Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Daily Linux Forensics Trivia #34 [last daily trivia before @WWHackinFest!] - How are atimes handled by default in EXT?
3
1
3
Shout outs to @DfirNotes, @Jim_Hendrick, and especially to my fellow IRIX sufferer @clarkgaylord
Trivia Answer #33 - False. Any account with UID 0 has superuser privileges, and multiple accounts with the same UID are allowed. Attackers will sometimes create additional UID 0 accounts (or change the UID of an existing account) as a back door.
1
2
Daily Linux Forensics Trivia #33 - True or False: The only superuser account that can exist on a Linux system is the "root" account.
10
3
1
8
This means that web requests that take longer than usual to be fulfilled may be logged later than shorter duration requests that were actually received after the slow web request. Shout outs to @DfirNotes and @mboelen on this one!
1
Trivia Answer #32 - It is actually not uncommon to find Apache log entries out of chronological order. The log timestamps show the time the web request was received, but the log entries are not written until the web response is completed.
1
1
3
If you get a chance to see the musical “Six” you should definitely go. Super fun, high energy show!
Whew! Glad to hear it!
This is a wild, hopeful story: grad students at @Northeastern successfully pushed back against digital workplace surveillance, through fearless solidarity and the bright light of publicity. It's a tale of hand-to-hand, victorious combat with the #ShittyTechnologyAdoptionCurve. 1/
19
1,123
190
3,265
Replying to @timb_machine @paulvixie
Read the whole thread. "at" is definitely in there!
1
Replying to @paulvixie
RedHat still uses /var/spool/cron/crontabs I'm afraid
1
Replying to @Paul_IPv6 @k8em0
The fascinating part about that job is when you get down to the architecture as originally designed before all the other stuff got precariously piled on top of it.
4
Replying to @TaoCyberSec
I was filing bug reports on “Sunlink DNI” (DECNET over IP for SunOS) back in 1988. Nobody really cares about the resolution because, well, it’s DECNET over IP.
3
A decade ago, many tech companies had newer code bases & a chance to rearchitect for security without too much world impact. Now, we see many orgs stuck supporting legacy code long abandoned with no owners left who know which code is load bearing so they don’t touch it for years.
10
21
3
120
Joking with some colleagues and I said, “I have bug reports that are older than some of you!” And we all laughed until we realized it was actually true. And then it got real quiet.
3
2
62
Hal Pomeranz retweeted
Bryson 🦄 @brysonbort
29 Jun 2022
I've had the privilege to work with some of the greatest hackers on the planet: they were all good at different things. There is no one path or outcome. Climb your own mountain.
1
10
2
89
Daily Linux Forensics Trivia #32 - You find entries in an Apache web server log whose timestamps are out of chronological order. Does this mean the log has been tampered with?
3
2
And finally systemd gets into the mix (like it always does) with /etc/systemd/system/timers.target.wants and $HOME/.local/share/systemd
Don't forget "at" jobs under /var/spool/at/spool or /var/spool/cron/atjobs
1
2
10
Load more