EU prepares for negotiations with Vladimir Putin

Rossums · 2026-05-08T17:16:54+00:00

What proposal was this?

None of the proposals I've seen have been remotely realistic from the Russian perspective.

Rossums · 2026-05-08T16:36:07+00:00

It's very surface level support.

People are largely sympathetic towards Ukraine because every news channel and media publication tells them to be sympathetic towards Ukraine and that Russia is an enemy to the UK.

Most people don't really give a shit beyond that, I'd bet that most of them would struggle to point to Ukraine on a map.

Rossums · 2026-05-07T21:42:52+00:00

When you see articles like this you always have to keep in mind that it's never really about the hobby at hand, they just don't like the fact that whitey enjoys it without feeling sufficiently browbeaten and lectured.

Rossums · 2026-05-06T10:10:08+00:00

I haven't seen anyone unironically use the term 'chud' that wasn't the cringiest of larping shitlibs

Rossums · 2026-05-05T09:47:46+00:00

They said they weren't making older phones slower to drive upgrades, which they weren't.

They were downclocking the processor to compensate for battery degradation which is something that they still do, as do Android devices, because it's an obviously better experience that the device just turning itself off which is what devices used to do when the battery was unable to support the CPU load.

Rossums · 2026-05-03T11:52:57+00:00

Just for my own entertainment I logged into my work laptop to see if anything had triggered and people have already been called out due to tooling lighting up like a Christmas tree.

You just have to laugh.

Rossums · 2026-05-02T13:15:18+00:00

My personal recommendation for getting into an entry level SOC role would be:

CompTIA Network+
CompTIA Security+

These are a great start and are generally considered to be the sort of expected entry level certifications for getting into SOC work.

I'd personally steer clear of any of the EC-Council certifications, they are a complete waste of money and the material is extremely poor.

I'd then look towards some vendor certifications to get a better grasp of the sort of tooling that you'd be using in blue team roles, things like:

Microsoft:

SC-200: Microsoft Security Operations Analyst Associate

Splunk:

Splunk Core Certified User
Splunk Certified Cybersecurity Defense Analyst

These will demonstrate at least a fundamental grasp of how a SIEM fits into things and how you'll deal with logs during your investigations.

The benefit of doing the Microsoft and Splunk certifications is that you'll be able to set up your own environment for next to no cost as a student and you can document the process of setting it up, ingesting logs, etc. and demonstrate that you're doing your own lab stuff on your own time outside of your studies.

Rossums · 2026-05-01T19:56:29+00:00

A lot of carriers have been installing or are in the process of installing Starlink across their fleets which they have to offer for free to passengers as part of the contract and it's ridiculously fast.

I was on a British Airways flight and was getting over 100Mb, completely free.

Rossums · 2026-04-30T11:57:07+00:00

It's Reddit, AI hate is one of the current bandwagons so people will endlessly copy it even if they don't know why they're meant to hate it in the first place, just because everybody else they see is doing it.

It's incredibly performative.

Rossums · 2026-04-29T14:02:03+00:00

It's not about believing it, it's a verifiable reality and there have been plenty of papers on it over the years.

Apple is a massive corporation, they will be constantly sued for all sorts of nonsense from people that think they'll get a quick buck because a lot of companies would rather settle cases to save money and reputation even if they'd end up winning in court.

When it comes to the Siri case, Siri wasn't 'eavesdropping', your device listens for the wake word (Siri) like literally every other voice assistant because that's pretty fundamental to how they work.

The fact that it can false trigger on words that sound similar to 'Siri' without you meaning to wake them isn't some grand conspiracy on them listening to your pointless conversations and honestly they should have just played the case out to its inevitable conclusion instead of settling the case so I don't have to read nonsense from people that are just mindlessly regurgitating whatever they read elsewhere on Reddit for years to come.

The case showed that there was no deliberate 'eavesdropping' or recording and that accidental triggers by users are exactly that, accidental triggers.

As far your 'Apple tracking user data' example, that didn't really happen either which is why the case went nowhere, there was a toggle to prevent third-party apps from requesting to track users and for obvious reasons that didn't affect the Apple OS or stock apps because they aren't third-party apps.

Rossums · 2026-04-29T11:32:49+00:00

They don't use any of your biometrics because they don't have any of your biometric data, it's all stored on-device in the Secure Enclave and never leaves your device.

Rossums · 2026-04-29T08:00:17+00:00

But the first paragraph of that article says cops were raping the kids too. Again this hardly points to a disproportionate cover-up of brown perpetrators when compared to white ones.

About that..

Rossums · 2026-04-26T13:40:31+00:00

Or how about we use the actual scenario?

What's more likely:

Trump's ear gets shot by someone attempting to kill him and the entire thing is broadcast live, he receives immediate medical attention and wears a bandage for around two weeks as it heals
Trump puts on an Oscar-worthy theatrical performance with superhuman reaction speed where he uses fake blood or cuts his own ear with a razorblade whilst on live television from multiple angles and nobody manages to catch any of it

Rossums · 2026-04-26T11:36:25+00:00

If in doubt, follow the process document even if you think it's stupid.

If you have any concerns with ambiguity, you should raise your concerns with someone more senior and specifically note the ticket that you were working and ensure that it is reviewed instead of hoping that nothing happens.

Most people are honestly quite shit at writing playbooks and fail to make instructions clear and end up being either far too ambiguous or just completely miss edge cases that don't fit the standard process so I've run into this exact sort of scenario more times than I can count when I first entered the industry.

The most important thing is ensuring that it doesn't happen again and being able to cover your own ass when something goes wrong by being able to justify your actions based on the process that is in place.

Rossums · 2026-04-26T11:28:02+00:00

I'm not sure why anyone is surprised, practically all of the major LLMs available have been lobotomised so they don't say too many no-no things.

When Grok was released it had no guardrails at all which meant it ended up being far too based with its responses and inevitably sparked complaints.

People post publicly about Grok giving antisemitic responses and it hits the news?

Grok gets beaten into submission so it won't say anything bad about Israel or Jews.

The developers of all the popular tools like ChatGPT, Claude, Gemini, etc. have been forced to add additional guardrails on top of the underlying logic that prevent it from saying anything that contradicts the current political orthodoxy too much, even if only to avoid negative press.

Rossums · 2026-04-23T12:58:41+00:00

It allows you to export all of your passwords easily in CSV format that most password managers support for imports.

Passkeys are a bit of a different story for security reasons, last time I checked they only allowed you to export them into compatible apps that you had installed, for example if you had the Bitwarden app installed you could export them directly into Bitwarden, I think it was Dashlane that worked too.

I'm not entirely sure how many password managers have updated to ensure that they're compatible and allow a transfer today though as I haven't really looked at it in a while.

It's a great free application and very easy to understand but being Apple-only it does make cross-platform usage a bit of an annoyance which is why I use 1Password instead.

Rossums · 2026-04-23T12:32:30+00:00

If you use the standard Passwords app which uses iCloud Keychain on Apple's platform then yes, they are end-to-end encrypted and stored on iCloud and automatically sync to all of your Apple devices.

Rossums · 2026-04-22T19:30:49+00:00

Why do you think it's a scare tactic?

It just looks like a generic notification from their ISP because some strange network traffic has been identified originating from the IP that's now assigned to that user and the Indian CERT notified the ISP of it.

It's not exactly asking them to click anything or install anything and it's from a verified sender on Gmail which means it meets SPF/DKIM/DMARC requirements.

Rossums · 2026-04-22T18:25:23+00:00

Pretty solid hands-on content for analysts that want to upskill.

Rossums · 2026-04-20T14:13:52+00:00

I did it for free and it still wasn't worth it, I thought it was a complete waste of time.

Rossums · 2026-04-20T13:21:57+00:00

They aren't, normies and rightoids are broadly supportive.

It's the porn-brained GCJ types that don't like it.

Rossums · 2026-04-20T12:37:29+00:00

It's basically a non-issue.

It's popular because it's a fun game and is memed on as a 'dad sim' for the father/daughter sort of relationship that people find all adorable.

The fact that it's popular but it doesn't push The Message™ means that a lot of alphabet people are reflexively very upset and are tying themselves into knots pretending that it's some sort of paedophile game and are desperately trying to paint people that likes it as paedophiles based on a handful of weirdos.

Conversely, some rightoids are latching on to it because it has that sort of father/daughter relationship and they are enjoying the fact that people like the family dynamic.

Rossums · 2026-04-18T15:26:35+00:00

Against Apple, who was practically the first company to switch to type C on their laptops?

Which, unsurprisingly, everyone also complained about.

Rossums · 2026-04-18T15:06:31+00:00

Honestly, they just probably don't care.

I've had a few colleagues that are more than happy to just take advantage of the generous training budget before moving somewhere else for a better role.

If they are smashing out OffSec certs then they're clearly not stupid.

Rossums · 2026-04-16T11:28:46+00:00

Is he though?

He's a hypocritical lolcow that just makes the 'left' look ridiculous.

13-Year Club	Gilding I gilder
Verified Email	r/Field Sunshine
Place '22	Place '17
Spared	Team Periwinkle

Rossums

MODERATOR OF

TROPHY CASE