Husband, Dad, geek, IT Security Researcher, Ethical Hacker, DFIR / Blue Team, Runner, Pessimistic Villa supporter. Trying to do the right thing
Joined April 2010
- Tweets 4,878
- Following 4,168
- Followers 832
- Likes 7,764
71 Photos and videos
Rob Gasior retweeted
Jun 12
Breaking? We were all discussing this yesterday dude
8
4
406
24,141
Rob Gasior retweeted
May God release me from AI images of Nigel Farage on Question Time
540
2,026
23,423
524,515
Rob Gasior retweeted
Jun 6
> be Zuckerberg
> needs AI everywhere (apparently)
> lays off a bunch of employees
> replaces with AI
> fast forward
> AI is dog shit
> AI tricked into stealing accounts
> try to fix
> fail like 5 times
> product now leaking CEOs PII
AI truly is the future, wow
90
646
8,720
264,897
russia invaded Ukraine - Ukraine is defending. Anything bad happening to them is their own fault. That is called consequences.
Who cares about their bullshit reasons or goals - it was horrible, continues to be horrible, and russia can stop any time by going home
2
10
108
Rob Gasior retweeted
TeamPCP has been quiet, so I guess the supply chain attacks are finally ovβ
Oh.
7
2
91
8,327
Rob Gasior retweeted
Jun 5
I hate people, places, and things right now. I'm trying to make it to 5pm without exploding.
6
1
13
563
Rob Gasior retweeted
Jun 4
The voice and wisdom of Sir Alex Younger π¬π§ will most certainly be missed. RIP
9
57
404
28,705
Rob Gasior retweeted
May 29
TeamPCP said they hacked(?) / will hack @Dynatrace π
And I wonder - is there anyone from the Dynatrace security team knowing about this and monitoring/ rotating keys?
Also, did anyone find clear indicators for this? My monitoring tools and research didn't come up with anything
3
3
23
4,065
Rob Gasior retweeted
May 24
Security budget unlocker service:
You Venmo me and give me credentials of a random employee, and I cause a relatively minor yet threatening incident that gets leadership to immediately approve the extra headcount youβve been begging for
31
14
319
27,192
Rob Gasior retweeted
May 23
international cyber digest yet again, asking for ins and then planning to post with 0 validation, thats not how journalism works. #Teampcp #teampcp credit: @intelkink we should work as a community to expose fraud in journalism >:(
12
9
84
6,067
Rob Gasior retweeted
May 17
Chompie of IBM X-Force Offensive Research (XOR) used a race condition to escalate privileges on Red Hat Enterprise Linux for Workstations, earning $20,000 and 2 Master of Pwn points. The π
5
41
661
97,700
Rob Gasior retweeted
May 13
Boring IT/cybersecurity skills that give you a huge advantageβ¦
Active Directory Administrstion
32
74
1,239
88,587
Rob Gasior retweeted
May 14
RTing for visibility...
May 13
If you've been laid off from a cyber threat intel position and would like to come to @SLEUTHCON this year, please reach out.
1
2
132
May 13
So i think i just had the worst cyber sales call for a while, i wont name and shame, but the guy said he was from the only cyber security firm in the UK, and was trying to shill some SIEM validation too, really didnβt seam needed when you have a Threat Hunting Team,
38
Rob Gasior retweeted
May 13
Some entity within the cyber world has the authority, access, or ability to perform any action an attacker desires to perform. The attackerβs goal is to assume the identity of that entity in some fashion.
Parks, Raymond C., David P. Duggan. βPrinciples of Cyberwarfare.β
3
15
35
7,523
Rob Gasior retweeted
May 10
"History made in the Dark".... This is absolute FUD farming and a stain on the cybersecurity community. I use to this this had value, but now its just clickbait slop.
1
2
18
3,263
do you understand what just happened to your computer..
Google Chrome secretly downloaded a 4GB AI model onto your device. Without asking.. Without telling you..
It's called weights.bin. It lives deep in your system folders. It powers Gemini Nano - Google's on-device AI.
And if you delete it? Chrome re-downloads it automatically. Like nothing happened.
Just Google deciding your hard drive is their storage unit.
At 1 billion Chrome users - that's 4 BILLION gigabytes of data pushed silently across the internet.
The carbon footprint alone equals tens of thousands of cars running for a year.
Check your disk right now:
π %LOCALAPPDATA%\Google\Chrome\User Data\OptGuideOnDeviceModel
To stop it: chrome://flags β disable Optimization Guide On Device Model β restart Chrome β delete the folder.
Reshare so people know what's sitting on their computers.
Google Chrome is quietly downloading a roughly 4 GB AI model to many usersβ computers without clear upfront consent.
The file, called weights.bin, is part of Googleβs Gemini Nano on-device language model and lands in the browserβs user data folder under OptGuideOnDeviceModel.
It powers built-in AI tools such as βHelp me write,β smarter tab suggestions, on-device scam detection, and page summarization. The download triggers automatically for devices meeting minimum hardware requirements, and Chrome often replaces the files if deleted.
While the model processes data locally, installation happens in the background with minimal notification.
The scale is noteworthy. Hundreds of millions or billions of installations add up to thousands of tonnes of carbon emissions globally from data transfer, even though each is a one-time event.
To prevent or remove it, go to chrome://flags, disable the entries for the optimization guide on-device model and Prompt API, restart the browser, and manually delete the folder.
1,259
18,249
54,483
4,539,014
These IDM records pushed the limits of studio-based experimentation. disc.gs/3Z01cHO
ALT Aphex Twin Selected Ambient Works β85-92 (1992)
ALT Squarepusher Hard Normal Daddy (1997)
ALT Autechre NTS Sessions 1-4 (2018)
ALT Boards Of Canada Geogaddi (2002)
12
91
831
36,109
Rob Gasior retweeted
May 1
we live in a world of hype, grift, nonsense and insanity. I am a massive fan of technology. I am not a fan of overhyping things.
6
4
41
970
Rob Gasior retweeted
May 1
See my response. This is correct. It is π― a compliance issue.
Most orgs have a lot of incidents. Its not about detection only. You need to be able to respond and govern too.
There's a lot of people in infosec who need experience in business to better understand other reasons you need logs.
In business, you have contractual obligations, regulatory obligations for records keeping and digital ledgers, compliance policies from frameworks that govern the organanizatiin to make regulatory obligations easier, regulatory audits, compliance audits, other types of audit.
>99% percent of the logs are not used detection, they are used for response. If you cannot show your incident RESPONSE plan to auditors, you will not pass audits.
May 1
But >50% logs are never used, in any detection.
Ingested for compliance.
6
3
19
2,247