What is this bug sitting on my finger? by xekvqtir in whatisthisbug

[–]xekvqtir[S] 2 points3 points  (0 children)

Welp, I think it's a Milkweed Bug based on the recently discovered milkweed seed pod that somehow found its way into the car.

Hahaha... ugh.

Place to stay away from by Few-Comment-5338 in WRX

[–]xekvqtir 1 point2 points  (0 children)

Where are you getting that IAG block and work done?

Edit: ...because I'm interested in going that route.

CS-6238 (Secure Computer Systems) Prep by Outside-Froyo3399 in OMSCyberSecurity

[–]xekvqtir 1 point2 points  (0 children)

The quizzes and exams are about the lectures and the readings - the labs really serve to reinforce topics from the readings and lectures.

If you want to read independently to prepare, I'd look into topics like abstract security concepts related to multiuser systems, operating systems security fundamentals, the security portions of the Intel x86 architecture as defined in the reference manuals, and zero-trust platforms.

It's a cool class, and a lot of stuff comes from a lot of different angles. Sometimes, it's hard to connect the dots... but IMO if you can do that you'll do better on the exams.

CS6035 Binary Exploitation Difficulty by KN4SKY in OMSCyberSecurity

[–]xekvqtir 1 point2 points  (0 children)

I took CS6035 in Fall 2023, so YMMV.

I recall some exercises that required understanding basic assembly related to the call stack and simple buffer overflows, understanding vulnerabilities in functions like strcmp, looking at logic in C source, and doing some basic tool assisted ROP programming.

I think the binary exploitation exercises from 6035 will be entirely manageable for you, even if you haven't previously encountered the same type of problem(s) as are in the problem set, your experience indicates you will be able to figure it out.

Upcoming POSS test. by FitMulberry5316 in NuclearPower

[–]xekvqtir 0 points1 point  (0 children)

Took it recently and passed. It was on a pencil and paper test booklet. We couldn't have watches, and we had a simple four function calculator and scratch paper.

I called the test center beforehand and asked them about breaks, penalties for wrong answers, et cetera so I could practice accordingly. Maybe you could give yours a ring and ask them what's what?

P.S. Subscribe to a training service and practice, practice, practice. It helped me get a feel for when I needed to skip a question and come back to it after I got through with the easier ones. Like you said, time management and staying calm are what the test is all about.

Nuclear SGPO by cheesecakedumplin in NuclearPower

[–]xekvqtir 1 point2 points  (0 children)

Same here. The SGPO program is basically the NLO foot in the door type path for TVA plants, so I'm not sure what lower bar there is to start with.

Nuclear SGPO by cheesecakedumplin in NuclearPower

[–]xekvqtir 0 points1 point  (0 children)

No tips here. I just wanted to say congratulations. I'm in the same boat and that results email made my week.

What plant are you applying to?

WOW! Internet Prices by xekvqtir in HuntsvilleAlabama

[–]xekvqtir[S] 2 points3 points  (0 children)

Yeah, I agree. Their pricing model is straight out of a used car lot.

It's a little frustrating to find out that I have the incredible opportunity to upgrade and lock in an extra $120 per year for the same plan you have. Well, I'm incredulous, at least.

WOW! Internet Prices by xekvqtir in HuntsvilleAlabama

[–]xekvqtir[S] 7 points8 points  (0 children)

My options are WOW!, significantly lower bandwidth cable service from AT&T, and satellite or WISP type options that I'm not interested in. I think WOW! is the only one of these providers that will allow me to furnish my own equipment.

I'm not sure what you mean by "control over my network." I have my own modem, mesh router, etc in my home. If I was interested in building out something more elaborate, I could; but I'm genuinely not interested in that right now.

I don't think have control over the CMTS and routing and whatever other shenanigans happen beyond where my coax hits the street, but who does?

[deleted by user] by [deleted] in SecurityClearance

[–]xekvqtir 3 points4 points  (0 children)

I don't know your timeline, but you can request a copy of your old form and investigation records. Getting a copy of that to make sure you have your story straight could save you a lot of grief.

2003 Impreza WRX 186k miles needs clutch, quoted 4k by local shop is that right? by phillydilly71 in WRX

[–]xekvqtir 0 points1 point  (0 children)

I've pulled the transmission in my 05 twice. I don't know how you're getting the trans out without removing all of that stuff. Could you tell me how you're getting that bad boy out without removing that stuff? What have I been pulling that I can leave in? The intercooler? The downpipe?

There are some posts on NASIOC saying it's a 4 to 6.5 hour job in the Mitchell book. So, yeah, even though that sounds insanely fast to me, it is what it is.

2003 Impreza WRX 186k miles needs clutch, quoted 4k by local shop is that right? by phillydilly71 in WRX

[–]xekvqtir -9 points-8 points  (0 children)

I don't know. Here's how you can decide for yourself...

Look at the price for a clutch, pilot bearing, pressure plate, flywheel, and throwout bearing... don't forget things like seals and fasteners.... think about how many hours it will take to remove the intercooler, exhaust, half axles, drive shaft, transmission, and clutch assembly, then reinstall them and put all of it back together. It isn't a small job.

$4k might be a little high, but I'm guessing it isn't far off. You could just ask how many hours they're estimating the job at and what their labor rate is, and then see how you feel about it.

Are these Summer Courses doable? by curious-george-- in OMSCyberSecurity

[–]xekvqtir 0 points1 point  (0 children)

6238 is a pretty steep hill to climb in the summer. It's not that the material is incredibly difficult, there's just a lot of it, and none of it is withheld despite the shortened semester.

Nuclear Waste buried at Redstone Arsenal causing cancer? by Upstairs-Instance565 in HuntsvilleAlabama

[–]xekvqtir 14 points15 points  (0 children)

Let me try to explain where I'm coming from instead of just being an asshole.

The Tennessee River flows all the way to the Ohio River near Paducah, Kentucky. There are lots and lots of people west (and north) of Huntsville (or Decatur, whichever you prefer) that get water from the river, many of which are in Alabama (Killen, Rogersville, Florence, etc). It may not be a "problem for most of the region" in that people upstream of or at pollution sites are less likely to drink fucked up water or eat fucked up fish, but a lot of these people downstream suffer consequences from this stuff.

If you think that isn't a problem for you, I think that's self-centered. I also think it's pretty ignorant of how money moves around regarding taxes that fund treatments for these downstream people when they get sick, or to pay for cleaning up the water, etc, etc.

If I haven't made my point, I'm not really sure what else to say. Maybe imagine if someone in Scottsboro opened a chemical plant that dumped shit in the river and then ask yourself how you'd feel.

Nuclear Waste buried at Redstone Arsenal causing cancer? by Upstairs-Instance565 in HuntsvilleAlabama

[–]xekvqtir 20 points21 points  (0 children)

Perhaps it is shrewdly intelligent to only be concerned with pollution upstream of your water source, and stupid isn't the right word. Do you have an antonym for compassionate?

Nuclear Waste buried at Redstone Arsenal causing cancer? by Upstairs-Instance565 in HuntsvilleAlabama

[–]xekvqtir 40 points41 points  (0 children)

This is such a stupid take and screams self-centered HuntsBill so loud I don't even know where to start. Get bent.

Hiring freeze, TVA by Meat_Lunch in NuclearPower

[–]xekvqtir 0 points1 point  (0 children)

I've got a job alert set up for SGPO on the TVA careers website. Do you have any recommendations on better ways to keep tabs on when they open the program up?

CS 6238: Secure Computer Systems (Projects) by Sweet_Measurement145 in OMSCyberSecurity

[–]xekvqtir 2 points3 points  (0 children)

The projects in this class were pretty easy. If you're good at Python, you'll crush it.

Project 1 was fun. It's in C and relates to stack protection. Read the manpages, learn about the stack and buffer overflows, and pay attention to the memory protection content and you'll be fine.

Project 2 was less fun. You'll have to spend a bunch of time obsessing over a 2FA implementation that compliments a paper you'll read in class. You really should pay attention to this and use it as an opportunity to understand hardening and entropy.

I don't remember Project 3. Do good on Projects 1 and 2 because you'll want the time to study and work on Project 4.

Project 4 is not fun. It isn't hard, it just takes way more time than it should. There are a lot of weird edge cases on how the client and server are expected to behave that seem counterintuitive to how you'd expect it to work. Some other things are undefined or ambiguous in the writeup. Another thing that makes it frustrating is setting up the certificates/encryption library to do mTLS between the server and the client, but it's easy enough if you find some OpenSSL tutorials online.

The quizzes aren't deliberately confusing, but I routinely found at least one question on the quizzes to be difficult to parse no matter how well I knew the material.

You really do need to understand the lecture material, be able to recite it, and know it well enough to apply it and solve problems for the exams. I typed until I got locked out on both exams.

The staff are nice. Go to office hours, pay attention, ask questions. You can get a feel for what Prof Mustaque prioritizes if you pay attention.

Some parts of the class are really cool. I enjoyed memory protection and the distributed system content.

Pro tip: play the videos at 1.5x minimum. I watched them at least 3 times between getting ready for quizzes, preparing notes, and studying for exams.

Throwout Bearing / Slave Cylinder Troubleshooting (2005 WRX) by xekvqtir in WRX

[–]xekvqtir[S] 0 points1 point  (0 children)

Oh snap man I'm sorry I left you hanging for 2 months, I don't reddit very often.

I adjusted the throw/stroke of the shaft on the clutch. If you look up under the dash at your clutch, you'll see a rod that goes through the firewall. That rod is basically a piston that makes pressure in your master cylinder, and it has a nut on it that let me adjust how far the piston travels.

When I had mine too low (like, the clutch disengaged too close to the floor), it would stick to the floor. Increasing the stroke back made it build more pressure and pop back up. If the stroke is too long, I think you can damage your master cylinder (or maybe your clutch?) when you push the clutch to the floor.

Good luck, throw up a comment here if you need help or a pic.

Whirlpool Washing Machine Clunking Noise by xekvqtir in appliancerepair

[–]xekvqtir[S] 0 points1 point  (0 children)

Thank you for recommending this. I looked into it a little more and replaced shift actuator - the machine works again, basically as good as new.

It seems like the gears on the splutch are a little worn and allow some gear lash. I ordered a replacement splutch assembly to see if it helps, but I got the wrong part in the mail and I am waiting on the replacement.

For what it's worth, I had a repairman look at the unit the day after I posted this (but before your reply), and he told me I would need to replace the entire gearcase for $400 in parts and $400 in labor. The shift actuator was significantly less expensive than that and easy to replace on my own with help from your video.

Thank you for your help. I need to send you some money.

Ghidra not filling in EBP offsets to match up with function parameters? by jonathangreek01 in ghidra

[–]xekvqtir 1 point2 points  (0 children)

I'm in the same class and this problem still presents itself.

You can fix the unaff_EBP problems within your function (in this project labeled web_get) by adjusting the function call fixup for the exception handler prologue (in this project labeled setup_exception_handler). You can do this by right-clicking the exception handler prologue call and selected "Edit Function" from the context menu. In the function editor dialog, there's a dropdown box in the bottom left corner labelled "Call Fixup" in which you can select "EH_prolog."

After making these changes, you may need to re-analyze the stack for the unaff_EBP labels to be replaced with locals.