ᏤⵁŁ₮ƦⵁИł€
- Social Network Prviacy Policies
- https://rentry.co/socialnetworkprivacy
- Keyoxide
- aspe:keyoxide.org:Z6MISNEJ3QUIAD4IZCG2XAS2I4
Musician | Teacher | Nerd
𝘐 𝘢𝘮 𝘩𝘪𝘵𝘵𝘪𝘯𝘨 𝘮𝘺 𝘩𝘦𝘢𝘥 𝘢𝘨𝘢𝘪𝘯𝘴𝘵 𝘵𝘩𝘦 𝘸𝘢𝘭𝘭𝘴, 𝘣𝘶𝘵 𝘵𝘩𝘦 𝘸𝘢𝘭𝘭𝘴 𝘢𝘳𝘦 𝘨𝘪𝘷𝘪𝘯𝘨 𝘸𝘢𝘺.
- 𝘎𝘶𝘴𝘵𝘢𝘷 𝘔𝘢𝘩𝘭𝘦𝘳
Joined Nov 2017
I have been getting variations of this phishing text the past few weeks. This one was sent today. Maybe the next one will be in hex or base64. #cososec
New Tool Shows if Your Car Might Be Tracking You, Selling Your Data
The free tool from Privacy4Cars provides some insight on whether your vehicle is collecting and sharing location and other types of data.
Tell Congress: Don't Outlaw Encrypted Applications
https://act.eff.org/action/tell-congress-don-t-outlaw-encrypted-applications
The technical proficiency needed to properly secure a basic home network is too high.
Most network devices that are mass-market and easy to use have major security risks, either from enabling a lot of stuff you don't need by default or simply having badly written firmware. Or, they are designed to spy on you.
Hey, Cosonauts! If you want to try a great encrypted messenger, come join us on SimpleX Chat. For the #cososec folks - you will find security and privacy features none of the competition is offering.
I made a room for CoSo members if you want to connect there.
nosanitize
I need clarification from the #cososec community on this.
Even if Texiera had access to SIPR with the appropriate clearances for that work, docs like these wouldn't be sent in the clear no matter how secure the network is, because any network can be compromised. They would be sent in encrypted containers, with decryption keys only the intended recipients would have, right?
Too many explanations I'm seeing online don't add up.
Looking for a great encrypted messaging app? A few of us have been kicking the tires on Simplex the past few days and it seems very solid, easy to jump right into, but with deep security options for those who care about such things. Devs are very responsive as well. #cososec
Here is a link to a CoSo group chat I created. Come check it out!
nosanitize
Hey #CoSoSec community! Anyone want to test out this E2EE messenger with me? It has a few interesting aspects I've not seen elsewhere.
nosanitize
The 'Insanely Broad' RESTRICT Act Could Ban Much More Than Just TikTok
Digital rights experts told Motherboard the RESTRICT Act, which may be used to ban TikTok, could impact many other types of services too, including VPNs.
https://www.vice.com/en/article/4a3ddb/restrict-act-insanely-broad-ban-tiktok-vpns
It's not often my network filtering enables access to sites rather than breaking them.
Mrs. V was at a doctor's office using her laptop on the public Wi-Fi in the waiting room. She called to tell me she was getting all kinds of 'your network is not secure' messages from various websites she was trying to use.
I told her to activate the Wireguard app so everything would be run through our home network.
Bingo, access granted.
One thing I hope we can all learn from the revelations of these "private" texts:
SMS should never be considered private or secure communication. Whether by eavesdropping / MITM attack or by court order, everything you send via SMS can be revealed to the entire world, one way or another.
History Channel app stopped working for me a couple weeks ago, where the app loads, but shows play with audio only on a frozen load screen. I knew some domain had probably been added to one of my #pihole block lists, and that was causing this.
So I tried playing some shows tonight while watching the logs to see what's being blocked.
Oh HELL no, I'm not whitelisting all this garbage on my network.
So the workaround is to disable the Pi-hole blocking entirely for just...
1/2
'New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover
With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone.
https://www.darkreading.com/analytics/new-class-bugs-apple-devices-opens-door-complete-takeover
My [spoofed] voice is my passport.
Verify me.
https://www.vice.com/en/article/dy7axa/how-i-broke-into-a-bank-account-with-an-ai-generated-voice
Can we create a CVE reporting system for stupidity?
Given the news about Twitter eliminating SMS-based 2FA for free accounts, it's time to take a look at TOTP generator apps.
It is very surprising to me that so many infosec people are still recommending Google Authenticator and Authy. I would avoid both:
Google is not a company you should trust when it comes to user data privacy. Google Authenticator also does not have an easy way to do encrypted backups for 2FA secrets, unlike the options I will list later in the thread.
1/x
GoDaddy hit again.
Another major breach where the company didn't publicly disclose until months afterwards.
The next round of required cybersecurity training we have to do in my school district is a 45-minute session titled "2023 Kevin Mitnick Security Awareness Training".
Am I supposed to be impressed by that course name?
Can anyone recommend a good call forwarding service besides Google Voice? Free would be preferable, as I don't plan to use it often.
I know I asked this a year or so back but I can't find the responses - it seems that the search function here only works on usernames and hashtags now.
ᏤⵁŁ₮ƦⵁИł€
- Social Network Prviacy Policies
- https://rentry.co/socialnetworkprivacy
- Keyoxide
- aspe:keyoxide.org:Z6MISNEJ3QUIAD4IZCG2XAS2I4
Musician | Teacher | Nerd
𝘐 𝘢𝘮 𝘩𝘪𝘵𝘵𝘪𝘯𝘨 𝘮𝘺 𝘩𝘦𝘢𝘥 𝘢𝘨𝘢𝘪𝘯𝘴𝘵 𝘵𝘩𝘦 𝘸𝘢𝘭𝘭𝘴, 𝘣𝘶𝘵 𝘵𝘩𝘦 𝘸𝘢𝘭𝘭𝘴 𝘢𝘳𝘦 𝘨𝘪𝘷𝘪𝘯𝘨 𝘸𝘢𝘺.
- 𝘎𝘶𝘴𝘵𝘢𝘷 𝘔𝘢𝘩𝘭𝘦𝘳
Joined Nov 2017