@plyuriweek day 5 - messages

didn’t have much time but wanted to do at least one day! saw this prompt and immediately knew who i wanted to draw

jean greyerl and lettie mailer were the blueprint for susarei in this essay I will--

FRIEND ON THE DASH HIII

I am seeing this after too long but HIIII FRIEND HOW ARE YOU

Viruses are not the only "bad" thing

Once upon a time, about the only "bad" thing for a computer (aside from hardware problems or dumb users) was a virus. I'm going to let you in on a little secret here ... virus detection has not changed since the 80's when the first computer viruses started to be prolific; essentially you look at the SHA hash of a file, and if it matches a known virus ... it's a virus.

No matter what Symantec and Kasperski and McAfee tell you, that's really all that's behind their magic. Oh, sure, they look at anything that's OS executable and have a reputation on it, but that's still based on hash.

So what's the big deal, then, if you have virus scanning on your email server, workstation, and everywhere else? Well, viruses are not the only bad thing. "Bad" email comes in a lot of different categories:

Spam Phishing Malware BEC (Business Email Compromise, aka "Impostor") Adult (aka "porn") Virus Greymail Spoofed

So let's go over those categories. A lot of people call anything bad in email "spam" but most filtering companies consider spam to just be cold-contact marketing email that doesn't adhere to the CANSPAM act/law of 2003 (geeze, has it been that long?). Spam is not malicious, it's just unwanted garbage trying to get you to buy something, and in modern times that something is often pornographic.

So next up is Phishing. Phishing emails typically fall under 2 categories; 1) emails trying to get you to respond directly with your username and password (I.E. "This is your helpdesk, there's a problem with your account, we need your username and password ASAP") - these are usually unsophisticated attacks that rely on volume more than being targeted. The other is 2) emails with links to websites are essentially a mock-up of a legitimate website, and once you put in your credentials, they can access your account. These are often very sophisticated and will use look-alike domains and very cleverly rendered websites to fool people. Phishing can get really bad if they manage to get access to your phone account and do a sim swap; think about it, where is all your 2-factor auth coming from?

Next up is malware. While malware is almost certainly a file of some sorts, it differs from viruses in that it's usually code execution on the browser side that's gonna damage your computer (think keystroke loggers or redirects). You can't virus scan for ever-changing code, so malware is often identified by the websites hosting it.

Now we have BEC; that's where a Threat Actor is pretending to be someone in your organization for the purpose of screwing you out of your money. One of the most common ones isl "Hi, this is your CEO, I'm schmoozing a bunch of clients right now and I forgot to bring freebies to hand out, could you go purchase $400 in $20 iTunes gift cards and scratch off the numbers and send them to me ASAP?" Yup, sounds insane. Guess what? It works.

Next up is Adult. Porn email, but it's just so darn prolific. I've seen "Canadian Pharmacy" emails get flagged as adult, though, because they so often push generic Viagra.

Ok, so I've already covered viruses at the beginning of this post, the only other thing to say on that is in order to scan for viruses, email attachments have to be scannable. There are a lot of organizations that use password protected attachments in emails with a pre-determined password; guess what? Virus scanners can't scan that. It's like Schrödinger's cat - until we can peek in the box (or the attachment), we can't determine if the cat is dead or alive (if there's a virus or not).

Next we have Greymail; not unlike spam, but it typically does adhere to the CANSPAM act in that 1) you have a prior business relationship with the sender and 2) they have and honor unsubscribe requests. This is your JC Penny weekly deals, ESPN Monday morning NFL scores, and Reddit summary updates.

Finally, we have Spoofing. This is where the sender is pretending to be someone they're not, either in real name or email address. We've already addressed how to detect spoofing with SPF/DKIM/DMARC in an earlier post, so I won't go into that much here, but I will tell you that pretty much every organization I've ever worked with (and that's many hundreds at this point), has "legitimate" email coming in that fails those protocols, so they're certainly not perfect.

Ahhh, I remember in the old days when you just had to worry about viruses.

💘💐 send this to the twelve nicest people you know or who seem to have a good heart and if you get five back you must be pretty awesome 💐💘 hello thanks for putting amazing spn content on my dash

Thank you Pooja, ily so much😭😭❤

WORD OF THE DAY Wed, November 17, 2021 OED Word of the Day: greymail, n. A mild form of blackmail without demands for money; exercise of power over a person through possession of compromising information.

"Political blackmail is becoming..a commonplace... Perhaps there should be gradations of the term..‘white–mail’ and ‘graymail’, for starters." - 1964, Newsweek 24 Aug. 32

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

See the original post on Instagram! Watch WGS on Twitch and YouTube!

I refuse to acknowledge that this looks like an off brand philza minecraft

I just really think Sam Axe is the character of all time. he was a Navy SEAL, his wardrobe is 90% Hawaiian shirts, he’s a lowkey functioning alcoholic, he jumps from sugar mommy to sugar mommy, he’s so fucking horny and canonically so good at sex that women spoil him for it, he’s so friendly he’s got buddies in almost every government agency, the CIA fucking hates him, he’s been a hostage multiple times and one of those times he critiqued how the kidnapper hit him, he pays for 1 out of every 10 dinners with his lady friend because he’s poor but he cares, he’s Michael and Madeline Westen’s best friend, he’s pretended to be Fiona’s partner undercover more than Michael has, he refuses to change his cover ID, he’s skilled at forgery, surveillance, wiretapping, hand to hand combat, marksmanship, throwing a fit in public, and wearing suspenders, he consistently breaks the law for good reasons, he was forced to retire for doing the right thing and he greymailed his way into keeping his pension, the whole situation started because he accidentally fucked a superior’s wife, he has a 12-3:30 PM nap time, he’s a grown man who once told someone he was trying to explode them with his mind, he’s still legally married, he brags about being a boy toy and is genuinely a caring, affectionate, helpful boyfriend despite going after rich women, he loves snacks and mojitos and strung a bunch of FBI agents along to do his best to protect Michael while protecting his own pension, and was like “they buy me lunch when they think they’re getting something good : )”. he is simply the perfect man!!

#greymail

inspired by @brambletakato 's polling. one of these things is not like the others lmao

Hey, can u recommend me some good books by Indian authors? ( It can be of any genre btw ) 💕

Oh god I have been putting off answering this for so long, I am so sorry but i really rarely read any fiction books by Indian authors. It is a lot of academic texts and non-fiction up here anon but I will still try aaaah

1. Any book written by Ruskin Bond

2. Everyone loves a good draught - P Sainath

3. A train to Pakistan - Khushwant Singh

4. Annihilation of Caste - Babasaheb Ambedkar (I have never made a list of important Indian books w/o this)

5. A Suitable Boy - Vikram Seth

** If you read Hindi novels then Devdas, Kitne Pakistan, Kurukshetra and Madhushala

How to tell if an email is bad

I’ve worked with email for a while. I’ve worked for an email filtering company for a while. I’m not going to give away trade secrets, but I just want to go over the ways that the different vendors (Mimecast, Proofpoint, Cisco, Microsoft, Barracuda, etc) use to see if an email is “bad” or “good”.

If you boil it down, the ways you can look at an email are basically Content (what’s in it, including links and attachments), Who it came from (Message header from and envelope sender), and Where it came from (the connecting IP or FQDN)

So let’s talk about content first. When I mean content, I don’t JUST mean the words in the subject or body. Modern email allows attachments, and URLs, and embedded images and lots of crazy things that were never designed to be in an email. Content most commonly comes in the form of words in the subject or body of an email. If you’ve worked with email for a while, you can identify spam/bulk/greymail; “Don’t miss out on your free reward!” “You’ve earned $45!” “Use this one weird trick to lose 10 lbs in a week” (In my personal opinion, any email containing an emoji in the subject should automatically be considered spam)

Content can also be URLs; it seems like almost every email these days has a link that goes somewhere, whether it’s an ad going to a website or an email HREF allowing you to send a message to a different recipient.

Finally, content can include attachments. Word docs, Excel files, PDFs, viruses.

Most email filters will look at all of these things, sometimes in conjunction, to determine if a message is bad or good. Obviously if a message has a malicious URL or a virus, you’ll want to block it right off, but what about emails that have none of those things and are trying to get the recipient to do something dumb, financially?

More on that next week.

as you are a spn fan hope ure okaY

As a person, i am okay, hon. As an spn fan, i am ✨thriving✨. Honestly, all of today i was feeling v giddy and euphoric ❤️

Anyway, thanks for asking, means a lot <3

Veil of Maya - False Idol

Track list:

Lull

Fracture

Doublespeak

Overthrow

Whistleblower

Echochamber

Pool Spray

Greymail

Manichee

Citadel

Follow Me

Tyrant

Livestream

I’ve been a big fan of Veil of Maya for a few years now due that drop dead heavy sound with some progressive styles added to it which made things a bit more interesting. Seeing as they were classified as deathcore it was a shock I actually liked them but I did nonetheless, however when I learned of their long term vocalists departure for creative differences I was quite worried. Hands up I did miss out on the last album which was cited as a departure from their previous work which is what I was worried about, but we shall see what happens from here.

If you can picture a cross breed between Periphery, Protest the Hero and After the Burial, that is the kind of material we are dealing with here which is a tasty concoction of Djent and Metal styles. Definitely got the Djent feeling and that certain walk people have when they are listening to particularly heavy branches of the style which I definitely had strolling through Birmingham to Uni first thing in the morning. This is all well and good however I do think to myself that, I do actually miss the older stuff quite a bit more because we have lots of bands that do similar things on the scene at the moment some of which I am already a very big fan of. I do like what they’ve done here but I just wish that they’d stayed a bit heavier than they have, more towards After The Burial whereas they’ve headed more towards Periphery and Protest the Hero.

I still like them, at a show I would imagine they focus more on this newer style which is a disappointing thought because the energy they brought with their old style was absolutely phenomenal whereas now it’s going to be less aggressive and explosive. I do advise people to check it out because it is a good album but because I was a bit of an older fan I’m just feeling sorry for myself and moping.

[7/10]

The Ruins of Greymail Clanhold

The Ruins of Greymail Clanhold

View On WordPress

….do you watch f1?

I absorb it from people around me