84°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

Thursday, September 10, 2020

← Older → Newer
  • 12:46am
    Asleep
    5:49am
    Awake
    5h 03m
    Slept
    18m
    Awake for
    Portland, Oregon, USA
    Thu, Sep 10, 2020 5:49am -07:00
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    Damn. So the download was a virus, or keylogger? You on Mac or PC? We Mac users like to think we’re immune to stuff like this but probably not…
    Aaron Parecki
    It was a windows executable disguised as a .scr file, no keylogger needed for this, it was able to pick up the browser cookies from the hard drive. It could have happened on Mac just as easily.
    Portland, Oregon • 68°F
    1 like 11 replies
    Thu, Sep 10, 2020 7:07am -07:00
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    And the browser cookies had the passwords stored in a way that was readable?!
    Aaron Parecki
    No, the cookies are how the browser is logged in to google. No passwords needed, 2fa doesn't matter. I'm thinking I might need to make a video on this.
    Portland, Oregon • 68°F
    2 likes 9 replies
    Thu, Sep 10, 2020 7:08am -07:00
  • Gary https://twitter.com/every_daydad   •   Sep 10
    So would have two separate email accounts help? One solely for the YouTube channel, and one for business in case of a malignant file?
    Aaron Parecki
    Interestingly that doesn't even matter for this since it wasn't the "normal" phishing style attack. Don't open files you download is the only safe thing, or open them on a machine that isn't logged in to anything. That obvs isn't practical, so it's a lot harder in practice.
    Portland, Oregon • 68°F
    1 like
    Thu, Sep 10, 2020 7:15am -07:00
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    That is CRAZY that all you need is the cookies to access any account — especially a google one! So if I just sent you my cookies folder… you’d have access to anything I was logged into?!
    Aaron Parecki
    💯

    There aren't really any other tools browsers can use for this right now. The process of logging in looks like basically: you type your password in google, google gives you back a cookie, your browser makes a request with that cookie and the server knows who it's for.
    Portland, Oregon • 68°F
    5 replies
    Thu, Sep 10, 2020 7:25am -07:00
  • Meg Elison https://twitter.com/megelison
    Remember when the sky was blue and you could hug people and a US passport was a valuable object?
    Portland, Oregon • 68°F
    Thu, Sep 10, 2020 2:47am +00:00 (liked on Thu, Sep 10, 2020 7:27am -07:00)
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    And the cookie doesn’t verify the machine it’s on? You’d think it’d only work if the MAC address and IP address were a match. This seems so very insecure.
    Aaron Parecki
    The browser doesn't have access to the MAC. Google *could* (and probably is) checking the IP address, but it's all heuristics because your IP address may change at any time, e.g. cell phones have very unstable IPs, hop in a plane and land with an IP from another country, etc.
    Portland, Oregon • 68°F
    Thu, Sep 10, 2020 7:34am -07:00
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    And the cookie doesn’t verify the machine it’s on? You’d think it’d only work if the MAC address and IP address were a match. This seems so very insecure.
    Aaron Parecki
    tbh it's like the "security" involved in writing checks, it's best if you don't think too much about it
    Portland, Oregon • 68°F
    1 like 2 replies
    Thu, Sep 10, 2020 7:35am -07:00
  • Photo - “Wear a damn mask” - Joseph https://twitter.com/photojoseph   •   Sep 10
    WOW. You should put that on a Tshirt. “IT Security… it’s best if you don’t think about it”
    Aaron Parecki
    I just might do that haha. The shirt i'm wearing today says "I find your lack of security disturbing"
    Portland, Oregon • 71°F
    2 likes
    Thu, Sep 10, 2020 8:57am -07:00
  • Roberto Blake 🇺🇸🇵🇦🧢 Awesome Creator Academy https://twitter.com/robertoblake
    Upgrade Complete!
    Cable management on point!!!
    Portland, Oregon • 76°F
    Thu, Sep 10, 2020 11:16pm +00:00 (liked on Thu, Sep 10, 2020 6:45pm -07:00)
  • Jesse Genet https://twitter.com/jessegenet
    I'm now a 'Thanks for your patience' person who is a recovering 'Apologies for the delay' person... 2020 is truly a year of remarkable transformations.
    Portland, Oregon • 76°F
    Fri, Sep 11, 2020 1:13am +00:00 (liked on Thu, Sep 10, 2020 6:46pm -07:00)
  • david reeves https://twitter.com/dreeves   •   Sep 11
    Everyone:

    @ATT:
    Aaron Parecki
    but what does it even mean
    Portland, Oregon • 73°F
    3 replies
    Thu, Sep 10, 2020 8:09pm -07:00
  • david reeves https://twitter.com/dreeves   •   Sep 11
    Aaron Parecki
    wait this is a real thing?

    a real person sat down and said how can we innovate bills?
    Portland, Oregon • 73°F
    Thu, Sep 10, 2020 8:11pm -07:00
  • david reeves https://twitter.com/dreeves   •   Sep 11
    Like I wanted to watch my phone bill. On video.
    Aaron Parecki
    of all the problems in the world that currently need solving...
    Portland, Oregon • 73°F
    1 like
    Thu, Sep 10, 2020 8:13pm -07:00
  • creativity is revolutionary. https://twitter.com/MichellCClark
    "no dishes in the sink" is the household equivalent of "inbox zero"
    Portland, Oregon • 71°F
    Thu, Sep 10, 2020 3:36pm +00:00 (liked on Thu, Sep 10, 2020 8:45pm -07:00)
  • Tracey https://twitter.com/traceylross   •   Sep 11
    Talking to someone from another room then realizing they can’t hear you from there.
    Aaron Parecki
    while they're wearing noise canceling headphones
    Portland, Oregon • 71°F
    2 likes 1 reply
    Thu, Sep 10, 2020 8:46pm -07:00
  • Sara 🍑y https://twitter.com/saradietschy   •   Sep 11
    Has anyone successfully converted from a night owl to a person who wakes up at a normal time? Say wake up at 8am and go to bed at 12pm?
    My 3am-11am routine is affecting my life since the people I work with are normal humans.
    Help.
    Aaron Parecki
    Awake from 8am - 12pm sounds like the schedule my cat keeps
    Portland, Oregon • 71°F
    2 likes
    Thu, Sep 10, 2020 8:48pm -07:00
  • Jesse Vincent https://twitter.com/obra
    How is this night different than all other nights?

    On all other nights, we can not breathe the same air as any person outside our pod.

    On this night, we can not breathe any air outside our house.
    Portland, Oregon • 69°F
    Fri, Sep 11, 2020 4:40am +00:00 (liked on Thu, Sep 10, 2020 9:48pm -07:00)
  • Jess Hartley https://twitter.com/jesshartley
    Just came here to share this! "A gift is not an obligation!"
    Portland, Oregon • 68°F
    Fri, Sep 11, 2020 2:21am +00:00 (liked on Thu, Sep 10, 2020 9:53pm -07:00)
  • Iron Man Thee Nigga Nerd https://twitter.com/jackyalcine   •   Sep 11
    For #vegans, do y'all allow people to bring/eat non-vegan dishes into your home? (on par with shoe removal with entry)
    Aaron Parecki
    gawd no that's gross
    Portland, Oregon • 68°F
    1 like 2 replies
    Thu, Sep 10, 2020 9:55pm -07:00
  • Iron Man Thee Nigga Nerd https://twitter.com/jackyalcine   •   Sep 11
    See like I do try to be slightly accommodating because it's like a temporary action with little residual versus like having to vacuum and clean if someone stepped all over with shoes on my carpet
    Aaron Parecki
    Caveat: I'm veg not vegan, but I don't see why eating veg should be seen as an inconvenience to anyone
    Portland, Oregon • 68°F
    1 like 1 reply
    Thu, Sep 10, 2020 10:05pm -07:00
← Older → Newer

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv