As a privacy advocate I have always been very conscious of the ways pieces of information tie together. For example, if you have someone’s phone number, it’s very easy to find out their address from it and vice versa. Throughout my life, I have employed various strategies to separate my…

Douglas and Nathaniel Cullison made their first court appearance on June 14th, 2023 where they are facing felony second degree assault charges. They are being represented by Joe Koncilja, who gave an interview to KRDO telling cameras that he “doesn’t care what the law says” and that if someone “knocked…

Last month I exposed a huge cover-up by the Pueblo Police Department involving a so-called “Citizen’s Arrest” that involved multiple individuals holding and beating an at-risk homeless individual accused of allegedly striking a teacher at a nearby school. Doug Cullison and Nate Cullison have now both been charged in connection…

UPDATE #5: Lackluster update and new blog: https://medium.com/@lucky225/pueblo-so-called-citizens-arrest-beating-update-men-charged-with-felonies-by-district-attorney-d59fea47d553 UPDATE #4: Lackluster coverage and PPD Press Release 4/20/23: Lackluster released a video that details most of the important details of this case: In under 2 hours after this was released PPD released the following statement on their Facebook page…

I recently discovered PG&E will let you sign up for electricity online without providing your SSN. Their website offered an option for “Alternate Identification”, so I chose it and proceeded to sign up for service. The only thing required was your name, “alternate mailing address”(i.e. your current address), and a…

This Defcon I’m stuck at home as are others, so Av1d, speexvocon, wagwan_piffting_blud and I formed a team to play the Project Mammoth Challenge. Challenge #1 Metadata FTW! This one was pretty easy, just look at the metadata to get the key. Fired up Audacity and Edit -> Metadata:

By now most infosec professionals are aware of various ways SMS text messaging can be hijacked. For example so-called “SIM Swap” attacks, SS7 attacks, Port-out fraud, etc. All of these attacks however do require some level of sophistication, whether it be high level access to SS7, or account information or…

In an NPRM the FCC released on August 26th, 2020 the FCC has proposed a “nominal fee” of $50.00 for all amateur radio applications with the exception of administrative updates for things like mail and name changes which they contend is “in the public interest to encourage licensees to update…

I didn’t want to write about this but I see a lot of people getting the details wrong — that includes myself — due to a lot of speculation. I’m going to give a short timeline on what happened exactly. At about 3:30 PM Mountain time I started hearing about…