More

kingforaday · 2026-01-31T15:42:46 1769874166

Google shows a samaple of the IOCs but Google Trust Services have issued a number of the SSL certs for those domains that have not been revoked (yet?).

Only looking at the:

- a8d3b9e1f5c7024d6e0b7a2c9f1d83e5.com

- af4760df2c08896a9638e26e7dd20aae.com

- cfe47df26c8eaf0a7c136b50c703e173.com

Looks like a standard MD5 hash domain pattern of which currently there are:

  user@host:/data/domains/2026/01/30$ zgrep -iE '^[a-f0-9]{32}\.com$' com.txt_domains.gz | wc -l
  3005

If you look at some of the others (not listed in Google's IOC), they tend to have a pattern with their SSL certs e.g.:

- 0e6f931862947ad58bf3d1a0c5a6f91f.com

  X509v3 Subject Alternative Name:
    DNS:0e6f931862947ad58bf3d1a0c5a6f91f.com,   DNS:effc538138d9342c547c5df42b03d81e.com, DNS:gulfclouds.site, DNS:xinchaobccgba.net

- 17e4435ad10c15887d1faea64ee7eac4.com

  X509v3 Subject Alternative Name:
    DNS:0dcbdf154c39288c91feb076795715e1.com, DNS:0e8843e8f10f20eeef59f0076e4feb83.shop, DNS:1014a1fb60e1b91404682e572ede6b4f.com, DNS:178281a79266d2faa3e578f23c8a361e.com, DNS:17e4435ad10c15887d1faea64ee7eac4.com, DNS:19f75b2642320e0606f5e38ce9fbcf17.com, DNS:1vxe.com, DNS:292893d0b31941e1c0d8eb01235be4eb.com, DNS:2b1e642f3a60130d1b2cf244891bef0d.info, DNS:354542342b7d2ddb66c97240d0c770dc.com, DNS:37d993ba8c9284bedad2a3177dfc44a6.info, DNS:3857036aaeedf670bbcca926945b50dd.com, DNS:3961f3fa3a6bacc5c4f28e81c60f4169.com, DNS:3eb4b3a3f8722b60d6ba2de7dd5f2523.org, DNS:42a17c71c0d6f2a6d7e135f8e869ab3f.com, DNS:4edd3793da3080640431430a4da57a86.org, DNS:4f5667d51451a2060067a97bcddf077f.info, DNS:5006cc38aff1ebc7d1232037fd592c60.net, DNS:54c35ec930f5b52fd9505778bb9c3f00.com, DNS:60255ec5427c2ba9a80b9c7648dd62e9.com, DNS:638d0e352728a04bb56ca102e54b8c9b.xyz, DNS:69234f9b18c0b4d572dc553dbfdb8f52.com, DNS:6934addf679d79a79f0bfc2ff090b104.com, DNS:694b64c9b41c17a229d92156d14a4ffd4.com, DNS:6eba8c4def89561e1cee02bb3c9b373d.info, DNS:7050f8c6563ff47465932e3838dc06fd.com, DNS:72ad0de0a556f763e0629c64c694df4c.com, DNS:86f7020358afaf71baeee5782b6264e4.xyz, DNS:88f2f20d26dcabeafd2f9d24e7ea4e50.com, DNS:911f4bf053ee3dadae1ca6bfdf40a817.com

would there be any reason any of these would be legitimate?

kingforaday · 2026-01-19T15:47:29 1768837649

If the author sees this, 403 on your services offering: https://fearsoff.org/services/

kingforaday · 2026-01-17T19:33:23 1768678403

Awesome! After I generate, where can I take that super res image and get a high quality photo print to frame?

giarc · 2026-01-19T15:31:44 1768836704

Really depends on country you live in. Just google local printers and email them.

kingforaday · 2026-01-15T18:37:37 1768502257

Coincidence.

kingforaday · 2026-01-05T21:06:28 1767647188

Appreciate the write up. If Claude presents a multi part shell questionnaire (as it does in planning). Would this miss other questions?

  QUESTION=$(echo "$EVENT_DATA" | jq -r'.tool_input.questions[0].question')

kingforaday · 2025-12-26T13:36:49 1766756209

Just like on a piece of hardware that doesn't have a RTC, we rely on NTP. Maybe we just need an NTP MCP for the agents. Looks like there are several open-source projects already but I'm not linking to them because I don't know their quality or trust.

kingforaday · 2025-12-10T21:53:13 1765403593

LSL4 was my favorite.

kingforaday · 2025-12-06T17:28:43 1765042123

If you think about it, they should give the hardware away as a lease to Uber, lyft, taxi drivers and pay them per mile. They are likely going to go the most diverse routes than say you or I that drive to work, home, the grocery store, and the park every now and then.

kingforaday · 2025-12-05T01:05:26 1764896726

Keep in mind dnsmasq has been around for over two decades by that great person, but... all good things come to an end?

kingforaday · 2025-12-03T12:58:12 1764766692

You should look into dnscrypt[0][1]. Easy and lots of options. jedisct1, cofyc, and many others have done a great job over the last decade here.

0. https://dnscrypt.info

1. https://www.dnscrypt.org