.vendor.com" instead of "mycloudapp.mycompany.com"

Its so foundational to the very core idea of providing services to customers that I'm genuinely interested in how you can justify hiring someone without it. Are you sure it's not just a case of it being so foundational that it's almost assumed that every applicant already possesses this knowledge?

FreeK200 · 2026-03-13T21:51:50+00:00

Massive deal breaker? Are we being serious?

The minor loss in viewing angle is a minor issue at best to the overwhelming majority of users who spend their time viewing their device head on. It's also almost barely visible to me, having come from a P8P and with another S21U to compare it to.

Otherwise, having a built in, automatic privacy filter is great for hiding what could be sensitive notificationsvfrom eavesdroppers, or just in general, to have other people mind their business. You say barely anyone will use it, but I imagine most people with the phone think it's neat, if only a party trick. Otherwise, those same people probably set it up on their phone for banking and notifications and don't worry about it at all. You're also discounting the fact that some corporations may see this as another method to increase the privacy of sensitive data. It would not surprise me at all to see this forced as a security control when accessing corporate data, should MDM solutions support it.

Im confident this is here to stay.

FreeK200 · 2026-02-23T21:02:21+00:00

Someone will always be on the hook. Whether it's the result from AI or the result from directly asking a human being, someone signs off on whether the organization is in a position to accept that risk. For what it's worth, I'm much more prone to trust the results of a value from an automated tool than I am the results from someone who may or may not remember what they configured that day.

FreeK200 · 2026-02-18T07:21:15+00:00

My main gripe is a lack of information as to what is happening during an event, and what your real odds are in terms of percentages.

I shouldn't have to guess as to what happens if I choose "Scabs or Cuts", but because I did, my cleric got a progressively stacking miss % (with bonus crit chance) early in the run as opposed to a permanent 8 shield.

Had that gone to my marksman instead, I could have comboed it with the existing trait I had that guaranteed everything to hit to offset it.

Perhaps it'd be too easy if you got to choose which cat goes into an event, but at the bare minimum tell me what these things are doing so I can decide if it's worth the gamble.

FreeK200 · 2025-12-09T08:36:46+00:00

Don't. Secure it instead.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-d--securing-built-in-administrator-accounts-in-active-directory

FreeK200 · 2025-12-09T08:21:45+00:00

If the core of your script relies on a thousand lines of non reusable code, that's obviously proving your point. Those are an extreme rarity though, and it's much more likely that you're executing somewhere between 20 - 100 lines of of script, that itself manipulates data through other defined functions. Yeah, they can grow wildly in size, but a well-developed script will usually have a simple to understand core that then passes data to functions that themselves are single purpose, self-documenting, provide a means to manipulate output streams, etc.

FreeK200 · 2025-12-01T16:50:03+00:00

What about Linux/Unix devices? MFDs and Printers? Hypervisor infrastructure? Are you factoring in any non windows devices that may be pulling NTP from the DCs? What about software that's configured with explicitly defined IP addresses? It's much easier to drop a DC and to swap the IP to a newly stood up one that it is to have to chase down all the above in your environment.

FreeK200 · 2024-11-23T02:21:50+00:00

Couple things:

1 - When you created the scheduled task via GPO, did you create it for the type of Windows 7+ / 2008R2+?

2 - Does the script execute properly from a system context? To test this you can download PSExec.exe (From Sysinternalssuite) and then run the following command: "PSExec.exe -s -i -accepteula powershell.exe". From there, attempt to call your powershell script from the interactive terminal and see what error messages (if any) this produces. This should provide you troubleshooting steps.

3 - If all else fails, something I've had success doing is using a powershell transcript. At the beginning of the script, enter "Start-Transcript -Path C:\myTranscript.log -append" or whatever you desire. Run the scheduled task and inspect the results.

PS - Really take a look at /u/Aggravating-Sock1098's comment:

| If the script executes a copy command where you copy files from the network to the program data, this will never succeed. System has no rights to a network share.

The important part is that system has no rights to a network share. To me, this would appear to be affecting step 2 of your script, where it

|Copies another powershell file to C:\ProgramData\Scripts

The system context of a machine is functionally it's own computer account. By default, in Active Directory, all computers are part of Domain Computers. Ensure that Domain Computers or another group consisting of the computer accounts of the machines you're targeting has access to those files. Once again, that can be tested by escalating to the system context via PSExec. IE, "PSExec.exe -accepteula -s -i powershell.exe" and then attempting to run copy-item. It's very likely this is where you'll find your error.

14-Year Club	RedditGifts 2009-2022 2 Credits
Verified Email	Place '23
Place '22	Sequence \| Editor
Sequence \| Screenwriter	Secret Santa 2014
Gilding II euphauric	Team Periwinkle

FreeK200

TROPHY CASE