jerry

@jerry@infosec.exchange

Cloud CISO
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: https://infosec.exchange/@maliciouslink
https://Infosec.Exchange Admin
#infosec #security #cybersecurity #risk #fedi22
…and for fucks sake, be nice to each other. We are only here for a brief time. Make it enjoyable.

To help support the costs associated with running this instance, please consider donating. You can set up recurring donations here:

Patreon: https://www.patreon.com/infosecexchange

Ko-Fi: https://ko-fi.com/infosecexchange

Liberapay: https://liberapay.com/Infosec.exchange/

You can also support with a one-time donation using PayPal to "jerry@infosec.exchange".

This profile is from a federated server and may be incomplete. Browse more on the original instance.

jerry, to random

I got a data breach notice from a mental health provider.

A provider that I have never used, but which my health insurance apparently has some affiliation with.

Wtf

jerry,

The best part is that that put all the blame on a supplier of theirs.

jerry,

@PogoWasRight @Viss turns out they also sent a notice to my youngest son. Remarkable. I think I will do this.

RonahsArk, to random

How it feels accessing infosec.exchange (http://7jaxqg6lfcdtosooxhv5drpettiwnt6ytdywfgefppk2ol4dzlddblyd.onion) via Tails and only from public wifi:

http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/watch?v=jtCGODjuRq0

Anybody else know this feel?

@jerry @taylorlorenz
@paul

jerry,

@RonahsArk @taylorlorenz @paul glad it’s working for you

jerry,

@RonahsArk @taylorlorenz @paul it feels incredibly slow to me (tor generally, not Infosec.exchange specifically)

letsencrypt, to random

You can help change the future of the Web for the better with a donation in support of Let's Encrypt, a project that makes TLS certificates free for everyone. https://letsencrypt.org/donate/

jerry,

@letsencrypt I believe I am responsible for about half the certs that LE issues, so I will be donating

jerry, to random

Psst: https://elk.infosec.exchange/

Let me know what you think

jerry,

@wizlee candidly, that’s what drove me to set it up.

usenixassociation, to random

Hello world!

jerry,

@usenixassociation welcome to the fediverse!

avuko, to infosec

looky what I found...

https://www.washingtonpost.com/technology/interactive/2023/ai-chatbot-learning/#lookup-table

@jerry

jerry,

@avuko dang, we are all the way down at spot 954,460?

jerry,

@yuki2501 @avuko I think you may misunderstand what is going on here:

jerry,

@yuki2501 @avuko IOW, I feel pretty confident that your quotes are getting scraped directly.

jerry,

@WPalant @avuko that is a great point

jerry, to random

Oh hey - look at that - infosec.exchange now has a native tor hidden service address: http://7jaxqg6lfcdtosooxhv5drpettiwnt6ytdywfgefppk2ol4dzlddblyd.onion

jerry, to random

ok friends, https://books.infosec.exchange is available. Time to get reading.

jerry, to random

I am forcing myself to learn kubernetes as part of setting up a new set of fediverse instances (mastodon/peertube,pixelfed,matrix, etc) using a common authentication provider and I’m coming to realize the kubernetes must have been a practical joke that went way too far.

jerry, to random

There’s been a lot of discussion about a rule we recently instituted regarding security testing on the infosec.exchange instance. I understand the value or pen testing as much or more than most people, and I’m fully cognizant that pen tests are happening all the time and I’m not getting the report. I get it. But there are now 28,000 people using this service to communicate. I know there are vulnerabilities waiting to be discovered. Finding blog post fodder by fuzzing instances that are already running hot due to explosive growth is not super helpful. But at the same time, I WANT that testing to happen.

As a result, I am going to set up two instances tomorrow that only federate with each other. This is where I’d prefer legitimate security testing be performed. I’ll also be using it as the QA environment to test new updates and settings prior to deploying to the production instance. I’ll moderate signups because I don’t want it accidentally becoming fediverse 2.0 in the ongoing rush for the doors at twitter, but will accept anyone who wants to join, with clear indications that it’s a sandbox and should not be considered safe.

Thanks for patience as we continue to find out way.

jerry, to random

The number of awesome people I’ve met here this weekend is very motivating. I am glad you’re all here

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • kavyap
  • DreamBathrooms
  • khanakhh
  • magazineikmin
  • InstantRegret
  • tacticalgear
  • thenastyranch
  • Youngstown
  • rosin
  • slotface
  • modclub
  • everett
  • ngwrru68w68
  • anitta
  • Durango
  • osvaldo12
  • normalnudes
  • cubers
  • ethstaker
  • mdbf
  • tester
  • GTA5RPClips
  • cisconetworking
  • Leos
  • megavids
  • provamag3
  • lostlight
  • All magazines
    •