evilstevie @evilstevie@mastod1.ddns.net

Pretty sure the time magazine photo of the year just dropped…

483) Spacebot (and Landerbot). Explores space, finding interesting planets and then deploying Landerbot to investigate further. #SmallRobotsRemastered

I teach cybersecurity. And I genuinely don't know what to tell my students after this one. Federal reviewers spent years trying to get basic encryption documentation from Microsoft for its GCC High government cloud. They couldn't get it. One reviewer called the system a "pile of spaghetti pies," with data traveling from point A to point B the way you'd get from Chicago to New York: a bus to St. Louis, a ferry to Pittsburgh, and a flight to Newark. Each leg is a potential hijacking. They knew this. They said this out loud in writing. Then they approved it anyway in December 2024, because too many agencies were already using it. 🔐 That's not a security review. That's a hostage negotiation. Two things in this story should make every CISO and CIO uncomfortable:

🧩 Microsoft built its federal cloud on top of decades of legacy code that it apparently can't fully document itself
👮 "Digital escorts" often ex-military with minimal software engineering backgrounds are the firewall between Chinese engineers working on the system and classified U.S. networks 🤦🏻‍♂️

The scariest line in the whole ProPublica investigation isn't the "pile of shit" quote. It's this: FedRAMP determined that refusing authorization wasn't feasible because agencies were already using the product. Read that again. The security review process reached a conclusion based on sunk cost, not risk. Ex Post Facto Fallacy

If that logic holds, the compliance framework is just documentation theater. And right now, CISA is being hollowed out, so there are fewer people left to even run the theater.

https://arstechnica.com/information-technology/2026/03/federal-cyber-experts-called-microsofts-cloud-a-pile-of-shit-approved-it-anyway/
#Cybersecurity #Microsoft #FedRAMP #Leadership #RiskManagement #security #privacy #cloud #infosec

For a coding challenge, I am currently researching big seas. I found:

Philippine Sea ~5M km²
Coral Sea ~4.8M km²
Arabian Sea ~ 3.8M km²
South China Sea ~3.5M km²

Surprisingly, the biggest is in England, called Nigel.

Advance warning: from tomorrow, I'm going to start sharing a poem each day again; so, if you were ever thinking about closing down your social media accounts, now might be a good time.

I forgot I had written this. I still stand by it.

https://hackaday.com/2024/01/03/a-few-reasonable-rules-for-the-responsible-use-of-new-technology/

I made a dodecathedral

the endless frustration: hardware used to be cheap but I had no money, and now I do have money but hardware costs have disproportionately increased :(

Some hero renamed the White House on Google Maps as Epstein Island. Bless you, whoever you are.
Post reporters called the White House. Their phones showed ‘Epstein Island.’ https://www.washingtonpost.com/style/power/2026/03/27/white-house-google-database-epstein/

“I need to discuss science vs. engineering. Put glibly:

In #science if you know what you are doing you should not be doing it.
In #engineering if you do not know what you are doing you should not be doing it."

― Richard Hamming, "The Art of Doing Science and Engineering: Learning to Learn" (1997)

In today's episode of "Can It Run Doom": DNS fucking TXT records.

Some absolute madlad (cough Adam Rice cough) compressed the entire shareware DOOM WAD, split it into around 1,964 chunks, shoved them into Cloudflare TXT records, and wrote a PowerShell script that reassembles and runs the whole goddamn game from DNS queries alone. Nothing touches disk. The DLLs are in DNS. THE FUCKING DLLS ARE IN DNS.

RFC 1035 was written in 1987. Those engineers are spinning in their graves fast enough to generate municipal power.

Bonus: this is a fully functional globally-distributed covert data exfil channel that your NGFW will never fucking see if you're not doing deep DNS inspection. Sleep well.

blog: https://blog.rice.is/post/doom-over-dns/

repo: https://github.com/resumex/doom-over-dns

Also lmao @ every blue team that has never once looked at their DNS query volume. How's that DLP policy working out for you.

It was always DNS.

#infosec #dns #doom #itisalwaysdns

Camera glasses? Fuck off you creepy cunt.

Fun fact I made a typo in sysmon-config many years ago, when I was working in Helpdesk.

I got my shot and was hired to the big firm with the big fancy expensive tools I would've never dreamed of.

Do you know what I find in that tool, auditing it?

My typo. They pasted it in. They just... copied the whole thing.

I sit at my desk. And I realize I was always enough.

Everything has been uploaded and is pre-staged for PUSHING TO PROD today!!! GET READY!

#memes #TGIF #shitpost #catte

You did it! 🥳

European Parliament just decided that Chat Control 1.0 must stop.

This means on April 6, 2026, Gmail, LinkedIn, Microsoft and other Big Techs must stop scanning your private messages in the EU. #PrivacyWins 💪