Crell,
helma, Dutch "Cybersecurity, Lepassaar argues, will inevitably need to become second nature to designers and consumers.
“I do believe that we have a societal challenge ahead of us to understand digital security in the same way that we understand, security in the everyday traffic environment,” he said."
WebSpider, Dutch @helma while I agree on the threats 100%, people are going to get a bigger sense of urgency if they can relate it to what they have been coming across all their life. That was the point I was trying to get across.
helma, @WebSpider I understand 🙂 and indeed.
It's just, for example when I think of the new digital door stuff like key and video, it's just so much more difficult to install properly. Yet the products are offered.
publicvoit, German #Nuki Smart Locks könnten Paketdiensten bald Haustüren in Deutschland öffnen
https://www.heise.de/news/Nuki-Smart-Locks-koennten-Paketdiensten-bald-Haustueren-in-Deutschland-oeffnen-9733436.html?wt_mc=rss.red.ho.ho.atom.beitrag.beitragWhat can possibly go wrong? 🤔 Nun ja, es trifft dann hauptsächlich nur diejenigen, die die Produkt-Entscheidung getroffen haben.
Ich muss unbedingt mehr 🍿 besorgen ...
stefan, German @publicvoit Niku Vorzimmer-Zustellung via Post gibt's auch in AT: https://www.post.at/p/a/vorzimmer-zustellung
publicvoit, German Die #Tagespresse dazu:
"Ab Juli: Postler dürfen Wohnung betreten und deine Zahnbürste benutzen"
https://dietagespresse.com/ab-juli-postler-duerfen-wohnung-betreten-und-deine-zahnbuerste-benutzen/
NGI_Taler, 1/2 📌 "Are you old enough to buy this?"This is the presentation's title of NGI TALER's partner @oec
who will speak this Friday 31/5, at the event #Security in Times of #Surveillance organised by @Ei_PSI (Ei/Ψ) in the Blauwe Zaal at @TUEindhoven🔦We are super excited that the coordinators of NGI TALER, Prof. Tanja Lange and Heloise Vieira, are part of the local organizers of this event, and have put together this stellar lineup of speakers!
🎯Register here https://projectbullrun.org/surveillance/reg.php
AndiMann, "Banks don’t want to inspect your home office, so they’re forcing 00s of employees to come in 5 days a week"
Hey @jpmorgan et al: @Sageable (is me!) runs #leadership #coaching workshops on leading remote teams incl #security #governance #compliance
HMU!
https://fortune.com/2024/05/25/banks-remote-work-return-to-office/
lenzgr,
AGMS00, Similar here with Fedora 39, had to manually start it with “fail2ban-client -x start”, something about an exception for a communication socket permission problem. But it’s now working again under systemd after a couple of weeks and system updates.
Morishima, The Story of @protonprivacy's Founder and CEO.
Video by @mozilla.Details: https://iv.nboeck.de/watch?v=gFZ1peR9SiY
#security #cybersecurity #infosec #privacy #proton #protonmail #protonvpn #government #surveillance #censorship #democracy #mozilla #rise25
protonprivacy, @Morishima @mozilla 💜
protonprivacy, @Morishima You should still be able to get captcha on Tor, but indeed, this will be less likely than getting captcha on a clear-net browser.
More info on how/why we use human verification can be found here: https://proton.me/support/human-verification
publicvoit, I write a blog article on the #security breakdown of #Microsoft, focus on lost #Azure #cloud keys, not realizing being compromised by state actors for years & infiltrated security team. See list on https://karl-voit.at/cloud/
I need a catchy but not too clickbaity/exaggerated title so that I don't lose potential readers but also express the importance/impact.
Help me brainstorm.
My draft: "The Security of Microsoft Services and Many Windows Hosts Is Compromised" but I'm afraid that is too weak.
seppi_hofer, @publicvoit Why not naming it as a question, such as:
"How compromised is MS's security infrastructure?"
"Has MS lost control of its security infrastructure?"
"Is MS's security infrastructure still trustworthy?"
"How MS lost the trustworthyness of its own security services."
publicvoit, @seppi_hofer Thanks! Good titles 👍
ThinkingSapien,
LouisIngenthron, @ThinkingSapien Ah, the bureaucratic catch-22. If you play your cards right, you could catch a paycheck for years while doing no work by playing each side of the bureaucracy against the other.
helma, "Going Dark: The war on encryption is on the rise. Through a shady collaboration between the US and the EU."
NGIZero, Security in Times of Surveillance, the 1-day, in-person event of @Ei_PSI (Eindhoven Institute for the Protection of Systems and Information) will take place on May 31 in Eindhoven, The Netherlands.
NGI0 fellows Stephen Farrell (Trinity College Dublin / Tolerant Networks) and Wouter Bokslag & Carlo Meijer (Midnight Blue / TETRA:BURST) will be speaking. (As well as other great speakers like Jaap-Henk Hoepman and Bart Preneel).
sjvn, OpenSSF Siren: Security for One, Security for All https://devops.com/openssf-siren-security-for-one-security-for-all/ by
@sjvnOpenSSF Siren: Not just another #security mailing list.
stdevel,
Larvitz, @stdevel of you wanna get the maximum out of your YubiKey, I can recommend the marvelous guide from DrDuh on GitHub: https://github.com/drduh/YubiKey-Guide/blob/master/README.md
yogthos, WhatsApp's encryption is vulnerable to "traffic analysis" surveillance that reveals who's talking to whom. This technique is used by governments worldwide, and may be used by Israel to target Palestinians.
Efforts by Meta employees to raise awareness about the issue have been met with internal censorship.
https://theintercept.com/2024/05/22/whatsapp-security-vulnerability-meta-israel-palestine/
Morishima, Are you a user of Firefox or its derivative browsers (Librewolf, Tor Browser, etc.)?
Please check for important security updates.Details: https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html
#security #cybersecurity #infosec #privacy #firefox #mozilla #librewolf #torbrowser #floorp #pdfjs
kubikpixel, @Morishima install a FF update!
kubikpixel, German »Argon2 vs. bcrypt vs. scrypt: which hashing algorithm is right for you?«
As far as I know, Argon2 is a current secure solution for storing passwords. In my opinion, too many online services do not use this solution or do not fund it (fast enough) to update their services.
🔐 https://stytch.com/blog/argon2-vs-bcrypt-vs-scrypt/
—
#password #itsecurity #security #argon2 #scrypt #bcrypt #it #code #internet #app #encryption
br00t4c, How Prosecutors Turned Michael Cohen's Greatest Liabilities into Their Assets
https://www.justsecurity.org/95956/trump-trial-michael-cohen/
aallan, By me for @hackster_io, "The End of the Default Password?" #security #iot https://www.hackster.io/news/the-end-of-the-default-password-b915e8a874a5
karlauerbach, @aallan @hackster_io California enacted a similar law several years ago although it is rarely mentioned and perhaps rarely honored. (We had to change the way we initialize and label our products as a consequence.)
aallan,
swiefling, (edited ) Privacy matters! But what if the tools meant to protect us are being misused? Our latest study (to appear ARES '24) reveals surprising facts about HTTP Client Hints (HTTP CHs) on the Web. [THREAD]
Paper + Website: https://rbainfo.org/clienthints
#CyberSecurity #Privacy #Tracking #HTTP #UserAgent #OpenAccess #WWW #Chrome #Edge #Safari #Brave #Browser
freddy, @swiefling I believe this has been a criticism of Client Hints from the get go and one of the reasons why it’s not implemented in all browser engines.
swiefling,
dethos, "CVE-2024-4367 – Arbitrary JavaScript execution in PDF.js"
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
rhys,
protonprivacy, @rhys Was this a forwarded message that you received in your Proton Mail mailbox (from your icloud address)?
publicvoit, Two Santa Cruz students uncover security bug that could let millions do their #laundry for free.
#CSC ServiceWorks provides #laundrymachines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.https://techcrunch.com/2024/05/17/csc-serviceworks-free-laundry-million-machines/
Some companies do not even seem to care about #security at all even when their whole business model is in danger when they don't fix reported issues in time. 🤷
delta, WhatsApp introduces "ask meta ai" in the local chat search bar, and Slack auto-feeds messages to train their LLM robots https://eigenmagic.net/@NewtonMark/112455578857917485 ... Delta Chat is among the shrinking number of messaging applications that does not look at your data except to end-to-end encrypt it and send it over interoperable message transport servers chosen by yourselves and your contacts. #decentralization #security #privacy ftw!
pitrh, sshd(8) split into multiple binaries https://www.undeadly.org/cgi?action=article;sid=20240517092416 #OpenBSD #ssh #sshd #sshd-session #privsep #security #secureshell
Reka, French Kapersky.
MD5.Okay.
#dataleak #security #vulnerability