kzimmermann, to opsec
@kzimmermann@fosstodon.org avatar

Sounds like Luigi needs to level up on his skills...

reginagrogan, (edited ) to mastodon
@reginagrogan@mastodon.social avatar

Something happened and i want to ask the about it:

1 hour ago, i wanted to get a chocolate bar and a lemonade, so i went to the fancy grocery store…

As i was standing in the aisle picking a chocolate bar, a man down the way faced me and took several phone pictures of me.

Why did he?
Please answer below or in comments.

avoidthehack, to Cybersecurity

New Whiffy Recon uses to triangulate your location

If the WLAN service is running, the malware scans every minute and sends requests to Google's geolocation . Can enable tracking of an infected device in real time.

https://www.bleepingcomputer.com/news/security/new-whiffy-recon-malware-uses-wifi-to-triangulate-your-location/

kkarhan, to infosec German

Was lernen wir daraus?

  1. Sei kein ekelhaftes Arschloch (also )!

  2. Wer um jeden Preis will, sollte , , & praktizieren.

  3. können nur dann die eigenen (zwangsweise) offenlegen wenn diese identifizierende Informationen hat.

  4. muss trotzdem gestärkt werden!

https://www.wbs.legal/medienrecht/urteil-im-fall-julian-reichelt-quellenschutz-nur-mit-vereinbarung-67229/

avoidthehack, to privacy

The Importance of Using Messaging Apps With End-to-End , Which Ones to Use and Why

From @Em0nM4stodon

Comparing Threema, Signal, WhatsApp, and iMessage so users can make informed choices for themselves.

https://controlaltdelete.technology/articles/the-importance-of-using-messaging-apps-with-end-to-end-encryption-which-ones-to-use-and-why.html

sec_yote_agenda, to random
@sec_yote_agenda@geekdom.social avatar

Read another horrible story about someone getting scammed out of fursuit level money, and I feel horrible for them but there's not much I can do.

Maybe 2023 is the year we need to normalize escrow services for large furry purchases?

Here's one: https://www.escrow.com/

kkarhan,

@sec_yote_agenda yeah, that's very sad and I sincerely hope this doesn't happen to anyone - whether they just wasted time waiting or even took money and ran...

Granted I'm more used in #IT and espechally #ITsec, #InfoSec, #OpSec and #ComSec where a minor fuckup will ruin decades of reputation-building in seconds and it's more or less impossible to recover from that...

So it's quite the opposite...

So #Escrow seems more than reasonable to enshure people ain't paying and/or working for nothing.

coffe, to DEFCON

OooOk Fediverse,

what's the best way to follow from afar if you don't have a Twitter account. Who to follow on Fediverse. Is there great blogs? Perhaps livestreams on YouTube or twitch?

Please boost 🥳

suprjami, to infosec

The number of netcat variants is too damn high. #Infosec #Linux #OpenBSD #BSD #OPSEC #Networking #netcat

https://blog.ikuamike.io/posts/2021/netcat/

neurovagrant, to random
@neurovagrant@masto.deoan.org avatar

Just saw someone advocating progressive movements organize on the Fediverse.

BE VERY VERY CAREFUL ABOUT SAYING STUFF LIKE THIS.

-Most fediverse tie-ins are not architected to protect you. For instance, Mastodon Direct Messages are not encrypted and admins can access them.

-Most instances are hosted by ordinary people who don't have the time, knowledge, or resources to fight subpoenas in either criminal or civil actions.

Meet here. Support each other. Cheer each other on. Show solidarity, and elevate and amplify each other.

Organize in much more restricted environments, like end-to-end encrypted messengers like Signal.

kkarhan,

@neurovagrant no, because #Signal is a #proprietary #SingleVendor / #SingleProvider solition that is subject to #CloudAct and thus can't be secure by design.

If you really want #InfoSec, #OpSec, #ComSec & #ITsec, then #SelfHosting everything is key.

But that'll require #TechLiteracy and may not scale well...

IMHO self-hosting a #Zulip Server works good for organizational structures.

slashdot, to random
@slashdot@mastodon.cloud avatar

Researchers Find 'Backdoor' in Encrypted Police and Military Radios https://it.slashdot.org/story/23/07/24/1942216/researchers-find-backdoor-in-encrypted-police-and-military-radios?utm_source=rss1.0mainlinkanon

profoundlynerdy,
@profoundlynerdy@bitbang.social avatar

@slashdot Oh, I've never seen this before! /s

See also https://en.m.wikipedia.org/wiki/Crypto_AG

md, to random German
@md@chaos.social avatar

„Despite being widely used and relying on secret cryptography, TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy.“

@bmi & @bsi

https://tetraburst.com

kkarhan,

@md @bmi @bsi

Also like any #cellular #radio system, #TETRA devices constantly transmit data, making it trivial to locate and track any radio through passive #SIGINT.

The same way LEAs track peoples' mobile phones.

Likewise this is systemic per design and thus unfixable!

So basically the #OpSec, #InfoSec, #ComSec and thanks to #Windows the #ITsec of LEAs are f**ked and the correct fix is in between "impossible" and "painful to implement over more than a year"...

radpanda, to opsec Polish

„Dokładamy szczególnych starań w celu zachowania poufności kontaktu i prywatności naszych klientów”.

Skrzynka e-mail postawiona na gmailu oraz kontakt przez SMS.

🤡🤡🤡

Mer__edith, to random
@Mer__edith@mastodon.world avatar

This is the real, human cost of mass surveillance of everyone's private digital communications.

If we actually care about keeping people safe, we need more end-to-end encryption not less.

JizzelEtBass,

@rorystarr @Mer__edith is such a vital skill.

kmic, to opsec

One second of losing focus and is gone.

generationX, to internet German

How can social media ever be private as long as it is not completely anonymous? In social media we are telling our thoughts and what we do/like/dislike. Every robot can parse the data about us - does not even need an own instance. #SocialMedia

kkarhan,

@generationX awell, you can be private on the internet...

It just takes good #ITsec, #InfoSec, #OpSec & #ComSec...

gmate8, to ubuntu

broke secure boot feature - Mint developers warn when installing Linux Mint 21.2

🔗: https://linuxmint.com/rel_victoria_cinnamon.php

bp, to opsec

everything about this talk is fascinating

https://www.youtube.com/watch?v=01oeaBb85Xc

avoidthehack, to opsec

How to share files and sensitive information securely

@bitwarden shows you how to use Bitwarden Send to share files and sensitive information in a more secure way.

In most cases, you should avoid sending sensitive information via email (even if not a file).

#opsec #cybersecurity #security

https://bitwarden.com/blog/how-to-share-files-and-sensitive-information-securely/

dismalnow, to mildlyinteresting in Had to travel utegently out of town for a week and forgot to turn on the dishwasher before I left
dismalnow avatar

Y'all trust your Roombas?

I got another Roomba just to keep the other one honest (and rescue missions).

sayonaraminasan, to tech
@sayonaraminasan@urusai.social avatar

anyone use signal? been using it a couple years now to talk to my one friend from chile. pretty awesome service imo. i never really hear peeps in the us talk about it much cuz we are all imessage drones for the most part

avoidthehack, to Cybersecurity

Is my #password compromised?

@bitwarden showcases how the locally run Bitwarden Vault Health Report can help you identify reused passwords, exposed passwords, and weak passwords.

#cybersecurity #infosec #opsec

https://bitwarden.com/blog/is-my-password-compromised/

avoidthehack, to firefox

115 Patches High-Severity Use-After-Free

Usa-after-free in WebRTC.

Update to remedy.

https://www.securityweek.com/firefox-115-patches-high-severity-use-after-free-vulnerabilities/

enno, to random German
@enno@nafo.army avatar

deleted_by_author

    •
    kkarhan,

    @enno not that surprising given that every #SingleVendor / #SingleProvider "solution" for communications will inherently have #Govware #backdoors, otherwise they'd be illegal!

    That's why noone who takes #ITsec, #InfoSec, #OpSec & #comSec 100% seriously will use them for anything but posting public info.

    That's how the drug dealers using #EncroChat & #ANØM got caught and why noone should trust any #VPN or #Messenger!

    https://www.youtube.com/watch?v=WVDQEoe6ZWY
    https://twitter.com/thegrugq/status/1085614812581715968

    reedmideke, to Ukraine
    @reedmideke@mastodon.social avatar

    OK, long running thread from the other site (https://twitter.com/reedmideke/status/1492238848088182784) continues here.

    Mostly me tracking noteworthy events for myself with a side of ill-informed commentary and a healthy dose of mocking propagandists

    reedmideke,
    @reedmideke@mastodon.social avatar

    tip of the day brought to you by recently assassinated Russian submarine commander Stanislav Rzhitsky who reportedly "had profile on Strava, where he posted his runs and bike rides" and was shot while out jogging

    https://twitter.com/maria_avdv/status/1678513332574191617
    https://www.rferl.org/a/russia-deputy-chief-krasnodar-shot-dead-/32497651.html#0_8_10089_8766_2710_249232399

    sabogato, to random
    @sabogato@sunbeam.city avatar

    deleted_by_author

    •
    kkarhan,

    @sabogato izt's not just #OpSec, but #ITsec, #InfoSec & #ComSec.

    If I had even attempted such a fuckup, I'd be in prison!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • anitta
  • ethstaker
  • DreamBathrooms
  • InstantRegret
  • magazineikmin
  • tester
  • khanakhh
  • everett
  • thenastyranch
  • Youngstown
  • slotface
  • tacticalgear
  • kavyap
  • osvaldo12
  • JUstTest
  • mdbf
  • GTA5RPClips
  • ngwrru68w68
  • provamag3
  • Durango
  • rosin
  • cisconetworking
  • normalnudes
  • modclub
  • megavids
  • cubers
  • Leos
  • lostlight
  • All magazines
    •