I was organizing my photos and ran across this one from last month. It is my desk top at work when I came into work the day after Halloween.
Apparently there was a spider infestation in the office.
I think everyone should get as much sex as they can.
October 23, 2018
[Jodie is my boss.
She has also been known to announce, “This is now a HR free zone.” and say something less that politically correct.
I have an awesome boss in a number of ways (never mind that she once tried to drown me). I’ve never had a boss tell their staff this sort of thing before.—Joe]
We have a relatively new intern on my team at work, Nashwa. She grew up in Texas and speaks fondly of it so I figured she was at least comfortable around gun owners. I had taken everyone else on the team, except my boss Jodie, to the range but not Nashwa.
I have invited Jodie many times. While she expresses great interest she has not found a time slot that works. I give her a pass because she recently finished up training with the FBI where she learned to shoot everything from handguns to sniper rifles. I’ll get her to the range someday but today was Nashwa’s day.
I had the training bay reserved just for the two of us from 4:00 –> 6:00. It turns out she had never fired a gun before. I asked if she was right handed or left handed. “Right”. Which eye is dominant? “Right”. I was a little surprised she knew. My surprise must have shown because she then said she wasn’t sure. I did a quick test and found she was left eye dominant. I first taught her shooting left handed and then part way through switched to right handed for a while. She decided to stay with left handed shooting.
I started her out with dry firing of a Ruger 22/45 Light with a suppressor. She looked like she had it down. But her first half dozen real shots were all high. Nice group. But they were about three inches high at 10 feet. I went over sighting again. Still the same problem.
I fired a few shots. It was maybe a quarter inch low at that range.
We went over the sighting again. “Oh, I wasn’t really looking at what was going on with the rear sight.” Hmm… I’ll have to work on how I explain sights.
I gave her a clean target and she was putting them just below the bulls-eye:
I moved her to shooting a simulated steel match with four targets on one piece of paper and removed the suppressor.
She was getting all five hits in under ten seconds.
Next I gave her Major Power Factor loads in my STI DVC Limited. With essentially the same results. But after a few strings the misses started increasing and getting more and more wild. It was time to go back to the .22.
She still had some misses. Back to dry fire. We needed to end the day on a positive note.
The dry fire looked good. I pretended to put in a loaded magazine and she “fired” again. There was some serious movement of the gun when she pulled the trigger. More dry fire. And then, finally, live fire. She was back to consistent, solid, hits I shouldn’t have let her fire so many rounds through the .40. She was starting to develop a flinch.
After we cleaned up and packed things up we talked a little bit. She had two questions:
We now have a new member in the gun community and a team member at work that fits right in.
Some of my teammates and I were discussing the details of an email we got from someone who claimed they had been hacked. It had a number of conclusions which were absurd on their face and the data they supplied were consistent with an alternate hypothesis which was void of any wrongdoing. Yet, we were inclined to look into it a little bit more…
Joe: What they are saying doesn’t make any sense but it’s all within the realm of standard ignorance.
Caity: I like that phrase, “Within the realm of standard ignorance.” Can I be Queen of the Realm?
Last Saturday Ry and I went to an ASI match at the Renton Fish and Game Club. This was my third and Ry’s first match of this type. We were not happy with a few safety issues that happened with our RSO officers. There was no one in real danger but some rules were broken and contrary to every other match I have been to they blew me off (in a friendly manner) when I gently pointed out one of them.
The match itself was good. The stages were interesting enough yet simple such that beginners wouldn’t have a problem with them. I came in 10th out of 65. If I hadn’t just barely nicked a no shoot target I would have came in 6th. And it annoys me they assigned the penalty as a procedural on a different stage (no difference in my final score). And they also misspelled my name. But that’s minor stuff.
I wouldn’t bothered with making a video but I had invited my team at work to watch and/or participate at the match and Caity told me that she and Kelsey were going to some sort of women’s conference. I joked that the match would be more fun. She joked back that she would take pictures and we could compare on Monday. So… I had to make a video:
Caity took one boring picture. I won.
Today, from a meeting at work (redacted and paraphrased as needed):
Jodie (my boss): Ms. “X” and some other adult entertainers have contacted Mr. “A” and have starting talking. We should reach out to Mr. “A” and get a relationship going so we can correct any false or misleading information he gets from other sources.
[Joe starts smirking]
[Jodie looks at me and stops talking]
Joe: It might be difficult to establish a competing relationship when our competition is a bunch of porn stars.
Fortunately, everyone in the room seemed to think it was as funny as I did and I wasn’t sent to HR for reeducation.
They seem to be legitimate illegal activity.
May 3, 2018
[This was from work.
Devin was researching a business that, essentially, sold stolen goods and had a good reputation with their customers.
This is sort of like an “honest politician” is one which, once bought, stays bought.—Joe]
There are a three new people on my team at work. Two of them have a decade or more of experience in the field and one is in sort of an expanded intern program and is “drinking from a firehose” as she is coming up to speed. A week or two ago the newbie expressed some insecurities about her being able to contribute and one of the experienced guys reassured her and told her about “Imposter Syndrome” and said that he feels that and probably everyone does. Nearly everyone on the team jumped in to reassure the newbie that she is doing extremely well (she is) and had their own little stories about how they feel insecure about various aspects of their ability to do their job.
This is almost the only way I would be interested in watching so I found it sort of amusing… On Sunday I was paid to watch the Super Bowl.
“Why?”, you ask.
My company is considered “critical infrastructure” and our product being functional during the Super Bowl was important enough to devote some extra resources to making sure nothing “bad happened”. I work on the Threat Intelligence team and we needed to “keep our eyes open” for possible threats to our assets before, during and after the Super Bowl.
Our team brought food and drink into the office and watched our cyber sources “with one eye” while the game was on a large monitor at the front of the office.
We had been looking for potential threats for months. While there was a few things of concern early on, in the final few days leading up to the event there was NSTR (Nothing Significant To Report) every day. I was a bit concerned it was “too quiet”* but as a friend of mine said on Twitter:
Last night, I saw a miracle. America, a land divided of many opinions, lifestyles, socioeconomic backgrounds, a land of the colored, the gay, the racist and the homophobes… people of such diversity all set aside their differences to celebrate the Patriots losing the Superbowl.
You are so quiet.
Except when you are blowing up stuff.
January 4, 2018
[Caity is a co-worker. She was in the kitchen filling a container with filtered water when I came in to get a cup of tea. She apparently didn’t hear me as I walked up behind her.
I do frequently try to walk in such a way that my upper body is a stable shooting platform. It’s not as exaggerated as when I’m actually shooting a USPSA match, but it does tend to cut down on the noise.—Joe]
Whenever someone says something to me about “cyber security” being challenging or being a secure job field I give them a 15 second sound bite about how the bad guys are specializing and becoming experts in their field and then selling their services and/or data to someone else. Example, some bad guys specialize in writing exploit code. Others in delivering the code to target machines and extracting user credentials. Others monetizing the credentials. And it so it goes. The dark web is used to, essentially, openly advertise and sell illicit services and products.
It is with that background I present you a with a much more detailed analysis of the costs these “businesses”.
The cybercriminal underground is quite verticalized, with threat actors specializing in particular areas of expertise. It is this distribution of expertise that contributes to the underground market’s resiliency. Similar to drug cartels, once you remove one threat actor or forum, rivals will immediately take its place. As a result, to kickstart a campaign and move beyond a concept to the final execution and substantial profit, a puzzle game has to be completed first.
• A banking trojan license is one of the most expensive elements of a cybercriminal campaign and can be obtained from professional malware developers for $3,000–$5,000.
• Then to intercept banking credentials, web-injects for each target financial institution have to be acquired separately and can cost anywhere between $150–$1,000 per set. In the past year, we’ve seen a significant increase in the cost of web-injects targeting Canadian institutions, offered at the upper-level of the price spectrum, while the cost of malware targeting U.S.-based banks has remained the same.
• To maintain consistent visibility into the entire operation and to control an infected network of computers, bulletproof hosting in one of the unfriendly jurisdictions in China, the Middle East, or Eastern Europe is required. Monthly rental of a web-server in a datacenter favorable to criminal activity will usually cost $150–$200.
• To ensure the consistent payload delivery, and to remain undetected by antivirus products, the executable file must be “cleaned” and obfuscated daily and in the case of a very large-scale operation, several times a day. Such services are available for $20–$50 per single payload obfuscation; however, lower prices can be negotiated for large-volume orders.
• Steady web traffic redirected to the infected resource or email spam campaign are two primary delivery vehicles of malicious payloads. While it’s going to cost $15–$50 to get a thousand unsuspecting people to visit the infected web page, professional spam operators will charge $400 per million of successfully delivered emails.
• Once the malware is successfully planted and banking credentials intercepted, the perpetrator has to work with a chain of mule handlers and money-laundering intermediaries to receive a final pay-off. A money launderer with a stellar reputation and is capable of quick turnaround, will charge a hefty 50-60 percent commission from each payment transferred from a victim’s account. In some cases, an additional 5-10 percent commission might be required to launder the funds and deliver it to the main operator via preferred payment method, such as bitcoin, Web Money, or the Western Union.
• In the case an additional phone confirmation is needed to proceed with a money transfer, it will be facilitated by one of the underground calling services, with prices standing at $10–$15 per each call.
• If an additional document and phone verification are needed to proceed with the money transfer, various supporting vendors are available. A counterfeit driver’s license may be delivered within several hours for $25 while a more sophisticated video selfie will cost $100.
• To minimize the chances of an account holder noticing an unauthorized transaction, to intercept SMS confirmation, or to render an owner’s phone entirely unreachable for the duration of the attack, an email/phone “flooding” can be purchased for $20. However, the cost of a cloned SIM card is significantly more expensive at $150–$300.
Aside from funds stolen from compromised bank accounts, persistent access to an extensive network of victims around the world will inevitably generate a significant residual income.
That which one of my favorite YouTubers says is his “most valuable” firearm is one of my favorite (carbines?) also, and his has one of my favorite creations on it. OK, he doesn’t mention his M1-B optic mount, and doesn’t have an optic on it for the video, but we’ll take what we get.
He had his AK worked over at Rifle Dynamics, which is one of our distributors. They seem to know what they’re doing, and that is something worthwhile.
In a meeting today*:
Josh: I couldn’t read Greg’s handwriting even if you put a gun to my head.
Joe: Has this been tested?
Caity: Joe probably has all the things we need to facilitate such a test.
Josh: Go ahead and pull the trigger now. I’m never going to figure it out.
He needs to change the chant. I just can’t be enthused anymore about, “Ice cold beer.” It should be “HOT. GREEN. TEA.”
September 16, 2017
[Yesterday was the 5th anniversary of our first date and, among other things, we celebrated by going on a white water rafting trip as part of a company morale event. The guide would give orders such as:
There were others, but for the purposes of this story these are the important ones.
To help keep the participants in sync, depending upon the order, we were supposed to chant one of three things in time with our paddle strokes.
Here is a sample:
It got cold. Even though we were dressed warmly we all got chilled and she got cold:
Her suggestion for the change was quite appropriate.
There are more exciting stories from this event but this will have to do until we get the video from when I went swimming in Class IV rapids.—Joe]
I’m the village extravert.
September 12, 2017
Overheard at work.
[I’m on the Threat Intelligence team at work. Caity is one of the analysts. Everyone on the team has a few “quirks”. So Josh, also on the team, decided we should take an Asperger test. Josh scored a 14, Jodie scored a 12, Devin scored a 24, Greg refused to take the test, and Caity had a 17. But Caity said if she wasn’t so social it would have been much higher. She then came up with the QOTD which caused Josh and I to burst into laughter. If you knew Caity you would not be surprised that a few weeks ago Caity was voted the social replacement for Brett on our team.
I stomped the competition within our team on the Asperger test with a 32.—Joe]
Update: Greg finally succumbed to peer pressure (but we aren’t sure if he answered the questions honestly) and scored a 15.
From the office today:
Greg: A woman asked me to kill a spider. I told her no. It was here first. She told me it was her or the spider.
Josh: The spider is still in his house. It has taken over the bathroom. The entire bathroom is filled with webs and it lives in the skylight.
Greg: I don’t respond well to ultimatums.
This story has been told more than once. Caity’s version is:
Josh: So, Greg was dating a woman. She found a spider in the bathroom and asked that Greg kill it. He said no. She said, it’s me or the spider.
Greg: Well, the spider was there first.
Josh: Yea, I’ve met the spider. It lives in the skylight.
Greg: I don’t do well with ultimatums.
Brett’s version involves a discussion of the hotness of the woman and the attitude of the spider versus the attitude of woman. It turns out that the woman was “hot” but the attitude of the spider won out overall.
Joe: Actually, I always thought it would be more fun to be a girl scout.
Caity: Because of the cookies? (She knows about my sweet tooth).
Joe: No. Because of the girls.
Today our building was evacuated for some unknown reason for a few minutes. Via text messages:
Josh: I got coffee, is the building still quarantined?
Joe: Only for you. The rest of us are at our desks.
Brett: Greg decontaminated your workstation. Land mines have been removed. You can come in now.
Nearly everyone I work with is a shooter. I have two peers. One was in the army for several years then helped build targets for Boomershoot this year as well as participate. The other has more NFA toys than he is willing to tell me about. My lead is former special forces. My boss is a former cop. His boss, our director, and her husband have helped make the targets for Boomershoot for the last three years as well as participate.
There was one exception. The intern. Caity’s last day as an intern will be next week. After a break she will return as a full time employee in August. She did well as an intern but there was a flaw. She hasn’t done any shooting since she was 10 or 12 years old. And it wasn’t that much.
Today, we set out to fix that flaw.
I started her out with some dry fire and she was rock solid. No jerking the trigger, excellent follow-through, and she picked up the mechanics almost instantly.
I put her on a suppressed .22 pistol with slow fire at about eight feet. She was nailing it with about a 1” group. Okay, 12 feet. The group size increased some but still well within the black of the target. Okay, 20 feet. Still in the black.
Okay, let’s try something else.
I removed the suppressor to reduce the inertia and put the target at about eight feet. I had her starting at low ready and then put one shot on each of the four bull’s-eyes. Her splits were probably 1.5 seconds and she was still nailing the targets. She shot magazine after magazine and kept the shots all in the black with the splits decreasing into the sub one second range:
I got out my powder puff loads for the .40. She couldn’t hold the gun firm enough to get reliable cycling but said the recoil wasn’t a problem so we tried a couple rounds of major power factor. She shot those just fine. No recoil issues. So, I gave her a full magazine.
Start at low ready and put one shot on each target…
Still almost exclusively in the black with the splits again approaching one second:
Okay. She’s a keeper for our team.
[Arthur suddenly laughs uproariously]
Gloria: What’s so funny now?
Arthur: Sometimes I just think funny things.
Barb does this too, perhaps even more frequently than Josh. And they, unlike Arthur, are not drunk when this happen.
They both spontaneously, without any apparent external input, burst into laughter.
I like that.—Joe]