Aaron Parecki

Christopher Lemmer Webber https://octodon.social/@cwebber • Dec 4
Typosquatted Python libraries exfiltrating PGP and SSH keys https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
Same stuff as the event-stream incident, effectively. This is only going to get worse; object capability security is no longer an optional thing; we need it to survive as a society.

How does ocap help? Wouldn't the attacker just exfiltrate the ocap token?

Seems like a better idea would be to use a hardware security model to contain the private keys, only letting the machine use them but not copy them out.

Portland, Oregon • 42°F

1 reply

Wed, Dec 4, 2019 9:10am -08:00
gerwitz https://micro.blog/gerwitz • Dec 3
@aaronpk I am! For experimenting. But the Z-wave USB stick is too fiddly.

yeah, the weak link for this seems to be USB hardware. Thankfully I haven't had any trouble since switching to the Intel NUC

Portland, Oregon • 33°F

Tue, Dec 3, 2019 7:42am -08:00
gerwitz https://micro.blog/gerwitz • Dec 3
@aaronpk between unifi’s software and synology’s, I mean. ¯_(ツ)_/¯

The NAS is my only “server” unless you count a CloudKey and Apple TV. I think it’s time for a HASS box, though.

You could always run Home Assistant on the Synology NAS https://www.home-assistant.io/docs/installation/synology/

Portland, Oregon • 33°F

Tue, Dec 3, 2019 7:38am -08:00
gerwitz https://micro.blog/gerwitz • Dec 3
@aaronpk 👍 I have a Synology NAS and UniFi network so am…conflicted.

conflicted? I also have a Synology NAS and UniFi network!

Portland, Oregon • 33°F

Tue, Dec 3, 2019 7:21am -08:00
Scott Hanselman https://twitter.com/shanselman • Dec 3
This is the gigabit tiny travel router I use. #ref https://hnsl.mn/35XDNJq

Ok I did not expect that to have support for WireGuard ... buying it right now!

Portland, Oregon • 32°F

Tue, Dec 3, 2019 6:36am -08:00
Govner https://twitter.com/oidc6 • Dec 3
Add this one to your list: https://threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/

aaaand this is why the Security BCP says to have an explicit list of redirect URIs and not allow wildcards 🤦‍♂️

Portland, Oregon • 32°F

1 like

Tue, Dec 3, 2019 6:20am -08:00
Mark Derricutt https://twitter.com/talios • Dec 3
No generator - but "The built in "media pool" allows loading of up to 20 separate broadcast quality RGBA graphics for titles," - shows up as a separate input. From https://www.blackmagicdesign.com/products/atemmini - I remember that from the launch. Seems there a photoshop plugin to for something....

oh yeah good point, I forgot this model has that! I do that with the ATEM TVS all the time, the Photoshop plugin basically gives you a menu option to push an open file into the media pool.

Portland, Oregon • 38°F

1 like

Mon, Dec 2, 2019 7:01pm -08:00
Mark Derricutt https://twitter.com/talios • Dec 3
Wouldn't the atem mini give you titles and obs like things? Seems to....

Nah, it doesn't have any title generator in it. You could create titles on a laptop and feed them in through one of the HDMI inputs, but that's the only way to do it. That's one of the nice things about OBS is how much stuff it has built in.

Portland, Oregon • 38°F

2 replies

Mon, Dec 2, 2019 6:54pm -08:00
Gary https://twitter.com/every_daydad • Dec 3
Thats a good idea, but it would probably dual role as playing games I can't get to work on my Mac.

#fulldisclosure

oh I see, looking for an excuse to buy a new computer 😉

Portland, Oregon • 40°F

2 likes

Mon, Dec 2, 2019 6:07pm -08:00
Gary https://twitter.com/every_daydad • Dec 3
Heres the quick templated run down of what I'm thinking for a dedicated live-streaming studio.

3x Lumix G7
8-18 and 2x 25mm
ATEM Mini
2x Shure 7MB
Zoom H6
Elgato keylight (maybe)
Some rando windows laptop

That should let me just turn it on and go, and switch with the ATEM.

If you don't need title graphics or other stuff OBS gives you, you can also ditch the laptop and go with a dedicated h264 encoder instead!

Portland, Oregon • 40°F

1 like 6 replies

Mon, Dec 2, 2019 6:05pm -08:00
Gary https://twitter.com/every_daydad • Dec 2
I'm looking at the ATEM Mini, and might just get it and a couple cameras and do actual switching instead of simulating it.

If you wait a few days I’ll have a video about it out 😉 Mine is in the mail right now! At $300 it’s basically a no brainer.

Portland, Oregon • 47°F

5 likes 1 reply

Mon, Dec 2, 2019 3:21pm -08:00
Gary https://twitter.com/every_daydad • Dec 2
Ok live streaming gurus.

Starting in the new year I'm looking at getting a weekly stream going again. But I'm looking at multi camera solutions.

Is there something out there that will let me take a wide angle shot and crop in to simulate multiple angles?

This is the kind of stuff I’m focusing on on my channel. BlackMagic just released a $300 switcher (ATEM Mini) which is probably what you want unless you’re ready to spend $1000+. afaik nothing at that price will do the crop thing.

Portland, Oregon • 47°F

3 likes 3 replies

Mon, Dec 2, 2019 3:19pm -08:00
gerwitz https://micro.blog/gerwitz • Dec 2
@aaronpk thanks! I have similar priorities as you, so this has helped me make a few decisions.

You mention UniFi Video but not what your camera setup looks like?

ah yeah I forgot to add cameras there! I'll add that section soon. The short version is I'm all in on UniFi video, I have a few of their cameras, and I installed their software in a VM.

Portland, Oregon • 45°F

Mon, Dec 2, 2019 12:05pm -08:00
Sidney Diongzon https://twitter.com/SidneyDiongzon • Dec 2
So....did everyone buy an Instant Pot today?

I bought one during the sale 2 or 3 years ago and it's been amaaaazing!

Portland, Oregon • 45°F

1 like 1 reply

Mon, Dec 2, 2019 12:04pm -08:00
Vika https://fireburn.ru/ • Dec 2
Today I learned that Philips Hue bulbs are definitely reliable. Maybe once I have the money I could buy some so I won’t have to stand up to turn off the lights. Looking forward to their smart plugs though; my desk lamp isn’t that smart 😢

Unrelated: It resembles your life-stack page a bit, which is cool. Quick question: does p3k store these pages like any other posts or does it do it separately?

Good question! It stores them like every other post, the only difference is they're marked with an "absolute slug" (like /home-automation) which causes the routing to be handled differently than my dated posts.

Portland, Oregon • 35°F

Mon, Dec 2, 2019 7:23am -08:00
Not Fake Adam Kalsey https://twitter.com/akalsey • Dec 2
Heads up the the Schlage customer service and tech support are so bad that you might as well just consider them disposable devices. “Hey my lock won’t unlock.” I’d removed it and replaced after 24 hours, and 8 days later they respond. Took 7 weeks for a resolution.

oof, thankfully I haven't ever had to call support and I've had 3 of their locks running for about 6 years straight now

Portland, Oregon • 34°F

Mon, Dec 2, 2019 5:57am -08:00
Jerry Jones https://twitter.com/jerryhjones • Dec 2
I have also moved mostly local with HomeAssistant. I haven’t read the whole post yet - but I can’t wait to compare notes! 🤓😎

Awesome! Let me know if you write up a post as well!

Portland, Oregon • 38°F

1 reply

Sun, Dec 1, 2019 9:10pm -08:00
Dad https://twitter.com/GeekAndDad • Dec 2
I wanted to get a setup using these: http://digistump.com/products/145

and sensors like these: https://www.adafruit.com/product/385

going, but DigiStump had to effectively shut down because their 3d printer project turned into a nightmare. Unfortunate because at $11 could be a great little node.

Oh you'll get a kick out of this then: https://esphome.io

I've made a few sensors with that platform. It's so much easier than DigiStump/Arduino stuff! And you can find esp8266 boards for under $10 too!

Portland, Oregon • 38°F

1 reply

Sun, Dec 1, 2019 6:57pm -08:00
tiffany https://micro.blog/tiffany • Dec 2
@aaronpk the stuff you've shared I'd have never thought of and are on my list to buy.

Thank you so, so much!

awesome so glad to help! I look forward to hearing how it works out!

Portland, Oregon • 38°F

Sun, Dec 1, 2019 6:47pm -08:00
Dad https://twitter.com/GeekAndDad • Dec 2
ha! Apparently that AcuRite 06002M you mentioned can be used inside a freezer to monitor freezer temperature (better range than the one they sell specifically for that use). https://github.com/trlafleur/Acurite-00592TX-Decoder-ESP32a

that sounds like an excellent use for my extra one!

/me goes to put one in his freezer

Portland, Oregon • 38°F

1 like 2 replies

Sun, Dec 1, 2019 6:24pm -08:00

older