@Crell while back i tried to explain that it was sort of kinda ok for the web app home page, but the api has no reason to be """user friendly""" in this manner... and that caught me shit for like 3 years >_>
now that everyone forgot i should go tweak the httpd conf and tell nobody. its like 3 lines to make apache to not do that to /api/ lmao. sadly they will still have attempted the transmission though.
"Cybersecurity, Lepassaar argues, will inevitably need to become second nature to designers and consumers.
“I do believe that we have a societal challenge ahead of us to understand digital security in the same way that we understand, security in the everyday traffic environment,” he said."
@helma while I agree on the threats 100%, people are going to get a bigger sense of urgency if they can relate it to what they have been coming across all their life. That was the point I was trying to get across.
@WebSpider I understand 🙂 and indeed.
It's just, for example when I think of the new digital door stuff like key and video, it's just so much more difficult to install properly. Yet the products are offered.
1/2 📌 "Are you old enough to buy this?"This is the presentation's title of NGI TALER's partner @oec
who will speak this Friday 31/5, at the event #Security in Times of #Surveillance organised by @Ei_PSI (Ei/Ψ) in the Blauwe Zaal at @TUEindhoven
🔦We are super excited that the coordinators of NGI TALER, Prof. Tanja Lange and Heloise Vieira, are part of the local organizers of this event, and have put together this stellar lineup of speakers!
I find it somewhat annoying and concerning that an essential #security tool like #fail2ban is broken on #ubuntu#linux 24.04 #noble since the end of February and there still is no update in sight.
Similar here with Fedora 39, had to manually start it with “fail2ban-client -x start”, something about an exception for a communication socket permission problem. But it’s now working again under systemd after a couple of weeks and system updates.
@publicvoit Why not naming it as a question, such as:
"How compromised is MS's security infrastructure?"
"Has MS lost control of its security infrastructure?"
"Is MS's security infrastructure still trustworthy?"
"How MS lost the trustworthyness of its own security services."
Security told me that I am not to use my work assigned laptop to develop software. I am working with this company as a Software Engineer. Have been for over a decade. How am I to get work done?
@ThinkingSapien Ah, the bureaucratic catch-22. If you play your cards right, you could catch a paycheck for years while doing no work by playing each side of the bureaucracy against the other.
Security in Times of Surveillance, the 1-day, in-person event of @Ei_PSI (Eindhoven Institute for the Protection of Systems and Information) will take place on May 31 in Eindhoven, The Netherlands.
NGI0 fellows Stephen Farrell (Trinity College Dublin / Tolerant Networks) and Wouter Bokslag & Carlo Meijer (Midnight Blue / TETRA:BURST) will be speaking. (As well as other great speakers like Jaap-Henk Hoepman and Bart Preneel).
WhatsApp's encryption is vulnerable to "traffic analysis" surveillance that reveals who's talking to whom. This technique is used by governments worldwide, and may be used by Israel to target Palestinians.
Efforts by Meta employees to raise awareness about the issue have been met with internal censorship.
»Argon2 vs. bcrypt vs. scrypt: which hashing algorithm is right for you?«
As far as I know, Argon2 is a current secure solution for storing passwords. In my opinion, too many online services do not use this solution or do not fund it (fast enough) to update their services.
@br00t4c
EVERY ATTACK on #Cohen's "truthfulness" & "character" is just a reminder that "this is the guy T**** picked to be his lawyer & represent him." 🤔
@aallan@hackster_io California enacted a similar law several years ago although it is rarely mentioned and perhaps rarely honored. (We had to change the way we initialize and label our products as a consequence.)
Privacy matters! But what if the tools meant to protect us are being misused? Our latest study (to appear ARES '24) reveals surprising facts about HTTP Client Hints (HTTP CHs) on the Web. [THREAD]
Two Santa Cruz students uncover security bug that could let millions do their #laundry for free. #CSC ServiceWorks provides #laundrymachines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.
Some companies do not even seem to care about #security at all even when their whole business model is in danger when they don't fix reported issues in time. 🤷
WhatsApp introduces "ask meta ai" in the local chat search bar, and Slack auto-feeds messages to train their LLM robots https://eigenmagic.net/@NewtonMark/112455578857917485 ... Delta Chat is among the shrinking number of messaging applications that does not look at your data except to end-to-end encrypt it and send it over interoperable message transport servers chosen by yourselves and your contacts. #decentralization#security#privacy ftw!
