Maximus :qubes: :manjaro: boosted

Google's never ending quest to depreciate themselves:

developer.chrome.com/webstore/

Why does anyone trust Google to keep *anything* going? I'll be interested to see how the community reacts when "Project Fuscia" upends ChromeOS and Android.

Maximus :qubes: :manjaro: boosted
Enough with the phishing already.

People on fedi are far more careful and not really into this kind of thing, I only see this on Another Social Network.

Security questions are a really bad idea.



@OCRbot

European Central Bank on Twitter: https://t.co/glSwD6EnLo" / Twitter 

They must be regretting this. Read the comments :bitcoin:
mobile.twitter.com/ecb/status/

Maximus :qubes: :manjaro: boosted

BootHole – GRUB2 vulnerability threatens secure boot (CVE-2020-10713):

eclypsium.com/2020/07/29/there

– To be exploited, the attacker needs to modify the grub.cfg file first.
– If exploited, attackers can permanently access the system.
– Keep your operating system up-to-date.

#BootHole #GRUB #Bootloader #Vulnerability #InfoSec

Maximus :qubes: :manjaro: boosted

In the last days, we prepared some new content coming to infosec-handbook.eu next month:

– Using U2F as two-factor authentication for OpenSSH (instead of OATH-TOTP)
– Basic WireGuard setup
– Bitwarden for beginners – setup and basic usage

#InfoSecHandbook #InfoSec #Security #Blog

Maximus :qubes: :manjaro: boosted

RT @maxschrems@twitter.com

BREAKING: The EU's Court of Justice has just invalidated the "Privacy Shield" data sharing system between the EU and the US, because of overreaching US surveillance. All details available here: noyb.eu/cjeu
#PRISM #FISA702 #Privacy #PrivacyShield #SCCs #GDPR #CJEU

🐦🔗: twitter.com/maxschrems/status/

Maximus :qubes: :manjaro: boosted

How many people block Google Analytics?

65% DuckDuckGo users
57% Firefox users
53% on Linux
21% on laptop/desktop
19% on Windows
18% on macOS
14% on Chrome
10% on Android
9% Google search users
8% on mobile/tablet
6% Bing users
6% on iOS
5% on Safari

markosaric.com/google-analytic

Maximus :qubes: :manjaro: boosted

"This has been going on for years and is an essential part of the mobile app economy."

Unless you remove the financial incentive, there's no hope for #privacy on Android/iOS. Their app ecosystems are built on selling user data and no amount of prompts or checkboxes can fix it.

vox.com/recode/2020/7/8/213115

Maximus :qubes: :manjaro: boosted

For anyone in the UK, the Government has just given Palantir, a surveillance company that I passionately dislike, access to sensitive medical records of Covid-19 patients for £1.

Brilliant. Absolutely brilliant.

outline.com/EdpRSb

Maximus :qubes: :manjaro: boosted

Stay secure, use encryption. Tutanota makes sure that your entire mailbox, calendar and contacts are encrypted. Check it out: tutanota.com/

Maximus :qubes: :manjaro: boosted
Maximus :qubes: :manjaro: boosted

These graphic explainers come from a campaign called Neigbourhood Watched, which we developed with @libertyhq.
Good news is: there is also a campaign pack with ideas for you to work in your local community!
(it is UK focused but can be easily adapted)

privacyinternational.org/long- nitter.net/privacyint/status/1

Maximus :qubes: :manjaro: boosted
Maximus :qubes: :manjaro: boosted

"Tinfoil Chat (TFC) is a FOSS+FHD peer-to-peer messaging system that relies on high assurance hardware architecture to protect users from passive collection, MITM attacks and most importantly, remote key exfiltration.

#TFC is designed for people with one of the most complex threat models: organized crime groups and nation state hackers who bypass end-to-end encryption of traditional secure messaging apps by hacking the endpoint."

read more:
github.com/maqp/tfc

Maximus :qubes: :manjaro: boosted

Here is what Twitter's rotten new privacy policy looks like:

Maximus :qubes: :manjaro: boosted

To server admins:

It is a good practice to provide contact details, so others can contact you in case of security vulnerabilities or questions regarding your privacy policy.

One upcoming but already widespread format is the security.txt file at https://your-server/.well-known/security.txt.

See securitytxt.org/ and infosec-handbook.eu/.well-know.

#SecurityTXT #SecurityContact #admin #security #infosec #cybersecurity

Maximus :qubes: :manjaro: boosted

Zoom meetings aren’t actually end-to-end encrypted, despite misleading marketing on their website, in their security white paper, and in the user interface in their app theintercept.com/2020/03/31/zo by @yaelwrites and myself

Maximus :qubes: :manjaro: boosted
Maximus :qubes: :manjaro: boosted

Certificate expiration periods will get smaller by 50% every year. Eventually they will cross the Planck time, rendering all certificates unusable, but by then all websites will be AMP anyway.

twitter.com/matthew_d_green/st

Maximus :qubes: :manjaro: boosted
Show more
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.