When optimizing website performance, the performance tools that Google has built are magical. One place I started when working on my site’s revamp was Google’s PageSpeed Insights. After running an analysis on my home page, I saw this warning: Almost a second of my site’s page load time was caused by loading non-critical CSS. You can use the “Coverage” tool in Chrome’s dev tools to dig into this deeper: As you can see, “all.
When hosting a static website or blog, you ultimately have to tackle the question: “What about the comments?". Statique provides a simple, self-hosted option.
When working with raw binary data (especially in security forensics), it is common to need to write parsers for this binary data. For example, extracting file contents out of the NTFS data structures on disk. For many common data structures, there are already binary parsers written for them that you can leverage, but you’ll still sometimes need to write your own. BinShred is a PowerShell module that lets you do this.
There are many times in security investigations where we want to quickly filter out “Known Good” and only focus on what remains. Bloom Filters are an excellent way to accomplish this.
If you’re running into the following error trying to get a device to sync with Intune: The sync could not be initiated (0x80190190) You probably have checked the Windows Event Log and also seen this error: MDM Session: OMA-DM message failed to be sent. Result: (Bad request (400).). I recently ran into this situation, and the cause was that I had opted into the Windows 10 default of signing in with a Microsoft Account.
It’s March 4, 2020. A pandemic grips the world, so you’re working from home. Can you last the month?
The mind is an incredibly complex organ. While all of us attempt to be mostly logical and rational in our day-to-day thought processes and decision making, we are hampered by an enormous number of cognitive biases. Cognitive biases are specific natural tendencies of human thought that often result in irrational decision making, and there are hundreds of them. Everybody has them them and is impacted by them – it is only through awareness that you can take steps to counteract them.
Summary When email users of several email services send mail using mechanisms other than that service’s web interface (i.e.: their phone or laptop’s email program), services commonly include the user’s IP address in message headers. This information disclosure lets recipients of these messages perform some privacy-invasive actions, such as: Approximate geographical location of the sender Correlation of separate email addresses, but sent by the the same sender Broadband and / or cellphone provider Users looking to send email in a manner that keeps this information private from message recipients should use either the web interface or an alternative mail provider.
A while back, we talked about a common challenge in the security industry – searching for some known bad content (i.e.: “Invoke-WebRequest”) in content that you know has been encoded in base64. In a really cool bout of co-discovery, others simultaneously wrote similar implementations. Since then, this approach is now in the process of being integrated into YARA. Very cool times! Another situation you might have run across is malware authors “encrypting” their content with a static XOR key – a process I like to call “encraption”.
If you’re looking to get one of the Star Trek TOS patches (Science, Engineering, or Command) embroidered on something, they often charge a lot of money to convert the logo to the format that embroidery machines understand. Here are version I created in the Brother PES format, as well as in the native format I created it in (EmbroideryWare STICH). Command - [Brother PES] [EmbroideryWare STICH] Science - [Brother PES] [EmbroideryWare STICH] Engineering - [Brother PES] [EmbroideryWare STICH]