Devon Kerr

@ImposeCost For real

Build with the assumption that some manager is going to want performance metrics. Hell, maybe even draw those requirements out of them early. How many times people want to measure performance across a range of data points and milestones in a workflow, and a system doesn't facilitate it...

Good overview of tactics being used to compromise Signal accounts. Government/military officials, or anyone working at the intersection of Russian security issues (private sector, journalists, civil society orgs writ large) should urgently review. ic3.gov/PSA/2026/PSA26…

~150 S3 abandoned buckets. 8M+ requests. Two months. Software updates, binaries, VMs and more. This week, AWS rolled out namespaces for new S3 buckets - finally. This is why offensive security research is so important - to move the needle. labs.watchtowr.com/8-million-requ…

there should be a goulash based fast food chain. like there's just a few pots of very hearty hungarian stew plus a few other magyar basics to go with it and you can get a big bowl of it for like $5

Feels pretty weird to still ahead when it comes to hunting persistent footholds. Old tradecraft dies hard.. Russia targeting Ukraine w/Startup Directory shortcut lab52.io/blog/drillapp-…

Free research idea! * VGA/HDMI has an i2c interface * Probe this, you might find flash programmers * Maybe they’re connected to SPI chips holding EDID / UI of the monitor menu * Maybe KVMs just join these lines together * Maybe you can move data between air gapped machines

For twenty-three years I’ve been twenty-three years They made me out of stone For you

@_subTee People sleep on data sources for sure!

@cyb3rops It could be way easier to implement a local model, but them SaaS revenue metrics

Can anyone explain this to me? First Claude Workspace, then Perplexity, now Manus - they keep using words like “my”, “personal”, and “local” in a way that suggests local information isn’t being sent to a remote LLM or RAG system for evaluation. But if no local LLM is actually running, then almost nothing except maybe config stays local. The reasoning still happens remotely. Right? Also - does anyone really think this belongs on a corporate workstation?

@_devonkerr_ @_subTee Some of my fav RSA times... Beer and some art

@filar @_subTee The best of lifetimes, reflected in photographic stills captured alongside Robert Kennedy’s funeral train.

I'm excited to announce my latest blog post: Boot ROM security on Silicon Macs! 🥾 This article marks the start of a 4-part series, detailing each stage of the boot process. My next post will be on the low level bootloader (LLB). oliviagallucci.com/boot-rom-secur…

@HackingLZ @JBizzle703 Every single time I move, a lab finds a new home and I get 6-8 months of relative peace to learn stained glass composition before I start building a new one.

@JBizzle703 If you’re old enough there are those of us who built and tried to give away some giant home Cisco labs 🤣

Are there people who have successful IT careers that don’t at some point have some type of home IT lab (including cloud and virtual)?

March 16 Mister Twistees 7PM literally 100% of people know the answers to these questions and are counting down to the official end of winter I can’t even

Ohohoho new work laptop

@_subTee The unquiet mind

Week one of the vacation between jobs is almost done and I’ve built a 12’ tall ag fence, painted my office, diagnosed a fuel line issue, started landscaping the front garden, and cleaned the garage. And only got one thing on my todo list done, somehow.

If you use a personal phone/laptop for your work, pay very close attention to this little detail. Iran attackers wipe 200k devices at a company called Stryker. Within those devices appears to be employees PERSONAL devices. The attackers used the company’s MDM software, which is basically IT management software running on everything. It’s an incredibly attractive backdoor to an attacker. I successfully targeted MDM software for several Red Team engagements. It’s… lots of fun :) Anyway, a lot of companies require you to install their MDM software on your personal devices before you can access resources like Corp email. It’s used to keep devices updated, lock things down if they get stolen, etc. The company often promises that they won’t access personal data, erase any personal data, etc. But this is often ONLY POLICY. If a bad actor gains access to the MDM tool, as was the case here, then anything can happen. People should be aware of these risks. I refused to run MDM software on any of my personal devices. The company needs to provide me with hardware if they want that. I personally isolate all corp devices to their own network too. If an adversary can get into the corp laptop, then can then get inside my network… there have been cases of it happening in the past.

@williballenthin, you're truly on a whole different level! 👑💯🤗🚀 #Speakeasy #emulation to the moon🚀💙