The Password Reset MitM Attack

An interesting approach to a Man-in-the-Middle Attack against a Password Reset System

The PRMitM attack exploits the similarity of the registration and password reset processes to launch a man in the middle (MitM) attack at the application level. The attacker initiates a password reset process with a website and forwards every challenge to the victim who either wishes to register in the attacking site or to access a particular resource on it.

Source: The Password Reset MitM Attack

The processing of Group Policy failed because of lack of network connectivity to a domain controller

After some recent infrastructure changes, I noticed that certain group policies were not being applied due to network connectivity lag as a result of how our systems were setup. To resolve this, I stumbled on a post that describes a Group Policy setting that can force the computer to wait for full network connectivity before logon.

To enable this setting:

  1. Open the Local Group Policy Editor
  2. Expand Computer Configuration
  3. Expand Administrative Templates
  4. Expand System
  5. Expand Logon
  6. Enable the Always wait for the network at computer startup and logon setting
  7. Restart your computer

O.C.E.A.N

Ed Sutton on the dangers of big data and how everything we do, online or offline, leaves a digital footprint behind. He describes how every purchase with a card, every search, every movement with a smart device and every social media interaction (Likes, Retweets etc.) get stored. When used in aggregate, this data reflect a social and identity fingerprint that uniquely identifies you and furthermore can predict your behaviors and responses.

The Big Five: Openness (how open are you to new experiences?), Conscientiousness (how much of a perfectionist are you?), Extroversion (how sociable are you?), Agreeableness (how considerate and cooperative are you?), and Neuroticism (how sensitive/vulnerable are you?). With these five dimensions (O.C.E.A.N.), you can determine fairy precisely what kind of person you are dealing with—their needs and fears as well as how they are likely to behave.

Source: Trump Knows You Better Than You Know Yourself

Decisions are Made by Those Who Show Up

Mikey Dickerson, Administrator of the U.S. Digital Service, says farewell and reflects on the importance of building a tradition of service in his post, You’ll Never Be The Same Again.

One of the references in his post, which resonated with me, is a quote attributed to Steve Jobs:

Life can be much broader once you discover one simple fact: Everything around you that you call life was made up by people that were no smarter than you. And you can change it, you can influence it…Once you learn that, you’ll never be the same again.

At the end Mikey concludes with the endless opportunity to get involved in public service. However, his words hold just as true in any other context.

Don’t wait to be asked … Decisions are made by those who show up.

How To Avoid Task Saturation

J.D. Meier talks about three solutions on “How To Avoid Task Saturation”, checklists, cross-checks and mutual support.

Solution #1: Checklists

The key here is the checklists are vital to reducing overload and helping remind you of key actions.

I’m a fan of checklists, not only because of how it helps avoid task saturation, but also because if implemented and used correctly, it has proven to be a great tool at removing inefficiencies in processes. Atul Gawande’s, The Checklist Manifesto, provides a number of examples on how various industries have successfully implemented checklists as a method to getting things done right and at the same streamlining complex processes.

Source: How To Avoid Task Saturation