https://cjc.imThe office of CJ Cleggman2024-03-19T21:16:23.643785+00:00Carl Cleggcarl@cjc.impride-ssghttps://cjc.im/2023/10/18/A-breath-of-Fresh-air-from-RSS.htmlA breath of Fresh air from RSS2023-10-18T00:00:00+00:00I've recently made yet another attempt to reduce my browsing habits and use RSS again more. It's such a nice breath of fresh air.
I need to fix the RSS generation in the static site generator I use (which is a really shitty python script and some script files that have gone through so many bad ideas I don't even know how any of it works any more).
The problem is none of the body of these posts is in the RSS feed, and I have found that the best ones do indeed do this.
Something to work on...
2023-10-18T00:00:00+00:00https://cjc.im/2023/10/19/RSS-Fixed-(maybe...).htmlRSS Fixed (maybe...)2023-10-19T00:00:00+00:00I think I've managed to get the RSS to start displaying the content, alenough I am not sure if the new lines are working, and it also looks like it's just showing the markdown from the source files.....
Also I have seen a cool project that has attached a thermal printer to a website as part of their guestbook and they even have a [live stream](https://guestbook.goodenough.us/thanks) of the printing, hours of fun!
Just watching a LIVE change of thermal paper, what a time to be alive :D
_edit_: It looks like newlines are still not working and it is doing some shenanigans with the markdown, something to improve another time.
2023-10-19T00:00:00+00:00https://cjc.im/2023/10/23/The-Cyber-Wallet.htmlThe Cyber Wallet2023-10-23T00:00:00+00:00One of the projects that I've started and gotten to a usable state recently was _"The Cyber Wallet"_.
This is a [USB Rubber Ducky](https://shop.hak5.org/products/usb-rubber-ducky) type device that performs USB / Mouse injection attacks against a host computer. I own an older USB rubber Ducky, but do I ever carry it? or can I be bothered to deal with compiling the payloads? If you guessed no to both of these then you would be correct.
So to make sure I always had this with me, I took something I always carry with me, my card holder / wallet, and added some cyber-ness to it. Using a Raspberry Pi Pico, an SSD1306 128x32 OLED screen, and some cheap tactile buttons, you can select a payload (or as I call it a card....) from a list.
The scripting language is very similar to the hak5 product but with some changes to allow any radical ideas I had to come alive, such as using the buttons as part of a payload.
An example card would be:
REM Hello World
DELAY 0.5
MOD4 d
MOD4 r
RTYPE notepad.exe
SLEEP 1
RTYPE It looks like this is working, good bye!
SLEEP 1
CTRL w
TYPE n
This would be targeting a windows host and would minimise all windows, run notepad, type some text, then close without saving.
You can also include other cards as well which allows for some modularisation. I need to spend some time updating the documentation over at the [Github Repo](https://github.com/i-am-cjc/CyberWALLET) as that's always the last thing to get updates.
2023-10-23T00:00:00+00:00https://cjc.im/2024/03/02/Real-threats-to-Real-People.htmlReal threats to Real People2024-03-02T00:00:00+00:00or; I rant again about the industry...
Recently, a family member had their email address compromised. What transpired afterwards was dread, panic and a realisation for them that their email address is the key to the kingdom.
Working in the information security. or _CYBER SECURITY_, industry for the best part of a decade means that the above is obvious. But to a regular person who doesn't really give a shit about this sort of stuff it isn't quite as clear. Infact, the general response is "Why would anyone target me!?".
The cyber security industry is awash with threats from AI being the hot topic, but really, why not focus on the basics rather that the next fucking hype wave!? All these companies getting ransomwared has nothing to do with AI, it's lack of patching, or no MFA on accounts. Can we just NOT focus on the nonsense and focus on the real threat? please?
And then, people might start realising the important things rather than focusing on "Business robbed of millions due to AI voice cloning" instead of the reality of what is actually going on...
Yeah?
No.
Had enough of this...
2024-03-02T00:00:00+00:00https://cjc.im/2024/03/19/time.cjc.im.htmltime.cjc.im2024-03-19T00:00:00+00:00I have a new $dayjob, and this requries timesheets.
"Excellent", I think to myself as I come up with a micro-project to make a simple append only log thing to track my day so at the end of the week I have _some_ idea of what I've actually done.
I ain't no developer anymore, so I make a single html page with some shitty javascript to make this simple for myself.
It works, I use it for !$dayjob testing it. It only uses local storage in the browser, and you need to copy and paste it somewhere to save it.
I come to try and use it at work, and it's blocked by the _fucking_ web proxy.
I guess I can copy the html file to the corpo machine...
It's hosted [here](https://time.cjc.im).
2024-03-19T00:00:00+00:00