Tl;dr: owning and pranking other people with a wireless mouse is hacking and illegal.

Okay, so I wanted to fuck around with some people one day so I decide to bring a usb wireless mouse to my secondary school.

My first target was my science teacher (was a bitch). I got into class before everyone else and plugged in the small usb receiver then sat down and pretended as if nothing had happened. The lesson starts and here is where the fun begins. Her screen is projected onto a whiteboard so I could see what she was doing. Under the table I had my mouse and every time she tried clicking a dialogue, I would move the mouse ever so slightly so she would miss. After a couple of times, she started to get suspicious, maybe even slightly paranoid; my friend keked. I never got found out by that teacher.

Fast forward to next lesson: I already planted the receiver in my next victims pc. The victim was a bitch I hated so much at the time. She would used to bully me to an extent and was a loud noisy bitch. I really didn't like the person. I digress. When the time was right, I went to her folder, highlighted all her files, right click, hover over delete. But I wasn't so shallow to delete her stuff. That's not the person I am. I guess it was more of a threat really. But the teacher saw what was going on and she saw my wireless mouse and connected 2 and 2 together. She called the behaviour people, removed the reciever and the mouse from me.

Within a few minutes, I was in a room on my own talking to this woman talking about how hacking is bad/illegal and she knows I'm into it etc. But I wasn't hacking? I did no damage and was pulling a prank. Bitch didn't listen to me. She made me sign this document which said that if I fuck around with computers, I could be expelled and I won't be allowed to use to computers again or use them with many restrictions.

I didn't really care. To this day, I still don't have my mouse back. :(

Downloaded Kubuntu because i couldn't seen to be able to boot from a freshly created KDE Neon bootable usb.

Installed it onto my netbook (Lenovo Thinkpad X121E) and it worked great!

But just the fact that somehow the installer froze when trying to setup hdd encryption kept bugging me.

Took a random flash drive which was laying around and put it in to see what would happen. KDE Neon booted just like this and everything worked very well with hdd encryption.

I now have a very secure netbook 😊

!rant && sarcasm

For a long time now I've been trying to convince people to use secure communication. I'm used to getting called "paranoid", but the killer phrase always was (and still is): "Why do you want me to encrypt my communication, I HAVE NOTHING TO HIDE, so I don't care who's reading it" - "It's not about hiding something, it's about private stuff staying private" - "Yeah, whatever"

"I have nothing to hide". That always killed the conversation... until I asked them to hand me their phones, unlocked, for 5 minutes.

"No" - "Why? I thought, you had nothing to hide and don't care who's reading it?" - "Uhmmm..."

More and more people around me are popping up in my Signal contact list.
Looks like they suddenly care a lot about private stuff staying private </sarcasm>

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

Update:

The wasp is still alive.

I walked in today to find the damn buzzy mother-earth-fucker on the window. It doesn't have much energy now, and I didn't let it out because mofo got the chance a million times over to just leave me the fuck alone. So I just let it be. no idea where in the lab it is hidden now, and the robots will watch him all night, every night.

And you know what, I'm not gonna open the damn window for it ever again.

(Sat in my hoodie, wrapped, the whole day and was paranoid about it flying and sitting on me, but the war is on. He won't get out of this lab alive. )

Very eventful day, please see enclosed several smaller rants.

===================

My college's systems are shit and not only do they use HTTP for everything, even the stores and financial aid purchase system, they have homebrew JS shit for PGP site encryption (nifty...), but they exchange the PRIVATE KEYS instead of the public keys. Over HTTP. Not even HTTPS. Also if you log in more than 10 times in 24 hours it's supposed to lock you out of your account until you call... except it locks EVERYONE out. Found this out when on campus, trying to get my textbooks, when suddenly everyone had login lockouts because i'm a "paranoid bastard" and "afraid of idiot college students" for not telling a PUBLIC PC to remember the one password (enforced by password auto-sync across all their shit, not ideal, no) guarding my SUPER-SENSITIVE FINANCIAL AND ACADEMIC DATA... among the other hundreds of issues this college has. I now see why this college is the only one I can afford...

===================

Can't pass-through raw DVD drive access to VMs as VM managers crash when I try (yes, even QEMU...) so i've gotta install Windows on a shitty 80GB laptop HDD for literally one quick project. On the bright side, if my theory proves correct, you'll no longer need modchips for PS2s.

===================

Found a couple odd lines in my xscreensaver config:

GetViewPortIsFullOfLies:False
nice: 10
pointerHysteresis: 10

the first 2 I can't seem to figure out what do, and the last taught me a new word. Fun!

===================

that's it, it's over, why are you still here

I really need to vent this out. I don't know if the person I chatted last night is in some danger or not.

I recently got to know her and I had plans to collaborate on some projects with her.

She messaged me asking for a solution to a bug she faced and I was trying help her figure it out.

As I suggested a solution for her to try, she decided it was time for her to take her little dog to walk and told me she will check it right and let me know right after coming from walk.

It was already late in the night and I mentioned it to her. She responded like it was usual thing for her to go for dog walk at night but I'm kind of worried now since the city she lives in is infamously known as the rape capital.

She hasn't seen the last message I sent and there is no reason for her to keep me in the dark.

I had a hard time not being able to sleep because of my mind thinking of the worst case scenarios.

I don't know I'm just being too paranoid or if I should get someone to check on her.

I really hope she is back home and simply forgot to message me or something.

!rant !dev

I was just on my way to work back from the University cafeteria when a guy in a black car - who I thought was moving the car out of a parking lot - stopped the car and asked if I had a second.
Naive me, thinking he might need directions or something decided to listen to him.
He looked older, around 60ish, with sunglasses on ( making it harder for me to read him).
He said that he had a stroke (or something) a few years ago and got damage to his brain, so that sometimes it can happen that he would faint. Therefore, he cannot go swimming unsupervised, and was asking if I would have the time to accompany him to the university lake, so that he could swim for an hour or so. He offered to pay me 40 bucks.
Me, being paranoid af, declined politely, saying I have to go to work ( which was actually true).
He goes on to say how he was a teacher, how he worked at the university before, how I look trustworthy, how I am the first person he asks today, and asked if he could have my number, so that he could call me sometime to supervise the swimming. I would just need to look out for him not to drown and if anything looks weird I should alarm the people working at the lake ( lookouts? not sure what they are called).
I kept declining politely and he backed off, letting me go without any fuzz.
Previously he also mentioned how some students are rich, others are poor, and how he would have done anything for 20 bucks back in the day. But also said that he accepts a no and won't bother me further.

He also mentioned he wouldn't lay a hand on me, that he is not a creep, since I could see his car and license plate, and if I gave him my number, I would also have his. That I shouldn't worry about anything, if I later decided to say no he would delete my number, and that he is not big on the technology and Internet so nothing would happen.

Uhh... well if he was genuine I'm sorry for him, but then you can just ask authorities at the beach to pay more attention to you, no?
Mentioning "all my worries" raised a red flag for me sort of.
Also, if you keep on fainting occasionally, even if you haven't fainted in 2 years, how are you allowed to drive? Or actually, why do you even drive then?
I don't know. The more I think about it, the more I think I should have taken a picture of the car or license plate.
And there are literal services for this kind of thing. Pretty sure you can get one of these if you are willing to pay even.
Jeez now I'm worried for the entire population of my university...

No actual data loss here, but the feeling of data loss.

After having my data scattered across several devices i decided to get a grip on it use a cloud. I'm too paranoid for a real cloud so i used a local nextcloud installation. That was done via docker and with a 2TB raid1-array.
I noticed that after restarting the server the cloud was somehow reset and pointed me to the setup-page, afterwards my files were already there. It did strike me as odd but i figured "maybe don't restart the server in the next time".
But i did restart it. And this time i had to setup the cloud again, but my files were gone. I got close to a heart attack, even though all those files weren't that valuable. I ripped one disk from the usb hub, connected it to my laptop and tried to mount it, but raid array. Instead i started photorec and recovered a bunch of files, even though their names were some random hex and i knew i'd spend my next weeks sorting my files. While photorec ran i inspected the docker container and saw that there were only 10GB of space available. After a while and one final df i found the culprit: the raid. For some reason the raid wasn't mounted at boot and docker created the volumes on the servers hard disk, same goes for the container data. After re-adding the disk to the hub i mounted the raid and inspected everything again. All my files were still there.

At no point did i lose my data, but the thought was shocking enough. It'd be best not to fiddle with this server in the next time.

Let's be honest - given the state of the world today, the more I listen to Megadeth, the more I relate to what Dave Mustaine has been pissed off about for a few decades now. Oh, you don't know who Dave Mustain is? He was, like, the 5th guy in Metallica. Rather, he was the bass player until he got fucked over because he was a dick and thrown off the first album Metallica did. Don't worry - he did OK. He formed Megadeth and still had quite a successful musical career. Why am I ranting about him? Simple - A lot of his lyrics are darker than Metallica's. I honestly don't know what the fuck I'm doing with my software/personal/professional life right now. I've got ideas & dreams, but all this COVID shit is just draining the fuck out of me. Sometimes I feel like I've failed - most of the lifeforms on this planet manage to procreate. Well, that didn't happen for me. On the down side, I didn't get to be a father. On the up side, I didn't punish the life of a child with my own brands of mistakes, ignorance, and stupidity. My life is littered with male failures. My biological father (paranoid, schizophrenic ) died at 58, doing everyone around him a favor. My grandfather on my mother's side died of colon cancer at 69 (so-called reformed alcoholic, manic depressive on lithium with great abusive tendencies). My step father who adopted me? Sure - he loved me. He just never understood me. "Computers are just a tool". Fuck you, 'dad'. Go play with your horses and tell me what I'm doing isn't meaningful. Where was I? Oh yes, almost killing myself last summer. I think between COVID and my own colossal screw ups & paranoia I went over the entire fucking edge. I pulled myself out of it with the help of medication, counseling, and learning to just let shit blow up because "it's not my problem". I'm still angry. Perhaps that's the only thing that keeps me going from time to time. I'll leave you with a quote from Ghandi - No, not that idealistic, limited one, Mahatma Ghandi. From his grandson, who managed to really pick up what he was putting down - Arun Ghandi:

“Use your anger for good. Anger to people is like gas to the automobile - it fuels you to move forward and get to a better place. Without it, we would not be motivated to rise to a challenge. It is an energy that compels us to define what is just and unjust.”

I'm in a big fat fucking stinking rut, as in progress on this project has absolutely stagnanted.

Gonna rubber face your duck now **UNZIPS** excepts I don't have zippers, as joggers are the one true way; fake Adidas til I fucking drop.

Brain damage aside, I understand both how I've layed out the data and what I'm supposed to do with it. We have a virtual machine, an array of instructions and arguments for a given process within it, and we need to walk this array and map values to registers.

We also need to spill values inside registers to stack, IF they are required at a further point within that block. This also isn't terribly complex. We simply look forward in the array and see if the value is an argument to any instruction that *needs* this value to be loaded (ie, within a register).

So this implies multiple iterations; we need to better understand how one particular value is used throughout an F before we can make a final decision on how many registers and stack space are actually needed for the whole block.

Here's where it gets tricky. If there's a call, we need to be certain that the symbol being invoked has already been fully processed. Besides the obvious fact that recursion fucks me up, there's another matter: say a private method gets invoked by another private method. We can take advantage of this, by which I mean, sacrilege incoming so put on this toga.

Looking at the output for C compilers, it would seem this is not done in practice, I would assume because it's a pain in the ass. But when you have the guarantee that F will only be called internally, as that's what "private" means, there's two ways it can go:

0. It's well below the 13-20 cycle threshold, so you inline the fucker. No suprises there.
1. It's a more involved affaire, and invoked in more than one place, so you don't inline it. Codesize matters.

Recursion and [1] are the big deal things holding me back. Not because it's too hard, like I said this is kindergarten level abstraction. I'm just slow and fanatical, which is how I prefer to spell "constant obsessive paranoid delusions". I can see the potential optimization I can pull here, so I'm stuck trying to figure it out.

Idea would be, handling the register allocation and stack spill for an internal-internal (or deep internal; what we like to call a "guts" method) in synchronization with the *calling* processes. This is, fundamentally, violating all conventions -- but so under the hood no one will notice.

Let me give you an example. If we were to pass some value to a function, expecting to mutate it and get a different value back, in a lot of cases it'd be stupid to make an implicit copy by using two registers, one for input and another for the output. Dude, it's one cycle. Multiply it by a million, say sixty times per second, for every time you __needlessly__ make a copy of a value that we've already stated is mutable.

Clearly unacceptable. This is, in the strictest sense, everywhere in every single codebase. Premature micro optimization is the root of all goodness, God is great and praiseworthy. So how do we go about it?

Answer is I know and I don't know. By which I mean to say, this very thing I've done by hand. Assembly is fun. Now the issue is teaching a calculator how to do it. Not so fun.

There is a dependency chain between processes, as I believe I've kind of alluded to. I'm trying to make decisions on the side of the caller depending on the details of the callee, which is why recursion is rawdogging my soul. This is the same situation, it's inverting the direction of one or more links in the dependency chain, which makes no fucking sense.

And yet it does.
Brain, explain yourself.

How do *you* handle this without crashing?
Brain?

<<ME STEWPED; BEEP-BOOP>>

Alright then, that was a useless attempt at fuckery. Let's have a nap then, maybe it'll come to me in the morning. That's what I've been saying to myself for almost a month now.

Perhaps it is a hardcoded fuk.