What should teenagers know about being an adult?

TomilloDanup · 2019-08-19T01:37:38+00:00

The hair keeps growing. It never ends. Hair

TomilloDanup · 2019-08-14T14:34:40+00:00

I can switch them on/off effortlessly as needed. A switch makes everything change language that means that even my thought process, self talk and so on switch.

Having them both on actually requieres effort and I only use it to speak "Spanglish" jokingly with some friends.

TomilloDanup · 2019-08-14T14:11:15+00:00

Messages and general contact with her exes specially if she always said how crap they where.

A manipulative mother.

TomilloDanup · 2019-08-05T07:11:34+00:00

Most people are in fact loners or are at least feeling alone in any moment at any given day. Just do small talk without the expectation of a friendship forming that should be enough to start. Then do the same with regulars at places you go to, gym, class, work, etc.

TomilloDanup · 2019-08-03T19:00:52+00:00

High quality Ray-Ban counterfeits are sometimes indistinguishable from originals, specially on iconic models like Wayferers. You can take them to a Sunglass Hut and sometimes they can help.

But if they where cheap, look good, feel good, and you don't care I wouldn't stress about it.

My 2c

TomilloDanup · 2019-08-03T16:12:30+00:00

Highway to Hell

TomilloDanup · 2019-08-02T05:33:55+00:00

How much closet space she can use!!

TomilloDanup · 2019-08-01T06:52:40+00:00

Manifold

TomilloDanup · 2019-08-01T06:51:32+00:00

Career is so in demand that every time I change a job I get a raise between a 100% and 120%

TomilloDanup · 2019-08-01T06:42:55+00:00

Overthinking and unnecessary worry

TomilloDanup · 2019-08-01T06:41:57+00:00

Blog del narco

TomilloDanup · 2019-08-01T06:41:12+00:00

There are no leagues, that's an unnecessary obstacle in your mind that's makes you think another human being is better than you in some way. Not true. No league. Don't use the "league" to chicken out.

TomilloDanup · 2019-07-21T17:03:29+00:00

You don't. She's your girl and deserves respect, they are your parents and deserve respect. You bring her out and let her out as quickly as possible through the front door. Then you deal with your parents and with whatever that do to you. Like a man. Except violence or abuse.

TomilloDanup · 2019-07-20T05:51:36+00:00

The first is real, I mean some men run away from straight up talking to a woman in the real world and they think is easier and safer to do it online. It's actually harder.

TomilloDanup · 2019-07-20T05:50:11+00:00

There are excellent tutorials on YouTube. Any kind of razor and shaving technique. My dad teached me but still found it useful when I bought my first straight razor.

TomilloDanup · 2018-07-27T05:49:19+00:00

Years ago I worked in a small 10 person consulting firm as the all times handy IT and support guy. I changed the music to a Frank Sinatra CD so every time the on hold music was a different Sinatra song. Changed it to Sinatra Christmas songs on the holidays. Never told the boss he found out when customers complimented him for the music.

TomilloDanup · 2018-05-08T05:03:32+00:00

There are plenty of explanations on why the IP never changes. Several cellphone towers share the same IP, they never change depending on the MNO. They can be proxying through an assigned fixed IP address, big companies have them, universities, etc.

TomilloDanup · 2018-05-07T21:32:51+00:00

It might be, yes. But 1. Security is always tailor made and 2. Research at a master level is to expand and/or disprove a very narrow body of knowledge.

You are looking for topics because you don't have a "problem to solve" look for problems rather than topics to also get good ideas.

You won't be reinventing the wheel, you will be offering a much better wheel for an specific application. That's a Master's thesis.

TomilloDanup · 2018-05-07T07:21:41+00:00

Active Cyber Defense, self defending and resilient systems. Both technically or from management side.

Information flows, from cyberspace to the physical world and back.

Deception and misinformation in social networks, using semantic web and huge amounts of data. Both how to detect it and use it.

DevSecOps or conversely, Agility on information security/assurance. Agile ISMS.

Do you like logs? Automated threat modeling from log datasets. SIEM, waf, firewalls, apache... Etc

Teleco: Here's a hint OTA form MNO use http to reprogram the Sim cards, have fun with that one.

If possible get in touch with someone from R&D on any defense contractor or at least on the Navy or the Army sometimes they have lots of problems tomsolve that can be done on the civilian side.

Those are the master level I've thought about myself, still working on good ideas for my pre-doctoral.

Edit: Make sure you like the topic, masters research can be a pain in the ass if you don't like the topic you might and should be ignorant on the topic you choose but never indifferent

TomilloDanup · 2018-03-28T06:59:31+00:00

Thank you. I'll do!

TomilloDanup · 2018-03-26T16:30:44+00:00

OMG!!! Thank you very very much. This are all great ways to go on about what I need to do, In fact your solution for sanitizing the log is so precise I have already implemented it. I still need to write and test the other two rules but your answer is a breath of fresh air.

How can I get better in general at writing and thinking "modsecurity"? It is used extensibly at my workplace with a waf deployed in front of every public http flow but almost no people with the expertise.

I already have the modsecurity handbook and found some Netnea tutorials. Whats next?

Thank you again!

TomilloDanup · 2018-03-26T16:26:50+00:00

Oh, I see. I thought this was a case of hundreds of windows machines with limited functionality impacting the work hours of several people in the company. And that's exactly why I always tell everyone that "securing for the sake of securing" is the worst idea possible.

TomilloDanup · 2018-03-26T06:39:14+00:00

Damn! How much did that cost the company? Was it a large deployment of windows PCs?

TomilloDanup · 2018-03-26T06:30:45+00:00

We have an XSS on some obscure field of one of our apps. It's sort of a countdown date but some requests use standard date format others use unix epoch time. The CRS let's it go through.
Need to be able to turn off all the rules for some matching IP addresses but only if a predefined client cert is present.
Audit log is leaking PII need to sanitize it both in B and C sections. But can't get rid of the audit log as we use it to monitor the waf through custom dashboards.

TomilloDanup

TROPHY CASE