metlstorm
@metlstorm.risky.biz
Unix berserker, retired hacker-con organiser (Kiwicon!) and now technology-editor-slash-sysadmin-janitor at Risky.biz.
Was @metlstorm on Twitter, am metlstorm@infosec.exchange on Masto.
Was @metlstorm on Twitter, am metlstorm@infosec.exchange on Masto.
It’s true for those that _do_ office with him too 🫣
November 11, 2025 at 9:45 PM
It’s true for those that _do_ office with him too 🫣
Curating the list after I solicited for additions;
* 802.11 WEP
* NSA md5 hash colliding windows updates
* admiral yamamoto in ww2 as well
* everyone who copies and pastes CBC mode (or ecb, lol) code off stack overflow
* 802.11 WEP
* NSA md5 hash colliding windows updates
* admiral yamamoto in ww2 as well
* everyone who copies and pastes CBC mode (or ecb, lol) code off stack overflow
November 8, 2025 at 7:38 PM
Curating the list after I solicited for additions;
* 802.11 WEP
* NSA md5 hash colliding windows updates
* admiral yamamoto in ww2 as well
* everyone who copies and pastes CBC mode (or ecb, lol) code off stack overflow
* 802.11 WEP
* NSA md5 hash colliding windows updates
* admiral yamamoto in ww2 as well
* everyone who copies and pastes CBC mode (or ecb, lol) code off stack overflow
🤦 of course it is.
I feel sorry for the masto devs, having poured your energy into working on open source and then seeing it get used to build... _that_.
I feel sorry for the masto devs, having poured your energy into working on open source and then seeing it get used to build... _that_.
October 16, 2025 at 7:45 PM
🤦 of course it is.
I feel sorry for the masto devs, having poured your energy into working on open source and then seeing it get used to build... _that_.
I feel sorry for the masto devs, having poured your energy into working on open source and then seeing it get used to build... _that_.
I try not to be too resistant to change for no reason old-man-yells-at-cloud.gif*, but it really just gives big Windows Media Player for XP energy, and its gonna age about as well as that i fear.
*i mean, I use systemd! instead of just sulking about init.d and pining for rc.local
*i mean, I use systemd! instead of just sulking about init.d and pining for rc.local
October 1, 2025 at 4:02 AM
I try not to be too resistant to change for no reason old-man-yells-at-cloud.gif*, but it really just gives big Windows Media Player for XP energy, and its gonna age about as well as that i fear.
*i mean, I use systemd! instead of just sulking about init.d and pining for rc.local
*i mean, I use systemd! instead of just sulking about init.d and pining for rc.local
when we met him IRL at our first RB company get-together i think we were all expecting 3 infosec racoons in a trenchcoat, but he is in fact but one man after all!
I posted this quality meme back in 2021 when he was still at The Record; he was like 80% of our input for RB main show
I posted this quality meme back in 2021 when he was still at The Record; he was like 80% of our input for RB main show
October 1, 2025 at 3:47 AM
when we met him IRL at our first RB company get-together i think we were all expecting 3 infosec racoons in a trenchcoat, but he is in fact but one man after all!
I posted this quality meme back in 2021 when he was still at The Record; he was like 80% of our input for RB main show
I posted this quality meme back in 2021 when he was still at The Record; he was like 80% of our input for RB main show
Reposted by metlstorm
Maybe we should stagger newsletter releases in ringed deployments so we can catch these egregious errors... you know, like they should have done with their shitty content update that wiped out 8.5m boxes!
July 4, 2025 at 12:52 AM
Maybe we should stagger newsletter releases in ringed deployments so we can catch these egregious errors... you know, like they should have done with their shitty content update that wiped out 8.5m boxes!
well you sure won the day with yama ptrace ha ha, took my toys away :D good times good times
June 21, 2025 at 7:33 AM
well you sure won the day with yama ptrace ha ha, took my toys away :D good times good times
yeah its a fun cat'n'mouse game, for sure. I take at least partial responsibility for the existence of yama/ptrace_scope, after @damienmiller.bsky.social and @keescook.bsky.social got sick of my bullshit 🤣😘
June 13, 2025 at 12:56 AM
yeah its a fun cat'n'mouse game, for sure. I take at least partial responsibility for the existence of yama/ptrace_scope, after @damienmiller.bsky.social and @keescook.bsky.social got sick of my bullshit 🤣😘
Cool! I love me some unix-tricks root-kittery!
I did a con talk once about non-root root-kits. Used SCTP/DCCP as you do for sockets, process hollowing/thread-injection for code, and inotify-racing to hide files (by detecting incoming traversal, opening an fd, unlinking, and linking it back after)
I did a con talk once about non-root root-kits. Used SCTP/DCCP as you do for sockets, process hollowing/thread-injection for code, and inotify-racing to hide files (by detecting incoming traversal, opening an fd, unlinking, and linking it back after)
June 13, 2025 at 12:26 AM
Cool! I love me some unix-tricks root-kittery!
I did a con talk once about non-root root-kits. Used SCTP/DCCP as you do for sockets, process hollowing/thread-injection for code, and inotify-racing to hide files (by detecting incoming traversal, opening an fd, unlinking, and linking it back after)
I did a con talk once about non-root root-kits. Used SCTP/DCCP as you do for sockets, process hollowing/thread-injection for code, and inotify-racing to hide files (by detecting incoming traversal, opening an fd, unlinking, and linking it back after)
Its true, they could be so much more efficient at getting things owned if they'd just `curl | sh`
June 13, 2025 at 12:08 AM
Its true, they could be so much more efficient at getting things owned if they'd just `curl | sh`
why did we ever do _hard_ hacking
a close up of a man 's face with a beard and mustache .
ALT: a close up of a man 's face with a beard and mustache .
media.tenor.com
June 12, 2025 at 12:31 AM
why did we ever do _hard_ hacking
