Show newer

People are still promoting abandoned software. and .io. Hiri was great at first, but it has become unusable lately. Not a msgsafe user, but have read the same from others. Perhaps they are still getting affiliate payments. Or they are just clueless and don't use the software themselves.

It's enough to drive a CISO mad. You spend countless hours trying to convince people not to click on links from unknown sources in emails. Then HR sends out an email from a new tax processing company without telling anyone. Inside the email is a link to a previously unknown website that you are supposed to click on. Then you are supposed to enter your social security number on this previously unknown website. To the educated person this would be a clear phishing email, but it is legit. Ugggh!

I have just finished reading by Edward -- and am deeply moved. It's a very personal, insightful and fascinating tale that kept me turning the pages late into the night. Highly recommended to anyone that cares for their privacy (or doesn't...yet)

It is very accessible and requires no technical background; everything you need to know to understand the scope of the revelations and the NSA's ability and habit to constantly spy on all of us is provided in clear terms.

@jonah Question about criptext. It seems like a good candidate for email. All email is encrypted using the Signal protocol and delivered to the email client. The server holds the public key and keeps non-encrypted outside mail for a maximum of 30 days or when the user downloads it. The company is based in Panama and has a development team in Ecuador. Profiles and backgrounds on owners and staff are on their website. It is open source. Whitepaper cdn.criptext.com/resources/Whi Am I missing something?

racism 

#VanessaNakate, a climate activist from Uganda, was cropped out of a press photo with other, "famous" climate activists, presumably because she's black

@Limax @brandon We can't count recently discovered infections as recovered. At this point there are 41 deaths and 38 recovered. This means that we can't assert a mortality rate with confidence yet.

In the end I had the user change the KBA back to the real (easy to guess from public records) answers. True story!

Show thread

Bank insecurity - Forced 8 to 12 character password with no special characters. KBA for verification. Solution is to use fake KBA, but how to protect a computer illerate who can't remember to open the file with the fake KBA.
Exchange:
User: I can't get into my account.
Me: Why not?
User: It asks questions but it says I have the wrong answer.
Me: Did you use the fake answers stored in your password manager.
User: Where is my password manager?
Me: Open your browser...
User: What's a browser?

Nous avons participé il y a quelques semaines à une interview par des étudiant·e·s... Ecoutez le résultat de ce reportage demain, dans le cadre d'un plateau radio en public !

unnews.univ-nantes.fr/liberte-

We started the election process (Phase 0) for this year's @opensuse Board elections. During this process, apply for openSUSE Membership until mid-January. - bit.ly/34NujAa

Oh boy! Seems I need a new vpn since PIA sold out. Guess I should have seen it coming when Linux Journal had to shut down for good.

Ransomware remediation scams. Be careful with companies that offer to decrypt your files after they have been locked by ransomware. Often these guys are scammers who just pay off the ransom and then add a fee on top. In some cases the malware creators are the same people offering their "services" to victims.

Cyber security frauds. I keep seeing companies claiming to be cyber security companies, but if you look at the credentials of the principals, they have no background in programming, networking, engineering, etc. Typically, they are lawyers or sales guys trying to make a quick buck. Rudy Giuliani's cybersecurity company is the most famous example. Also watch out for CISO's who hire small firm's to audit their security. Often the auditor is the guy's buddy.

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.