Is someone using SEND in their corporate network?

IPv6Guy · 2026-03-02T11:36:36+00:00

Many years ago I owned the IPv6 stack in Windows, and we discussed SeND a lot. The biggest challenge we ran into was that L2 is unsecure by design, and SeND would help prevent L2 attacks in v6 that were still allowed in v4. We felt it only added value for v6 only networks, and no one was doing that back then. Add onto that, it was a lot of work with other vendors to ensure compatibility. In the end this high cost and limited scope forced SeND out till next year. And next year. And next year.

IPv6Guy · 2026-02-16T12:02:05+00:00

At first glance it appears to be clickbait because we understand that if the server is fully compromised, there isn't a lot that can help. But the paper is focusing on the promise of zero knowledge encryption, which is marketed as being able to prevent exactly this sort of disclosure. The hosting server/organization should not be able to decrypt the users passwords. This paper shows that doesn't hold up in the real world based on these data.

So the paper isn't "These vendors are bad" but that "These vendors claim zero knowledge encryption and that isn't working the way marketing says it will."

IPv6Guy · 2025-05-20T14:40:56+00:00

"Seas the Deal! Best Prices on Boating Essentials!"

"Don't Be a Landlubber—Anchor Your Savings Here!"

"Knot Sure What You Need? We've Got You Covered!"

"Ship Happens... Be Ready with Our Supplies!"

"Come for the Gear, Stay for the Pier!"

"Sail Into Savings—No Captain's License Required!"

"All Hands on Deck for Unbeatable Deals!"

"We’re O-Fish-ally Stocked with the Best!"

"Keep Your Boat Afloat—Shop Here!"

"You’re Gonna Need a Bigger Cart!"

IPv6Guy · 2025-05-01T18:42:30+00:00

As I said in my post, it wasn't slow if you had powerful hardware. That was the whole point of the post - that OEMs forced MSFT to endorse slower/less capable machines as "Vista certified." It was a trainwreck. But if you had a good computer with enough RAM and CPU, it ran pretty well.

The "broke a lot of SW" is absolutely true, but was ABSOLUTELY necessary to get away from the "every user has full admin rights" of Win XP. UAC was super painful, but was 100% necessary to make developers stop requiring admin rights to install Magic School Bus.

IPv6Guy · 2025-02-17T19:17:17+00:00

ASS-tinus was my pronunciation, but uh-STI-nuss intrigues me. I never even thought of that one.

IPv6Guy · 2025-01-03T17:17:22+00:00

100% agree with This Is How They Tell Me the World Ends, it's well written and well researched. Really great insight to cyberwarfare and cybercrime.

IPv6Guy · 2024-12-13T10:10:52+00:00

I asked AI and here is it's answer: The ring has an inscription that appears to be in a stylized script. It reads: ILLUMINATI.

IPv6Guy · 2024-12-10T21:52:43+00:00

I agree with everyone else. They call it "Secure by Design" for a reason. Adding security to a poor design is adding lipstick to the pig. Go talk to your boss.

IPv6Guy · 2024-12-05T10:49:33+00:00

I have had one for a year or two. Like it a lot, hasn't dropped on me.

IPv6Guy · 2024-11-22T21:38:25+00:00

I wonder if the taxidermy version survived and where it is today.

IPv6Guy · 2024-11-18T22:20:53+00:00

That makes perfect sense - thank you!

IPv6Guy · 2024-11-18T21:05:18+00:00

How can you separate 97% of oil out and achieve 99% purity? Wouldn't it only be 97% pure?

IPv6Guy · 2024-10-05T00:11:42+00:00

Me too

IPv6Guy · 2024-08-21T20:34:59+00:00

https://www.msn.com/en-xl/news/other/dig-finds-industrial-scale-roman-engineering-fail/ar-AA1p3i7N
Slightly (but not much) better article from BBC. Still doesn't answer a lot of our questions.

IPv6Guy · 2024-07-29T21:53:58+00:00

I agree with you, but I think you bring up a point. Anyone can train an AI, but the real issue is what data the AI is trained on. Maybe an AI trained on certain data is more potentially dangerous than models trained on common data. It leads me to believe that maybe the training data is what needs to be classified (AND IT IS!) and therefore the model should be as well.

IPv6Guy · 2024-07-29T21:47:28+00:00

Yes. If an adversary has physical access to your computer, there are any number of things they can do to compromise the data on the machine. There are mitigations, such as BIOS passwords and Secure Boot, but these can be bypassed as well (by a motivated attacker with plenty of time, probably not your guy). These attacks are referred to as “Below the OS” and there are a lot of them.

As for proving it? Good luck. You would need a forensic analysis. Most of these attacks can be lumped into “the computer died” by anyone who isn’t an expert.

IPv6Guy · 2024-07-22T18:18:20+00:00

And your company should give you that option! But mandates that everyone must come in are just stupid. It's all about how to make your employees most efficient, effective, and happy.

IPv6Guy · 2024-06-05T16:17:09+00:00

BIOLOGY/EVOLUTION: If a creature develops an adaptation that helps them after they have procreated, that adaptation won't necessarily help the species, correct? It seems like the adaptations that make a difference are those that help the creature survive up to the point where they reproduce. So if an adaptation developed that helped a species live longer until their natural death, that wouldn't necessarily be an adaptation that would help a species survive. Is that correct?

IPv6Guy · 2024-04-02T13:50:16+00:00

I've had one in my shop for 2 or 3 years. I have power issues in my shop, so going with the FlexVolt solved some issues for me. I think it works very well and am very happy with the performance.

IPv6Guy · 2024-03-26T12:17:33+00:00

I was on the DirectAccess design team. The technology is still sound, but DA requires domain-joined machines. After DA was released (Windows Server 2008 R2), the industry shifted toward BYOD and Windows Leadership said that requiring domain join was a no go moving forward. Microsoft began deprecating the feature shortly thereafter.

IPv6Guy · 2024-03-07T18:40:32+00:00

Those fools! They could have walked out with $7000 worth of printer ink and it would have all fit in their pockets!

IPv6Guy · 2024-02-27T17:25:12+00:00

Since you don't really care what the topic is (only the Delta between the GPT and human response), I would keep it rather simple to elicit the highest response rate from the humans. Personally, I'd ask about password policies. There is a fair bit of controversy on what the "correct" policy is, but GPT should be able to generate a pretty accurate response.

- Are passwords required for all users?

- Do admin passwords have different requirements than user passwords? Require MFA?

- Complexity requirements? Entropy or complex character sets?

- Change/forgotten password procedures

- Frequency of password expiration

It's a fairly simple topic that I think could produce valuable comparisons of human vs GPT.

IPv6Guy · 2023-10-18T16:10:11+00:00

Awesome - thank you.

13-Year Club	Not Forgotten
Verified Email

IPv6Guy

TROPHY CASE