Susan Larson ♀️🏳️🌈🏳️⚧️🌈<p>The <a href="https://mastodon.online/tags/NewYorkTimes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NewYorkTimes</span></a> Faces <a href="https://mastodon.online/tags/Backlash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backlash</span></a> After <a href="https://mastodon.online/tags/Sanitizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sanitizing</span></a> <a href="https://mastodon.online/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a> <a href="https://mastodon.online/tags/Eugenics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Eugenics</span></a> <a href="https://mastodon.online/tags/Claim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Claim</span></a>. </p><p>What was The New York Times thinking <a href="https://mastodon.online/tags/whitewashing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>whitewashing</span></a> Trump’s <a href="https://mastodon.online/tags/racist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>racist</span></a> <a href="https://mastodon.online/tags/remarks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>remarks</span></a>?</p><p><a href="https://newrepublic.com/post/187039/new-york-times-nyt-trump-eugenics-claim" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">newrepublic.com/post/187039/ne</span><span class="invisible">w-york-times-nyt-trump-eugenics-claim</span></a></p>
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
8.6Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#sanitizing
0 posts · 0 participants · 0 posts today
Harry Sintonen<p>The <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> report on the technical investigations for <a href="https://infosec.exchange/tags/Storm0558" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Storm0558</span></a> key acquisition is a rather interesting read.</p><p>They of course can't and don't go into specifics about the nature of the key leakage. I'm totally guessing here, but it might be that the tooling Microsoft used to detect and sanitize the <a href="https://infosec.exchange/tags/keymaterial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keymaterial</span></a> didn't identify the key in the specific key schedule form. Maybe a new <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> cipher was used that uses a new key schedule format that the tooling didn't support, or the cipher implementation started to store the key schedule in a new, different way.</p><p>This incident is a good example on how attempts of <a href="https://infosec.exchange/tags/sanitizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sanitizing</span></a> logs, memory dumps and similar of sensitive information are a losing game. At best it can be considered best effort, there's always ways information can end up leaking out despite your best efforts in trying to identify it.</p><p>For critical systems the encryption key should only ever exists in a security enclave or HSM. That'd be the only way to ensure that the key cannot leak: It's nowhere in the memory to begin with.</p><p>ref: <br><a href="https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">msrc.microsoft.com/blog/2023/0</span><span class="invisible">9/results-of-major-technical-investigations-for-storm-0558-key-acquisition/</span></a></p>
Nonilex<p><a href="https://masto.ai/tags/ChrisLicht" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChrisLicht</span></a>’s departure marks the failure of his mandate — delivered from his corporate overlords, including <a href="https://masto.ai/tags/WarnerBrosDiscovery" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WarnerBrosDiscovery</span></a> CEO <a href="https://masto.ai/tags/DavidZaslav" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DavidZaslav</span></a> — to recalibrate the network’s political sensibility toward the center. To the extent that anyone ever understood what that meant for actual <a href="https://masto.ai/tags/CNN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CNN</span></a> broadcasts, it’s now clear that it meant <a href="https://masto.ai/tags/sanitizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sanitizing</span></a> the screen in deference to the <a href="https://masto.ai/tags/Republican" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Republican</span></a> front-runner.<br>
A disaster, in other words.</p>
tallship<p><span class="h-card"><a href="https://octodon.social/@ethanz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ethanz</span></a></span> </p><p>And you should return the favor by never posting unsanitized Twitter links to the <a href="https://obo.sh/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a> either 🙂</p><p>I recommend you do a search for "IndyWeb POSSE" program. Which explains the philosophy behind only posting Fediverse links into the deprecated legacy silos, and never posting unsanitized links from places there like twitter into the Fediverse.</p><p>Basically, you do a disservice posting links in the Fediverse that lead people to the very monolithic, privacy disrespecting silos that they've already left behind.</p><p>Instead, if you even bother to use those deprecated legacy silo systems, post links bringing the people there at places like twitter to content that exists here in the Fediverse, thereby providing incentives to create accounts on Fediverse platforms like <a href="https://obo.sh/tags/Friendica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Friendica</span></a>, <a href="https://obo.sh/tags/FunkWhale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FunkWhale</span></a>, <a href="https://obo.sh/tags/MicroPub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicroPub</span></a>, <a href="https://obo.sh/tags/Mitra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mitra</span></a>, <a href="https://obo.sh/tags/PeerTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PeerTube</span></a>, <a href="https://obo.sh/tags/Pixelfed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pixelfed</span></a>, <a href="https://obo.sh/tags/Pleroma" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pleroma</span></a>, <a href="https://obo.sh/tags/Soapbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Soapbox</span></a>, <a href="https://obo.sh/tags/Quanta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Quanta</span></a>, Etc., Thereby joining the Fediverse 👍</p><p>If you find that you really must post a link leading to one of the deprecated silos, then please consider <a href="https://obo.sh/tags/sanitizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sanitizing</span></a> such links. i.e., in the case of Twitter, you can use the very popular <a href="https://obo.sh/tags/Nitter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nitter</span></a> by just replacing the "twitter .com" with "nitter .net" in the URL.</p><p>If you're on <a href="https://obo.sh/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a>, <a href="https://obo.sh/tags/Fedilab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fedilab</span></a> does this "automagically" for you if you have safe posting enabled.</p><p>If you're on desktop, there's a whole list of similar sanitation tools you can use for <a href="https://obo.sh/tags/Reddit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Reddit</span></a>, for example, by changing the domain in the URL to <a href="https://obo.sh/tags/Teddit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Teddit</span></a> .net and similar tools for <a href="https://obo.sh/tags/InstaSPAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InstaSPAM</span></a>, <a href="https://obo.sh/tags/Quora" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Quora</span></a>, and many others too. For <a href="https://obo.sh/tags/YouTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YouTube</span></a>, you can use <a href="https://obo.sh/tags/Invidious" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Invidious</span></a>.</p><p>A long list of these privacy protecting utilities is provided at:</p><p><a href="https://pussthecat.org/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">pussthecat.org/</span><span class="invisible"></span></a></p><p>And you can install Fedilab from F-Droid too: </p><p><a href="https://Fedilab.App" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">Fedilab.App</span><span class="invisible"></span></a></p><p>You can also install the <a href="https://obo.sh/tags/UntrackMe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UntrackMe</span></a> app at F-Droid for generating safe links when not posting to the Fediverse - desks details are at three Fedilab website above.</p><p>I hope that helps!</p><p><a href="https://obo.sh/tags/tallship" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tallship</span></a> <a href="https://obo.sh/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://obo.sh/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActivityPub</span></a> <a href="https://obo.sh/tags/POSSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>POSSE</span></a> <a href="https://obo.sh/tags/Indyweb_POSSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Indyweb_POSSE</span></a> <a href="https://obo.sh/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://obo.sh/tags/fdroid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fdroid</span></a> </p><p>⛵</p><p>.</p>
IT News<p>The Big List of Naughty Strings Helps Find Those User Input Problems - Any software that accepts user input must take some effort to sanitize incoming da... - <a href="https://hackaday.com/2022/09/10/the-big-list-of-naughty-strings-helps-find-those-user-input-problems/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2022/09/10/the-bi</span><span class="invisible">g-list-of-naughty-strings-helps-find-those-user-input-problems/</span></a> <a href="https://schleuss.online/tags/biglistofnaughtystrings" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biglistofnaughtystrings</span></a> <a href="https://schleuss.online/tags/softwaredevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwaredevelopment</span></a> <a href="https://schleuss.online/tags/sanitizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sanitizing</span></a> <a href="https://schleuss.online/tags/userinput" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>userinput</span></a> <a href="https://schleuss.online/tags/strings" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>strings</span></a> <a href="https://schleuss.online/tags/testing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>testing</span></a> <a href="https://schleuss.online/tags/xss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xss</span></a> <a href="https://schleuss.online/tags/qa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>qa</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload