Post

FUD Fighters 2 : 2Fast 2DNS

Posted Updated
By
8 min read

1

Scene begins

Jndy Aenkinson is speeding along the road in his Custom TLS1.3 trying to outrun the security professionals who constantly disprove his snake oil.

Camera turns and pulls

A man driving a car towards him slams on the anchors and slides to a stop blocking the street.

Jndy slams on the brakes as the man steps out and raises his foot slamming his boot to the hood of his Jndy’s TLS as it slams to a halt.

Jndy is confused, he looks up and sees a familiar face grinning back at him

“Jndy Aenkinson” the man says in a gruff voice as Jndy steps out the car and responds. “Fallister”.

The men shake hands a-la Butch and Dillon in Predator, arm muscles and veins flexing

“I have a job that needs doing” says Fallister.

“DNS Snake Oil?” responds Jndy

“Grandstanding.” smiles Fallister as the veins and arms flex further.

Fades to dark. Scene Ends

So, it’s been a while.

I am mid OSCP study and I find myself, distracted, and in a rut. A rut filled with Snake Oil peddlers and grandstanding, self congratulating supposed C Level Execs.. bleh.

I mean, holy shit, Bowling for Soup were right ‘high school never ends!’.

You would think as the years have gone by and the times have changed, things would have been different. Nope. still this thing:

2

poop goes down, arseholes if you look up.

It’s a funny old world isn’t it.

The point of this post

Well it isn’t much of a hop skip and a jump to see my account died for a little while (aforementioned study time), I set myself to ‘away’ and got cracking… Truth be told though, I missed people, and I follow some truly amazing professionals on this network. People who pick people up when they have fallen, people who inspire and push others to be better, truly it can be a wonderful place.

But then you can’t have fun without consequence.. Enter ‘Mr. DNS’ again.

3

Just pretend I put Mr. DNS,, its 3:55 in the god damn morning.

My previous article on this highlighted the dangers of the Snake Oil Salesman and what to look out for… now he’s got more friends in ‘high places’ hahaha, I’m sorry, it’s not high places, they are all ‘self worth’ CEOs and CTOs, VCIOs etc etc that don’t dare put their company in their headline for fear of people knowing who the actual boss is… these ‘lofty’ C-Level executives all with too much money and too much time on their hands to do dumb stuff and sell oil.. Annoyingly some are good people and they are caught in a trap they can’t see and aren’t sure what’s on the outside (It’s freedom, escape!).

These ‘lofties’ are always feeding, well to be blunt, crap, into each others positive feedback loops, making the churn of faked popularity and looking like they know everything about everything while also making fun of the people under/lesser than them to make themselves feel better.. ah yes checks notes “Grandstanding”.

noun: grandstanding the action of behaving in a showy or ostentatious manner in an attempt to attract favorable attention from spectators or the media. “they accused him of political grandstanding”

This has gone on for too long, it’s not about misinformation or disinformation anymore.

This new movie, the turbo charged sequel to my last post is about twisting words, crafting artworks that pose themselves as both the subject and the painter, infallible, always correct and dismissive of any negative words in ‘their world’ even going as far to remove posts/comments/people.

It’s the internet,, you can’t hide shit.

What’s really interesting studying this for just a few days lightly (seriously maybe an couple hours cumulative, If this was my full time I could rip the DNS right out of you Kali Ma style) You can see where things get shut down and nipped in the butt even flat out ignored when it doesn’t fit and they know they can’t get the last word in.

You can also see where people have picked up on a certain ‘hot button’ topic or phrase and begin parading it around in an almost parody but absolutely being a grandstanding asshole way.

Another interesting thing you see is, they always have screenshots, or claim to have screenshots. A paper trail that is some kind of blackmail that can be held over you, and then gaslight you or threaten your career or employer… don’t buy into it… It’s just another technique to force you to play their game.

I feel I speak for everyone that is to afraid to stand up and say ‘Fuck your game’.

4

Where are you going with this Dan?

Well because it started with ‘Mr. DNS’ and people rushing to protect him, it’s time to peel back another layer of this Glass Onion that is Snake Oil - Misdirection.

Why would I call this misdirection, two reasons really. They have the thing they are loosing (public opinion) in one hand. In the other hand, they have their escape plan, carefully snipped segments of quotes and words in an almost ransom note-esq in design.

Words taken completely out of context have no meaning as the reader doesn’t know the tone or what things are being inferred.

How many people know this one?

I never said she stole my money

If you were to put stress on any word in that sentence above, you would have 7 different meanings from that sentence. Cool innit?

So someone posting about a certain topic, let’s say DNS (I’ve heard it’s bigger than Bono) grabs a load of ‘examples’ of people mentioning something to do with DNS, slaps them into a post claiming the exact opposite of what context they have eluded to include and then plays victim when people call them out on it… - Oh pitty me because I was right and they were mean to me,, boo friggidy hoo. Then grandstands their way to the top again.

People should be better then this.

Humans should be.

Unless they are all a bunch of lizard people or something.

It’s time to clear the air on this one.

For the record.

  • No Cybersecurity Professional (myself included) has said securing DNS is not important. - Peddlers like to say we think it’s lame so they can sell.

  • Cybersecurity Professionals (myself included) have tried multiple times to advise that there other things to take into consideration. - Yeh blaming Microsoft for DNS issues… clever.

  • A Directive that these peddlers like to bring up warns about the dangers of insecure DNS, it’s true. Cybersecurity Professionals (myself included) are not arguing that, but did the peddlers even bother to read it? particularly this section:

5

  • It’s actually important that bit above because it lays out the previous attacks and it starts with enumeration like all good pentests… also illegal cyber pews.

  • Cybersecurity Professionals like to be, professional.. It’s not LinkedIn’s Got Talent and your trying to show off your inflated figures for better winnings. We share research, Viewpoints, Advice and anything we can to help everyone. Snake Oil peddlers and Grandstanders like to make things ‘look’ good but also try to sell you something… Like Project I N S I G H T from Captain America : The Winter Soldier.

Now that’s cleared up I hope people may have a better understanding of just what the shit has been going on the last week or so.

In a year I’ll probably be making another post on this because it never goes away.

We report it.

LinkedIn does nothing about it.

They go quieter for a little bit.

Rinse.

Repeat.

Hey at least next time for ‘Fud Fighters : Tokyo DNS’ I’ll look into interviews or something, really spice things up a bit.

For now I leave you with this.

Cybersecurity is a big thing, like really big! It covers so much and stretches so far. We few who work in it, protect it and stand up to fight for it should be united. Stupid high school shit like this shouldn’t be a thing and people high up should not belittle and talk down to people either learning or doing what they can to help.

I also want to apologize for my profanity, it sounds funny but I actually think of it as the ‘purest form’ of discourse, it’s direct and people know what you are talking about, but still I apologize for this.

  • For any future managers or recruiters that read this, know I am still studying for the OSCP, It’s nearly 4am and I am tired but I needed to get these words out of my head and onto a screen. FUD peddlers annoy me because they are hurting the thing we are trying to protect and then scream victim. I know the right manager out there will see this and understand the drive behind the braincell I got to use today.

Peace <3

🤙

I don’t have any sponsors or anything but if you enjoy my work, or feel sympathy for my wife, then I have set up a Ko-Fi account as well as a BuyMeACoffee people can donate to.

FUD
FUD OSINT linkedin DNS
This post is licensed under CC BY 4.0 by the author.