Friends don't let friends get EC-Council certified.

I'm a metalhead. Not American counter culture metal. I need quality story telling, melody and harmony, speed, and a strong beat. Bands like Iron Maiden, Helloween, Edguy, Dragonforce, etc.

Tonight, I discovered a completely different genre: hardstyle. I'm hooked.

I should test every non-alphabetic character one-by-one and find out which work, and which don't.

I already know "-" doesn't work, and "!" does. 2 down, 30 to go.

Meh. I've got other things to do.

Just so I'm not missing anything, this is the password requirements that are being communicated.

1. "Special characters" means only "!".
2. Change password error says 20 character max.
3. Requirement say 60 character max.
4. 80 characters works.
5. The CAPTCHA is a lie.

Show thread

Ah, there it is. It appears that the only special character that works, is "!".

$ tr -cd 'a-zA-Z0-9\!' < /dev/urandom | head -c 43; echo
aULDt!oZaEWspUk9hQZL!J!J7HFXIwSRNf79Ss!7mCY

Show thread

Trying this time in a vanilla Microsoft Edge in Windows 10. Let's see if a CAPTCHA exists.

Nope. Further,

XqTm-54ZUxkKJAi

Doesn't meet the password requirement policy of:

"password length should be 8-60,at least contain a lower case letters(a-z), and uppercase letters(a-z),numbers(0-9) and special characters."

(Grammar and punctuation errors theirs)

Show thread

fapnaj-8iKjit-fufbit-xagsyv

Doesn't meet the password policy.

* lowercase
* uppercase
* digits
* special characters

C'mon EC-COUNCIL, get your shit together.

This is all sorts of broken. If I do a 20 character random ASCII base-94 password, it tells me I am not meeting password requirements.

E.G.: :@,/BkE)Z4xKc~_)M@6E

If I do a 60 character random ASCII base-94 password, it tells me I need to complete the non-existing CAPTCHA.

Show thread

When you get the confirmation that you passed your exam from EC-Council, you setup an account at their ASPEN service.

It won't let you paste in a password from your password manager. You either have to type it in manually, or let the browser auto-fill.

aspen.eccouncil.org/Account/Pa

Curious if the NSA will ration their water use in Bluffdale, due to our extreme drought.

From 2014:

"Estimates have ballparked the water usage ... around 1.2 to 1.7 million gallons every day..."

If we're grass shaming, we can start here.

archive.thinkprogress.org/nsa-

"Frameworks such as ATT&CK and D3FEND provide mission-agnostic tools for industry and government to conduct analyses and communicate findings."

nsa.gov/news-features/press-ro

started becoming a thing on Twitter, as there were at least 5 other blog posts by different authors in the community that were found to be plagiarized.

So what did EC-Council do? Take down the entire blog of course!

Is it just me, or does that also tell you they're afraid of discovery?

Here's their statement regard the plagiarism. It's as hollow as you would imagine.

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.