Aaron Parecki @aaronpk

Ō̴̡̨͍͕̠̹̘͖͓̭̝̰̖͉̬̫͍̝̰̟͖͖̞͇̟̻̫͇̠̯̋̋̂ͅͅA̷̡̧͎̫̬͖̠͍̼̗̠͊̉̏̓̈́̂̀̈́͆͘͜uth @oktadev oauth.wtf oauth.net 🎥 livestreaming youtube.com/aaronpk aaronpk.tv 💛 #indieweb 🐘🦋

 Portland, Oregon
aaronparecki.com
Joined April 2008
  • Tweets 11,388
  • Following 1,223
  • Followers 6,415
643 Photos and videos
Load newest
Replying to @dreeves @ATT
of all the problems in the world that currently need solving...
1
Replying to @dreeves @ATT
wait this is a real thing? a real person sat down and said how can we innovate bills?
1
Replying to @dreeves @ATT
but what does it even mean
1
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
I just might do that haha. The shirt i'm wearing today says "I find your lack of security disturbing"
2
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
tbh it's like the "security" involved in writing checks, it's best if you don't think too much about it
1
1
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
The browser doesn't have access to the MAC. Google *could* (and probably is) checking the IP address, but it's all heuristics because your IP address may change at any time, e.g. cell phones have very unstable IPs, hop in a plane and land with an IP from another country, etc.
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
💯 There aren't really any other tools browsers can use for this right now. The process of logging in looks like basically: you type your password in google, google gives you back a cookie, your browser makes a request with that cookie and the server knows who it's for.
1
Replying to @every_daydad @photojoseph @ZavitzLee @YTCreators
Interestingly that doesn't even matter for this since it wasn't the "normal" phishing style attack. Don't open files you download is the only safe thing, or open them on a machine that isn't logged in to anything. That obvs isn't practical, so it's a lot harder in practice.
1
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
No, the cookies are how the browser is logged in to google. No passwords needed, 2fa doesn't matter. I'm thinking I might need to make a video on this.
2
2
Replying to @photojoseph @ZavitzLee @every_daydad @YTCreators
It was a windows executable disguised as a .scr file, no keylogger needed for this, it was able to pick up the browser cookies from the hard drive. It could have happened on Mac just as easily.
1
1
Replying to @BasicFilmmaker
I was gonna ask how you're doing with all the fires nearby! Couldn't remember how close you are to that area
1
1
Replying to @ZavitzLee
fun fact not even fax machines are safe from viruses blog.checkpoint.com/2018/08/…
Replying to @ZavitzLee @YTCreators
omg what a mess! So sorry this is happening to you! If you aren't completely overwhelmed I'd love to help get to the bottom of how this happened. Online security is my jam. Feel free to DM me.
5
Replying to @saradietschy
Glad I'm not the only one! 🧐⏱
Replying to @photojoseph
I use a teleprompter about 50% of the time, writing a script takes so long I just skip that and jump straight to recording sometimes. I do just one take off the prompter though, I don't think it comes off looking like I'm reading.
1
2
Replying to @autiomaa @esamatti
There's a port of Overland for Android now too! It's linked from that readme
taking a picture of a globe is a great exercise in map projections
7
Replying to @saradietschy
never forgot! One of my favorite karaoke songs 😂😂🤣🦊
3
Replying to @rdegges
I dunno that sounds like work
1
Replying to @beaugunderson
PureData is like a free Max/MSP and isn't that bad for doing relatively simple connections like this. Might be fun to learn cause it opens up a bunch of neat stuff!
1
1
Load more