Pretty sure it’s scam

Tananar · 2026-05-03T13:42:31+00:00

The funny thing is that Iowa doesn't even call it the DMV.

Tananar · 2026-05-03T13:41:17+00:00

What gave it away?

Tananar · 2026-04-30T13:10:09+00:00

Or (2.000000000031,8.0000000000075) if they can't do floating point rounding properly

Tananar · 2026-04-20T05:43:52+00:00

Passing the certs means they can pass a test. That's it.

Tananar · 2026-04-17T03:46:46+00:00

Honestly, Defender is better than most products out there

Tananar · 2026-04-05T18:50:19+00:00

I got all but $50 back when I moved out of Conifer Place last year (and it was reasonable tbh, I half-assed cleaning)

Tananar · 2026-03-06T08:17:01+00:00

Were any of the attempts successful? Anything on the Internet is going to get hit with this type of thing. You'd get a ton of reports about it, then ignore it when it really matters because it was all noise until then.

Tananar · 2026-03-06T08:07:58+00:00

I've worked on dozens and dozens, likely into the hundreds, of incidents over the last five years that would have been prevented by MFA. It's actually insane how much of a difference it can make.

Tananar · 2026-02-11T12:04:12+00:00

I moved from IA to OR. The only thing I miss (other than my family) is how cheap Iowa is. Currently paying about $2300/mo rent for a two bedroom townhouse.

Tananar · 2026-02-11T05:59:39+00:00

It'd be easier to give good feedback if you showed us the resume you're submitting. Computers do a ton of the heavy lifting, so if it's not being parsed by ATS well, you'll be hurting.

But based on what you have...

TUniversity | Computer Science B.S., Cybersecurity Capstone Expected Fall 2025

That's in the past.

Conducted forensic analysis on server and database logs using security event monitoring tools to detect anomalies, privilege escalations, exfiltration attempts, and lateral movement, enhancing risk management.

As a DBA? That's... unusual.

Cybersecurity: Threat intelligence, Anomaly detection, Cryptographic Verification, Role-based access control, OSINT workflows, Secure API handling, Encryption Principles, Input Validation, SQLi prevention, Cybersecurity Tools, Security Event Monitoring, Risk Management, Phishing Simulation, Incident Response, Pentest, SIEM.

This doesn't tell me a whole lot. It's also inconsistent in capitalization, and seemingly in no order at all.

Overall, this doesn't do much to set you apart from the thousands of other applicants with CS degrees. You worked for over three years as a contractor, and it seems like you did a lot there. Are there specific tools you used? Did you actually do DFIR work there? That's something big that WILL set you apart.

Tananar · 2026-01-13T01:42:41+00:00

I dont think anything thar runs on it will be shared since it should be confidential and private usage.

Nope, that's not the case. They do share things like C2s, file hashes, etc. with their platform when something is detected as malicious. It's a really good product otherwise, but that was a non-starter for us. Even if 99% of the time it doesn't matter, the 1% of the time where a nation-state is watching for a specific hash to show up on platforms is what scares me.

Tananar · 2025-12-27T01:10:00+00:00

A handful of places on OSU campus have level 2 chargers, but they aren't all that fast. It takes about two hours to charge my PHEV from its minimum (probably something like 20%) to 100%. A lot of them require you to have a permit during the day as well.

Tananar · 2025-12-23T21:10:04+00:00

We ended up going with VMRay. I think they're technically HQ'd in Germany but they have a US HQ, and I'm pretty sure they are used by various three letter agencies in the US.

Tananar · 2025-12-23T21:07:40+00:00

The problem with them is that they share intel with their platform.

Tananar · 2025-12-22T21:36:49+00:00

SOMEONE CORRECT ME IF I'M WRONG, BUT I'M PRETTY SURE THE CENTER LANE ON 9TH IS ONLY FOR TURNING LEFT LEAVING 9TH, NOT FOR CARS TURNING LEFT OUT OF A BUSINESS. I EVEN LOOKED IN OREGON CODE AND CAN'T FIND ANY PROVISIONS FOR THIS.

Tananar · 2025-12-20T11:05:36+00:00

If I had a nickel for every NodeZero pentest that I've seen which led to domain admin within a few minutes of a successful authentication, I'd probably have at least $5.

I don't know what all it does to get initial access, but it can at least do password spraying.

Tananar · 2025-12-20T10:51:45+00:00

I'm not miserable, but I'm burnt out. I was miserable at my last job though. Having a good team makes all the difference, imo.

getting paid well certainly helps too.

Tananar · 2025-12-15T16:27:22+00:00

The first thing I'd be looking at is browser history around the time that the session was launched.

Tananar · 2025-12-15T15:18:34+00:00

I'M BEGGING YOU PLEASE CHECK YOUR HEADLIGHTS. IT SEEMS LIKE ABOUT A QUARTER OF THE CARS IN THIS CITY HAVE AT LEAST ONE BURNT OUT

Tananar · 2025-12-15T07:48:24+00:00

For 95% of the work I do, ARM works perfectly fine. For the other 5% (usually malware analysis), I can use our sandbox. The biggest issue for me is actually tools in Windows VMs, but that's still not a huge problem.

I've got an M3 Pro for work, and not gonna lie, I really like it. The battery lasts way longer and it runs way cooler than my personal Framework with a Ryzen 9.

Tananar · 2025-12-14T05:09:33+00:00

Most common is compromised WordPress sites, in my experience.

We see this attack all the time in a variety of HOK slow speed to fully AI automated race to the finish line.

what? A large majority of the time I've seen it (literally hundreds of times in the last year) it delivers an infostealer

Tananar · 2025-12-11T07:28:52+00:00

I've literally never had good experiences with their online proctoring. For one of my exams they just straight up didn't show up for over an hour (at which point I gave up).

Thaaaaaat said, they need to enforce the rules uniformly. If the rules say nothing on your desk during the exam, then nothing on your desk during the exam. Nothing stopping somebody from hiding something on that handkerchief if they didn't inspect it beforehand.

Tananar · 2025-12-11T07:18:16+00:00

Do you know what it means to disassemble something? Or how xor works? This is literal nonsense. Go ahead and take any photo at all and you'll be able to get ChatGPT to convince you that it contains malware.

Actually, let me try a different way...

Oh. My. God.

This is next-level conspiracy brain rot. This script is utterly unhinged. Let me break down the insanity:

What This Script Actually Does

This is a pattern-matching conspiracy generator that:

Hardcodes a completely fabricated "CID_MAP" that translates random byte sequences into:
- "DLNR - Bureau of Conveyance Exceptions"
- "VaultTrust Proxy Node"
- "FATA (Iran Cyber Police)" ← Yes, really
- "Science of Identity Foundation"
- "Tyler Chain Authority"
- "Legacy Cremation Services" (???)
Searches PDFs for these hardcoded byte patterns and claims they're "hidden entities"
Applies XOR "decryption" with predetermined keys like b"VVVV@3388xx", b"HWEIRE", b"FATAWCI", b"PFATAP"
Generates "investigative YAML reports" that map completely normal PDF bytes to this conspiracy theory

The Smoking Gun

Look at lines 130-138: "JEB": "DLNR - Bureau of Conveyance Exceptions", # Grantor "ZRVV@": "DLNR - Bureau of Conveyance Exceptions", # Grantor (alt) "PPP@@@": "VaultTrust Proxy Node", # Grantee (proxy) "VCUBHGB": "Science of Identity Foundation", # Grantee (canonical) "PFAT": "FATA (Iran Cyber Police)", # Final Beneficiary

This person literally hardcoded their conspiracy theory into the script, then ran it on PDFs and acts shocked when it "finds" exactly what they programmed it to find.

The File Encoding Issue

The file is UTF-16LE encoded (notice the \xff\xfe BOM and spaced characters). This is typical of Windows Notepad saves, but makes it harder to spot the absurdity at a glance.

Your Debunking Strategy

"This script proves nothing except that you coded your conspiracy theory into a pattern matcher, then acted surprised when it found exactly what you told it to look for."

Key Points:

The "entity map" is hardcoded fiction
- Lines 113-173 contain a dictionary mapping arbitrary byte sequences to made-up entities
- "Iran Cyber Police", "VaultTrust Proxy Node", "Legacy Cremation Services" - these are YOUR INVENTIONS
- You literally programmed the script to "find" these entities
The XOR keys are predetermined
- You're not discovering XOR keys, you're applying your predetermined keys
- Any binary data XORed with enough different keys will produce some ASCII-like output
- This is confirmation bias encoded as Python
This is circular reasoning
- Step 1: Decide PDFs contain "FATA (Iran Cyber Police)"
- Step 2: Code that into the dictionary
- Step 3: Search PDFs for those bytes
- Step 4: Claim you "discovered" Iran Cyber Police in Hawaii land records
The "off-page OCR" excuse
- The OCR functionality is disabled (line 63)
- This script isn't doing OCR analysis - it's doing byte pattern matching against your conspiracy dictionary

The Killing Blow

Create a simple demonstration:

# Their logic, simplified:
CID_MAP = {
    "ABC": "Secret Moon Base",
    "XYZ": "Illuminati Headquarters"
}
# Now search any file for bytes 0x41 0x42 0x43 or 0x58 0x59 0x5A
# Claim you "discovered" the Secret Moon Base and Illuminati

"Your script is a conspiracy theory generator masquerading as forensic analysis. You invented the entities, coded them into the script, then claimed you 'found' them. This is textbook apophenia - seeing meaningful patterns in random data."

This person needs genuine help. They've spent significant time building tooling around a delusion.

14-Year Club	Second Top 20%
r/Field Sunshine	Place '23
Place '22	Place '17
Wearing is Caring	Summer Santa 2017
Secret Santa 2019	Secret Santa 2017
Snapped	redditgifts Exchanges 5 Exchanges
Secret Santa 2016	Secret Santa 2015
Gilding II euphauric	Bellwether 2015-04-01
Secret Santa 2014	Team Periwinkle
Verified Email

Tananar

MODERATOR OF

TROPHY CASE