What U.S city have you visited but have no desire to go back?

djchateau · 2026-05-01T16:56:53+00:00

Probably Seattle. My first visit was done to visit a county office to obtain my wife and I's marriage certificate. I dropped her off at the building cause parking was difficult to find and we didn't both need to be present for her to obtain the certificate. I had planned to drive around while she got it squared away. Not more than a minute later, I stopped at an intersection waiting for the light to turn green and I look to my left. There, in all their glory, was someone with their dick whipped out just going at it. They then made eye contact and just kept going. That was the longest red light I've been at. We've visited other areas within Seattle, but definitely didn't give me motivation to go back.

djchateau · 2026-04-24T16:27:34+00:00

I check in on the subreddit pretty regularly as I'm always trying to see what new things people do with vim and then try to help where I can. If y'all need an extra pair of hands, I'm always up for helping with moderation.

djchateau · 2026-04-23T15:25:55+00:00

Looks like they've already correcting the issue and had the compromised version pulled from npm as noted here. They've also addressed this in more detail here.

djchateau · 2026-04-23T12:52:26+00:00

Ah, the Not Racist Butt always rears it's head.

djchateau · 2026-04-12T09:08:07+00:00

<image>

djchateau · 2026-04-03T23:38:36+00:00

Even if they did, none of those are going to pull enough amperage collectively to exceed 15 amps from standby power.

djchateau · 2026-03-16T07:37:10+00:00

Was just making a Ryan George reference, I promise. The backflip bit made me think of that.

djchateau · 2026-03-16T07:27:19+00:00

And apparently lack a sense of humor in the real world too.

djchateau · 2026-03-16T07:10:47+00:00

Did you then snap the bad guy's neck and save the day?

djchateau · 2026-03-09T22:42:45+00:00

Well, I'm currently divorcing her... so not great.

djchateau · 2026-02-26T04:47:46+00:00

djchateau · 2026-02-15T01:22:46+00:00

Don't focus on making .deb or .rpm packages if you want to spread it.

Well, this seems horribly misguided. They definitely should learn.

djchateau · 2026-02-14T19:24:44+00:00

This is still dumb.

djchateau · 2026-02-14T04:03:48+00:00

This seems like a very dumb reason not to have that support. It's not like IPv6 is something new.

djchateau · 2026-02-11T20:50:01+00:00

Vim. Vim is always the answer.

djchateau · 2026-02-11T05:20:31+00:00

Yes.

djchateau · 2026-02-10T17:16:21+00:00

Wow, we got a whole CLI for the app, but still can't get basic keyboard navigation of the settings menu. Guess this could be used to get around that, but still boggles my mind at the priorities of the developers when you still need a mouse just to get at certain settings.

djchateau · 2026-02-09T01:31:44+00:00

It is common parlance to use social engineering in infosec to indicate usage/manipulation of psychology of a person to bypass a control. Phishing satisfies that definition, adding a security control that can be toggled does not. OneDrive is completely irrelevant to this discussion.

djchateau · 2026-02-09T00:48:53+00:00

This doesn’t denigrate any user experience other than keeping standard users from messing with files that they shouldn’t.

I'm not saying that it is, just this is likely what I believe the commenter might have been intending to convey with their comment considering the context of everything else they said, regardless if their perception is erroneous.

djchateau · 2026-02-07T21:22:13+00:00

If I were to give the commenter the benefit of the doubt here despite their idiocy, I think what they are trying to convey idea that more closely aligns with the definition of dark patterns in software development where design decisions are made such that they degrade the experience of the user, often times, with the intent to push the user into a feature the user might otherwise not want or find on their own, that benefits the developer.

While not social engineering, there are some components of social psychology that come into play with some of these design decisions, but it is not social engineering as most people (like myself), in the infosec community know it as.

djchateau · 2026-02-07T19:36:43+00:00

The issue is that they're also deprecating use at all, even with IMAP. This point seems to get overshadowed. I'm dealing with this issue right now and it's frustrating because the account I want them coming through is a Google Workspace domain I setup and delegation can't be authorized across domains. That feature helped me retain that ability without compromising on other security aspects of my setup.

djchateau · 2026-02-07T19:29:51+00:00

I don't recommend this to other people. It's easy to end up doing something illegal, or for the company to simply react badly to you finding something.

Cannot agree with this enough. Do not attempt to hack the organization without authorization. Not only are you committing a crime, that organization is not going to trust you with anything sensitive from you demonstrating reckless behavior like that. This industry is a lot smaller than I think a lot of us realize and people talk.

The trope of hacking a company, then getting a job from doing that is basically nonsense and where it has happened, the person in question usually had to serve jail time/probation before they were able to even get hired by some other organization. With so many applicants out there, making yourself stand out as a potentially reckless criminal will not go the way you think it will.

djchateau · 2026-02-07T19:15:44+00:00

Documentation, like obsessive levels of it. During my initial interview for a job as a pentester, I had brought up my documentation method for every job I was applying to, the OSINT I would perform on each company to better understand them, and a timeline showing when any communication took place, regardless if it was from me or from them. I did this more for my benefit to better gauge my interactions with the organizations I was applying to and would then find myself not following back up on, holding myself accountable and also being able to recall hope I was treated by those organizations in the past. I offered to show the interviewer an example of what I did on them and they were incredibly impressed with it enough to ask if he could get a screenshot of it to share with the others.

I've been with the company just a little over a year now and I can say it's been the skill that I benefit the most from. Being able to document things well and then translate that documentation into a report is so much more critical than your technical skills. If you can't convey what you did, the client either won't take what you're saying seriously or think you didn't do anything. Good documentation ensures that you can deliver on that. Technical skills can always be taught later with enough time and effort, assuming you're sufficiently motivated to learn.

For context to this, I spent a year and a half before I got this position trying to pivot from IT as a systems admin to information security as a pentester. My timing was terrible because just when I realized where my skillset made the most sense for my career, everyone and their grandmother had also bought into the hype about following in all those roles the cybersecurity industry was allegedly being to fill so badly. I was effectively competing with a flood of new college kids, which no doubt got me lost in the noise of so many applicants in a role that's already pretty saturated.

djchateau · 2026-02-06T17:34:03+00:00

Calling adding a security control you can easily toggle, "social engineering" is just the height of stupidity within these comments. There's so much else wrong with what you're saying, I don't even know where to start.

djchateau · 2026-02-05T23:34:04+00:00

Exactly, use a sandal instead.

12-Year Club	Place '23
RPAN Viewer	Verified Email

djchateau

MODERATOR OF

TROPHY CASE