After several years of warning after warning after advisory after advisory and calls to repeatedly update or remove andNOT USE CHROME by the Department of Homeland Security, it should be inconceivable that anyone does - but they do.
Sometimes these are patched with automatic updates before horrific and catastrophic results occur, sometimes not. To be frank, part of the problem stems from the fact that Chrome is the largest attack surface out there where browsers are concerned, but notwithstanding it being the fav target are also serious privacy concerns that aren't shared by other chromium based browsers.
To be fair, many exploits are indeed shared by other chromium based browsers, but not most, while some are related to other browser capabilities, like WebRTC, but it's still best to just ditch Chrome and never look back.
Here's more coverage on vulnerabilities issued less than a month ago. It took 3 seconds to bring this up, and no, not using Google, which didn't reveal this when I tried that search engine in a subsequent search, lolz. Why would they return SERPs that poo poo their own product?
There's truly only one way to ensure safety - unplug. But there's a lot of simple things you can do to exact a reasonable level of security, so why not observe some of those best practices? It's not like it will cramp your style.
Anyway, that's my two cents. h/t to @darnell for raising awareness of this latest brokewell. Make sure you take the time to visit the link he's provided for you too.
There are plenty of #Browsers that run on #Android (to name a few, alphabetized):
Brave Browser
Chromium
DuckDuckGo
Firefox
Kiwi
Vivaldi
IMO, No one should be running Chrome - Desktop or otherwise. It's a privacy nightmare even when there aren't CERT warnings circulating.
Czy #CERT#NASK posiada jakiś adres, na który można przesyłać złośliwe maile (tak jak mają numer 8080, na który można przesłać złośliwe SMSy)? Gdzie jeszcze mogę wysłać takiego złośliwego maila?
Można powiedzieć, że zostałem dzisiaj zaatakowany. Jednak dobrze, że nie podałem w ogłoszeniu o poszukiwaniach asystenta mojego prywatnego maila.
Whether it is weathering an ice storm, heat dome, wind event, or urban wildland fire, preparedness is essential. No one is coming to save us except us. Please do check out this amazing series of check lists provided by our SW Hills NETs.
There's been a lot of buzz about California's next storm system, and while I'll occasionally share my thoughts based on operational and research experience, remember to rely on your local Weather Service and Emergency Management offices for local updates. #CaWx
@geravitywave
.....and... do a search, find your local #CERT and sign up for Spring Basic!!
All kinds of disaster preparedness, response and safety information!
Most programs are getting ready for Spring Basic now!
If you're in Sac County I can probably direct you to your local agency if not? ⬇️
"Atmospheric rivers and bone-dry droughts are like earthquakes and wildfires — challenges Californians have to face. We know they’re coming; we just don’t know exactly when or where. An earthquake-resilient house or a more flood-resilient community won’t stop the ground from shaking or the rain from falling, but it can mean the difference between weathering the storm or cleaning up after a disaster."
Noticed this at the temporary housing the other day. Daylight through a door... leaking heat out, cold in. Easy fix to this. Really helpful during something like this Polar Vortex to minimize heat loss. #weatherization#insulation#enery#EnergyEfficiency
@ai6yr
from our #CERT cold weather training a cheap weather stripping option are dollar store pool noodles. Slit them lengthwise and put them on doors. Also can be used to insulate outside water pipes.
We were contacted by a local agency that would like a presentation on educating their clients on how to prepare and stay safe during an emergency
"Many of the patients are in wheelchairs or use some sort of mobility assistance and a significant amount of them are seniors."
We are considering focusing on three topics:
"72 hour kits" with attention to things like backup generators/inverters, extra medications and/or equipment, and portability.
sheltering in place
planning for evacuation
We are waiting to hear if these folks are in licensed care homes of any sort (in California licensed facilities would be required to have emergency plans in place)
Would there be anything else that we should cover?
Live in Portland, OR? Want some FREE training in disaster preparedness to improve your (and your neighbors') chance when the Big One (or next year's wildfire, ice storm, etc.) hits? Want to avoid the most common deathbed regret of never having discharged a fire extinguisher?
Portland is training Neighborhood Emergency Team members (equivalent to CERT in other cities). Sign up here:
I've told the story of how I got into #EmergencyPrep... Local govt held a community meeting about preparing for a 9.0+ #subduction zone #earthquake hitting the #PNW. Power co, water co, etc all gave useful advice.
@justyourluck
Good for you. #PNW is not anywhere near ready for the #GreatCascadiaQuake. Infrastructure will be destroyed - as well as roads, bridges, power grid, a lot of underground utilities, un-reinforced masonry buildings in piles of rubble, concrete buildings from earlier 20th century pancaked, all the chimneys broken, and many wood frame buildings off their foundations.
#CERT training can help. Be prepared to be on your own for several weeks, and be prepared to help some neighbors.
@ai6yr
You know me... gotta pile on here. Spring CERT Basic classes will be here before you know it. Find your local #CERT and get on the interest list:
"You have a #vulnerability," says security researcher to #OpenCart author, "here's the details and a fix"
"Not a problem, not a vulnerability, stop wasting my time, says OpenCart author
Oh look, CVSS severity 8.8 (on a scale of 10), says #CERT
tl,dr on the article: This is not a one-off. Kerr (author of OpenCart) has a well established history of cavalier attitudes towards reported security vulnerabilities. "Shut up, I meant to do it this way."
UPDATE: The service is accessible by its domain (#Ingress) as soon as I set the DNS server of my client machine to my PiHole. For other systems not using my local DNS (so outside my network), the domain remains unreachable. My suspicion is an issue with the Port Forwards, but idk what's wrong w em as it is.
Note: this may not be in the exact order. If the order to any of this is important, feel free to point that out.
I've added to #Cloudflare, to my zone (domain), the hostname foo pointing to my network's public IP.
I've deployed everything you'd need including #MetalLB (which determines the dedicated Ingress private IP), #nginx-ingress (type set to LoadBalancer instead of NodePort), and #cert-manager (with both HTTP/DNS clusterissuers). If you want to take a peek at how I've deployed/configured them, more details are on here: https://github.com/irfanhakim-as/orked.
I've added foo.domain to the closest thing resembling to a DNS server that I have, #PiHole, pointing to the dedicated Ingress private IP.
I've set my router's only DNS server to the PiHole's IP.
I've set all my Kubernetes nodes' (Masters and Workers) DNS1 to the Router's IP (DNS2 set to Cloudflare's, 1.1.1.1).
I've created a port forwarding rule for HTTP on my router with 1) WAN Start/End ports set to 80, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[0].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.
I've created a port forwarding rule for HTTPS on my router with 1) WAN Start/End ports set to 443, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[1].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.
I've deployed a container service, and an Ingress for it, using #LetsEncrypt's DNS validation clusterissuer.
Current result:
Cert-manager creates a certificate automatically and is in a Ready: True state as expected.
The subdomain (foo.domain) however remains unreachable, no 404 errors, no nothing. Just "The connection has timed out" error.
Describing the container service's ingress (foo.domain), shows that it's stuck at "Scheduled for sync".
#Kubernetes and #Networking experts - please tell me what I've done in any of this that were either wrong or unnecessary, or what I'm currently missing here for me to reach my goal of being able to get my container accessible via foo.domain through that Ingress. I suspect that I might be doing something wrong with this whole DNS mess I literally cannot fathom. I feel like I'm insanely close to getting this thing to work, but I fear I'm also insanely close of blowing up my brain.
cc: @telnetlocalhost (thanks for bearing w me and getting me this far)
Od niedawna CERT Polska ma nowy, bezpłatny, łatwy numer do powiadamiania o scam/próbach oszustwa/wyłudzeniach:
8080
Co robimy, jak zidentyfikujemy sms ze scammem?
Kopiujemy treść i wysyłamy sms na 8080.
Efekt na obrazku 1.
Co to daje?
Na obrazku 2 wynik działania przeglądarki z włączonym #SafeBrowsing.
Na obrazku 3 wynik działania przeglądarki z wyłączonym SafeBrowsing (bo to nadal Google), ale z włączonym #dns od dostawcy europejskiego dns0.eu, współpracującego z CERT krajów członkowskich Unii Europejskiej. Nazwa nie jest rozwijana, strona się nie załaduje.
Wegen eines Buchungsfehlers musste ich innerhalb von zwei Wochen meinen #SCA für SLES 15 durchziehen. Dadurch, dass ich die #LPIC1 zuvor schon gemacht habe, war das tatsächlich auch machbar.
Nun darf ich mich offiziell SUSE Certified Administrator for #SUSE Linux Enterprise 15 (sca_sles15) nennen!
Ich habe vor über 20 Jahren mit SUSE Linux angefangen und bin heute in der #opensuse-Community aktiv. Daher freut mich das besonders.
I posted this screenshot from Terminator 2 a few years ago, and it seems even more true today: you should be preparing kids for an uncertain future (not the blowing things up and weapons, but disaster preparedness and survival skills). "Here's how to perfect your golf game" isn't gonna do it. #DisasterPreparedness#Terminator#SkynetDay
@ai6yr Responding to your number one, basic first aid skills are essential. I am encouraged that more high schools are offering a Community Emergency Response Team (CERT) course.