Having an AI ("Windows Recall" is enabled by default) that tracks every move you do on your computer and of course has no filter (Microsoft's own FAQ clearly states it will remember every password you type) is idiotic. But Tech bros are frothing at the mouth for anything AI so here we are.
Going through this excellent book by Shaun Pinner, much recommended! There’s many lessons to learn from this book but from my #infosec angle there are a few. Firstly, always keep an off-line maps app on your phone (I use OsmAnd). As a test — switch on airplane mode and try to survive for a day. Can you still navigate from point A to point B? Secondly, keep your social media profiles friends-only access. Thirdly, don’t keep any passwords in memory - it’s a bad practice from security point of view anyway, but I never thought about the interrogation angle. A password manager locked with biometrics and PIN and random passwords everywhere will prevent you from finding yourself in situation where you’ll be begging your interrogators to check another password because you might have remembered wrong.
This summer I am hoping to sit down after #DEFCON and spin up my RTMP restreamer probably using AWS so I can get around to finding someplace to setup an Owncast account, not sure if I want to run my own server as that's a lot of work.
I plan to simulcast to Owncast, Twitch, Youtube, and Tiktok at the same time. And then merge all the chats on the same screen on my Linux box so I can see all of the chat on one screen. #Infosec#Cybersecurity#Gaming#GamingonLinux
So tomorrow is going to suck I need upgrade my PfSense firewall and apparently there is a bug that requires a reinstall to get it fixed as the partition was too small. Then I can get around to setting up @protonprivacy and @bitwarden but I am keeping @keepassxc for the TOTP MFA, because I don’t want to store those in the same password manager. Also rotating all passwords and setting up new Yubikeys then migrating from Ledger to Trezor #infosec
#Infosec#Twitter is dead, why do people still insist on being on that platform? It's lost its relevance, and all the best people in Infosec have moved here to #Mastodon or another #Fediverse app.
I feel like most of those still on Twitter are more worried about appearances and keeping their follower numbers than keeping and growing a great community.
(Go ahead, argue with me. Whatever notional safety you're adding by making sure every email and Teams chat from me comes from “Maximilian" doesn't outweigh the many annoyances this causes me and my colleagues, and if you think it does you've proved my point.)
On/around 27th May 2024, the traffic from Azerbaijan to www.bbc.com & www.bbc.co.uk reduced by over 80%.
Looking at our data, I can see that the vast majority of traffic in Azerbaijan comes from AS29049 (Delta Telecom) which is their majority ISP according to Wikipedia.
OONI says tests were passing as recently as 28th May from AS29049 but there's definitely something going on...Unsure exactly what.
(the gap in AS29049 is a GeoIP data migration) #Azerbaijan#Censorship#InfoSec
Any recommendations for moving away from #gmail? Preferably somewhere that isn’t gonna implement #AI for #email? Can’t use my ISP’s email cos we want to change away as soon as OpenReach do their thing
:quotesL: Because we leverage Microsoft’s #Bing technology to power some parts of this feature, the Microsoft Privacy Statement will apply to any personal data you may input into the input box for the AI-powered takeaways feature, as well as any personal data included in any Bing provided results :quotesR:
I just went through my #linux tier list on #Twitch and I know I will get some hate for this. Yes Hannah Montana Linux deserves S tier there is no debate.
Those two months of taking a break from content creation on tiktok and Twitch kind of hurt my savings for my projects as I have a separate bank account for all this.
I would really appreciate new Twitch and Tiktok subscribers and I have some items for review that I purchased that I will give honest reviews to, but also tips/donations are always appreciated
I don't recall which #infosec person inspired me to create a security/cyber policy page on our company website, and security.txt files on our apps, but I am glad we did.
We received our first vulnerability notification email last night and it was fixed today. Grateful for the white hats out there. 🙌
I really want to make a career in the #InfoSec field. Security is my passion. I haven't yet decided which role I'd like to get involved in. All I know so far is that Malware Analysis isn't for me. I'm interested to hear from folks in the field who are #ActuallyAutistic, have #ADHD, or both. What roles have been a good fit for you? I'm guessing that Incident Response would be far too high stress, but I could be wrong about that. Boosts appreciated. #NeuroDiverseSquad#AuDhd#AskingAutistics
Well it looks like the memory is in fact bad on my Windows box I use for OBS and streaming. I will run to mIcrocenter tomorrow and pick up new RAM which will also be an upgrade. They have a 64GB Crucial kit for like 50% off and only $20 more than the 32GB kit, not that I need 64GB but it will be more breathing room for multitasking when streaming.
So I will hopefully stream tomorrow afternoon reinstalling Qubes OS on the Purism Librem 14.
I am a run-of-the-mill Android-phone-Windows-desktop-Gmail-user but now I'm in the process of transitioning from Gmail and using Duck Duck Go to research how to set up a Linux desktop.
Oh, and also now Signal-curious.
What is this place? Some kind of privacy cult LOL?
NIST turns to IT consultants to clear National Vulnerability Database backlog
🤔
"According to the agency's statement last week, it hopes to reach its pre-February processing rate of CVEs within the next few months. NIST predicted it should be caught up and back to processing current CVEs by the end of the fiscal year."
I just received a moderately interesting #scam call.
The phone rings.
It's a New York Number (I'm in NYC) with "New York NY" as its CID.
I answer and say hello, and hear a couple seconds of silence and then the blip sound indicating I've been transferred from the bulk dialer to a live person.
The person who says hello has a strong Indian accent and I can hear other people talking in the background. #infosec#privacy#telemarketing
1/4