helma, to security Dutch
@helma@mastodon.social avatar

De scheurkalender van dinsdag 4 juni gaat over pseudomiseren.

(SURF Security & Privacy Scheurkalender voor het onderwijs)

SomeGadgetGuy, to windows
@SomeGadgetGuy@techhub.social avatar

It just clicked in my brain. What I haven't been able to articulate about why I'm so anxious about Recall. I'm sure others have already gotten to where I am.

It's worse than "a system that tracks everything you do" and stores that info in a basic database that could be easily compromised.
It's worse than a nanny surveillance tool for companies to spy on their employees.

It's inescapable.

It doesn't matter if I make a dozen "how to disable recall" tutorials. The second YOUR data shows up on someone ELSE'S screen, it's in THEIR recall database.

It won't matter if you're a master expert specialist. You can't account for EVERY other computer you've ever interacted with. If a family member looks up an old email with your personal data in it, your data is now at risk.

If THEIR system is compromised YOUR data is at risk.

I just went from "vague feeling of unease" to "actively writing templates to canvas elected officials, regulators, and attorneys general."

Nonilex, to egypt
@Nonilex@masto.ai avatar

Israel’s Seizure of Border Zone Strains Ties With Egypt

Israel defied ominous Egyptian warnings & took control of the , but the reaction from , which wants to maintain its cooperation with , has been muted.


https://www.nytimes.com/2024/06/03/world/middleeast/egypt-corridor-israel-gaza-border.html?smid=nytcore-ios-share&referringSource=articleShare&u2g=c&pvid=4A38271E-6F65-4323-B102-319D99B5C17F&sgrp=c-cb

sjvn, to linux
@sjvn@mastodon.social avatar

Nasty Linux Bug, CVE-2024-1086, is on the loose https://opensourcewatch.beehiiv.com/p/nasty-linux-bug-cve20241086-loose by @sjvn

The patch for this hole came out in January, but in June, the attacks are hitting now. Here's why & what you can do.

ErikJonker, to security
@ErikJonker@mastodon.social avatar

The coming Olympic games in Paris must be a prime target for many terrorists. Many state and non-state actors are motivated to sent a message i think. It must be an incredible difficult job for the people responsible for security. To be prepared for anything and be able to handle different scenarios. In ancient times people stopped fighting during the olympics, those days are gone sadly.
#olympics #paris #security #terrorism

sjvn, to security
@sjvn@mastodon.social avatar

Malicious Package 'Pytoileur' Targets Windows and Leverages Stack Overflow for Distribution https://securityboulevard.com/2024/05/malicious-pypi-package-pytoileur-targets-windows-and-leverages-stack-overflow-for-distribution/ by @sjvn

This latest poisoned Python code used Slack Overflow to advertise itself. Happy, Happy, Joy, Joy!

dethos, to security
@dethos@s.ovalerio.net avatar

"GitHub recommends to pin an Action to a full length commit SHA as it is currently the only way to use an Action as an immutable release.

Still, only 2% of GitHub repositories fully embrace this security best practice!"

https://pin-gh-actions.kammel.dev/

#security #github #githubactions #supplychain

dominiksteiger, to random German
@dominiksteiger@swiss.social avatar

#MicrosoftRecall

Microsoft Recall, the perfect panopticon.

https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e

HistoPol,
@HistoPol@mastodon.social avatar

@dominiksteiger

#Security nightmare:

#Microsoft’s new #Windows11 feature, #Recall, makes the #SciFi movie #TotalRecall almost look like a fairy tale by comparison.

Everything you ever saw or wrote on your device, even if deleted, will remain in definitely remain available and searchable for users of the device, including #hackers.
Opting out requires work.

Also, in my view, I doubt that it is #GDPDR compliant in its current form.
Beware.

Excellent analysis:

https://swiss.social/@dominiksteiger/112551118126679215

br00t4c, to security
@br00t4c@mastodon.social avatar

'He was ready to judge you': TSA searches passenger's bag after going through security. He can't believe what he finds

https://www.dailydot.com/news/tsa-finds-spam-carry-on/

br00t4c, to security
@br00t4c@mastodon.social avatar

Is the New 'Recall' Feature in Windows a Security and Privacy Nightmare?

#post #security

https://tech.slashdot.org/story/24/06/02/190205/is-the-new-recall-feature-in-windows-a-security-and-privacy-nightmare

jakub, to security
@jakub@jirutka.cz avatar

I noticed that #Zed automatically downloads a NodeJS binary from nodejs.org without asking or even informing the user about it. Right after starting it and opening a file, without doing anything else. Then it installs some packages from npmjs via npm. And there’s no option to disable it.

THIS IS ABSOLUTELY UNACCEPTABLE! I can’t stress enough how bad this is from #security point of view. And not just that, consider users on metered connections

#ZedEditor #cybersec #Rust
https://github.com/zed-industries/zed/issues/12589

SomeGadgetGuy, (edited ) to tech
@SomeGadgetGuy@techhub.social avatar

Early Access on Patreon: Android Location Trackers are FINALLY shipping!
https://www.patreon.com/posts/pebblebee-and-105412292

I ordered these LITERALLY a YEAR AGO to the day, and they JUST ARRIVED!
Apple stalled the Google location tracker network for as long as they could, but now we FINALLY have some competition for AirTags!

#tech #technology #apple #privacy #security #airtag #google #android #chipolo #pebblebee #bbtg #geek #gadget #gadgets #newtoys

piofthings, to microsoft
@piofthings@mastodon.social avatar

Nicely done @GossiTheDog https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e #Microsoft #Recall #Privacy #Security

kubikpixel, to rust
@kubikpixel@chaos.social avatar

«Methods Should Be Object Safe»
– by @noracodes

🤔 https://nora.codes/post/methods-should-be-object-safe/


helma, to security
@helma@mastodon.social avatar

Be scanned or be banned (from normal internet use): "Despite a nicer-sounding name, it would still be the mass scanning of the private communications of people who are not suspected of any crime even in E2E encrypted environments. Technology and cybersecurity experts have repeatedly warned that this cannot be done safely and securely – putting at risk the private communications of activists, journalists, young people, businesses and even governments!"

https://edri.org/our-work/be-scanned-or-get-banned/

pitrh, to devops
@pitrh@mastodon.social avatar

Friends, is the fact that the Humble bundle that has my "The Book of PF" along with a number of other good titles, the "Dive into DevOps" bundle https://www.humblebundle.com/books/dive-into-dev-ops-no-starch-books has sold more than 8,000 bundles and made more than CAD27,000 for the charity a cause for celebration or should I hold off until we see rounder numbers?

Anyway the bundle runs until June 10th 2024, so get your clicks and cards ready!

myfear, to security
@myfear@mastodon.online avatar

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity. https://github.com/infosecB/awesome-detection-engineering
#Security #software

nixCraft, to privacy
@nixCraft@mastodon.social avatar

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e #privacy #security #infosec #windows

br00t4c, to security
@br00t4c@mastodon.social avatar

'Directly threatening': Alito's security parked in front of liberal neighbor's home amid dispute

#security #supreme

https://www.alternet.org/alito-security-neighbor-dispute/

br00t4c, to DaftPunk
@br00t4c@mastodon.social avatar

Snowflake denies miscreants melted its security to steal data from top customers

#house #security

https://go.theregister.com/feed/www.theregister.com/2024/05/31/snowflake_breach_report/

GrapheneOS, to privacy
@GrapheneOS@grapheneos.social avatar

GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 115 released:

https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-115

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/13147-gmscompatconfig-version-115-released

majorlinux, to linux
@majorlinux@toot.majorshouse.com avatar

Patch your systems if you haven't already!

Federal agency warns critical Linux vulnerability being actively exploited

https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/

#Linux #Vulnerability #CISA #Tech #Security #InfoSec

ente, to security
@ente@mstdn.social avatar

In case you missed it, we now have a BEAUTIFUL website dedicated to Auth @ https://ente.io/auth

💜

video/mp4

smallcircles, to foss
@smallcircles@social.coop avatar

Advocating for to adopt a OSS-first approach and use as their example of a secret store integration in upcoming RFC implementation..

https://github.com/wasmCloud/wasmCloud/issues/2190#issuecomment-2141124236

@linuxfoundation projects are already seen as overly corporate, and sticking as much as possible to at least and preferably even in docs + elaborated examples would help to not further reinforce that notion.

smallcircles,
@smallcircles@social.coop avatar

And great news. #Wasmcloud discussed the issue and decided:

  • #HashiCorp #Vault will not be the reference implementation.

  • Wasmcloud looks forward to presenting #OpenBAO as one of their main integrations once it reaches GA.

  • The awareness that Vault constitutes "faux-pen source" made Wasmcloud implement automated license checks.

Read the details in this comment on the RFC:

https://github.com/wasmCloud/wasmCloud/issues/2190#issuecomment-2143021790

@linuxfoundation

#WebAssembly #wasm #security

skykiss, to Bulgaria
@skykiss@sfba.social avatar

Fascist Russia cut undersea communications cables.

Nothing to see here. Just perfectly normal russian bottom trawling back and forth repeatedly just on top of the main fiber optic internet cable between Svalbard and the Norwegian mainland.

The sabotage of the #Nord Stream 1 and 2 pipelines in the #Baltic Sea shed new light on two incidents in the Norwegian Arctic involving the cutting of communication cables.

https://www.highnorthnews.com/en/nord-stream-pipeline-sabotage-mirrors-svalbard-cable-incident

#EU #nato #Norwegian #Uk #warfare #sabotage #RussiaIsATerroristState

video/mp4

skykiss, (edited )
@skykiss@sfba.social avatar

The russian bottom trawling back and forth repeatedly on top of the main fiber optic internet cable between and the mainland.

Russian ships drop anchor on top of communications cables and drag the anchor over the cable, is this normal?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • ngwrru68w68
  • everett
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • rosin
  • GTA5RPClips
  • Durango
  • Youngstown
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • provamag3
  • ethstaker
  • osvaldo12
  • tester
  • cubers
  • cisconetworking
  • mdbf
  • tacticalgear
  • modclub
  • Leos
  • anitta
  • normalnudes
  • megavids
  • lostlight
  • All magazines
    •