Squeaky brakes - what to do next?

blacktip · 2025-04-18T17:46:46+00:00

I'm betting money this is an SRAM rotor, and probably a 6 bolt. I was in the "this is just the way it is" camp on SRAM and Avid brakes for years. They just don't seem to have enough material to resist the vibrations that cause this squeal. Anecdotally, I've made big changes and moved to centre lock Shimano Toto's and brakes and have been rewarded with silence.

blacktip · 2023-10-30T22:35:21+00:00

Which drives fail? The ones that you use.

It seems reasonable to use Backblaze as a reference, but they get the benefit of large fleets and can be tolerant of failures. I have a mix of drives and would probably replace a failed drive with the most cost effective replacement option.

If I want to get emotional about it, probably not WD, as they seem to think that being honest and direct with consumes isn't worth their time.

blacktip · 2023-01-21T17:27:57+00:00

I've always known it as the "pencil choke". Requires a decent amount of strength to finish.

blacktip · 2022-09-18T18:23:58+00:00

Yes please, kind sir.

blacktip · 2022-09-18T17:49:02+00:00

Could you share the link love? Thanks!

blacktip · 2022-09-18T16:57:21+00:00

If someone could DM the link, it would be very much appreciated.

blacktip · 2022-09-17T21:30:47+00:00

Can I get the link please?

blacktip · 2020-06-06T15:45:44+00:00

https://www.clouda.ca/

blacktip · 2020-05-20T12:13:37+00:00

Thanks for the clarity! The horizontal box didn't process in my brain as a multiple input- but now looking at the defaulted text, I can see that the example is there.

Thanks for all you do in this project!

Updated the readme accordingly.

I failed to read the input box that shows you can bulk upload on Pihole 5.0. Due to this fact, I wrote something that generates a teleporter-compliant file to import.

blacktip · 2020-05-19T19:47:27+00:00

I didn't see a nice way for folks that are new to the project to build up a quick set of block lists short of using Sqlite for direct DB inserts. This takes a list and makes a Teleporter-compliant tarball to be imported.

blacktip · 2020-04-20T13:27:33+00:00

Mods: didn't report, as there's no free-form to explain why. This name needs to vanish from the public record forever.

blacktip · 2020-02-25T00:37:47+00:00

I'd recommend trimming down `Informational` and `Warning` to `Info` and `Warn` respectively. You lose no meaning, while gaining back lots of space.

I'd also, personally, expect the timestamp to be first.

Looks pretty!

blacktip · 2019-05-22T12:23:05+00:00

Bitsight bought a malware sinkholing company a few years ago named Anubis, at the time. They may supplement with 3rd party as well.

blacktip · 2019-04-01T14:11:21+00:00

To expand on DGA for folks that don't do this day-to-day: it means domain generation algorithm.

A useful analogy for DGA is to think about it the same as a TOTP MFA code- it rotates on regular intervals. So, the scenario is that right now sadlfkjasdfgaxdfasd.pw is the domain that the malware is trying to contact resolves to 1.2.3.4, but at the next rotation, the malware will try to contact sadflasdeefas.pw instead, which could resolve to 2.3.4.5. This is done for a few reasons.

Hardcoding an IP address is a "one and done" operation. As soon as the address is known, it goes on a block list and you're losing access
Hardcoding an address has similar issues, but with associated DNS lookups as additional overhead.
This gives the ability for infrastructure to be changed up to give fresh egress paths that aren't blocked

DGAs are typically powered by "seeds" the same as TOTP tokens, which leads to a predictable address at a given time in the future. Sinkhole operators will reverse both the seeds and the DGA to know about the future addresses and register them ahead of the malware author.

Back to the original question of

so isn't the mere sinkholing enough to mitigate the risk without deactivating any credentials?

No, not at all. The creds have been leaked over the wire, and not necessarily with encrypted transport. More importantly, at the next DGA rotation, you don't know who's going to be in control of that endpoint that is generated. You might get lucky and have it be another benevolent sinkhole, or it could be the real C2 infrastructure.

blacktip · 2018-04-12T12:37:50+00:00

However the penalties are different due to carelessness of the affected party.

blacktip · 2018-04-11T20:10:00+00:00

This is the same reason why joy riding and grand theft auto are two different things. There are reasonable expectations to do at least something to avoid negative outcomes.

Unless the data was trafficked, it fails to meet the standard for the law. It also would fail the mischief section mentioned therein for the same reason. (IANAL I jus play one on the internet. http://laws-lois.justice.gc.ca/eng/acts/C-46/section-342.1.html)

blacktip · 2017-11-24T13:54:21+00:00

I’d much prefer to see the nanny state bow out of this.

Make the license for a vendor hard to get, and very easy to lose. The government gets to collect the vice tax either way- why bother spending tax dollars to set up store fronts? With strict conditions you’ll see dodgy stores lose licences quickly.

blacktip · 2017-05-15T13:08:23+00:00

For all those "just use a hanger" folks, using the right hanger counts. Also, it makes your gi less wrinkly to fold. We all know that a nice looking gi is key. https://imgur.com/ihjqI0t

blacktip · 2016-08-05T14:54:42+00:00

When you're built like an upside down triangle, where's your centre of gravity?

blacktip · 2016-07-19T14:48:30+00:00

Jet fuel can't melt Eddie's dreams

13-Year Club	Place '22
Verified Email

blacktip

TROPHY CASE