LastPass breach gets worse by Drewski in Security

[–]iamonlyoneman 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

my my, the things we avoid by using local backups and memorable passphrases instead of password managers. Remote computing users are basically asking for trouble though.

LastPass breach gets worse by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

U.S. airline accidentally exposes ‘No Fly List’ on unsecured server by TheRealPanzer in Security

[–]JasonCarswell 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

TL;DR.

Is it worth sharing the list to counter tyranny?
Can we torrent / share /propagate the list?

Android TV box on Amazon came pre-installed with malware by SoCo in Security

[–]Brewdabier 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

It's Amazon crap, they only sell counterfeit goods.

Android TV box on Amazon came pre-installed with malware by SoCo in Security

[–]SoCo[S] 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

I can't say I didn't expect 80% of obscure electronics from foreign countries to be full of malware...

with an AllWinner T616 processor,

Sounds like a Raspberry Pi

To avoid such risks, you can pick streaming devices from reputable vendors like Google Chromecast, Apple TV, NVIDIA Shield, Amazon Fire TV, and Roku Stick.

Avoid Chinese malware, get highly trusted US malware!

Threema Messenger billed as better than Signal is riddled with vulnerabilities by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Rackspace says hackers accessed customer data (of their antiquated hosted email services) during ransomware attack by SoCo in Security

[–]SoCo[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I guess one is left to wonder if "27 Hosted Exchange customers’ emails", means 27 email accounts....or 27 customers, some of which had thousands of email accounts.

It seems slapping a regex filter in front of an insecure public facing request processing service might be a sloppy excuse for a fix on Microsoft's part, as this simply side-stepped their fix from a couple months prior.

Passwords are weaker than you believe by TheRealPanzer in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

If people start using these passphrases too much, then password crackers will just prioritize dictionary brute forcing with dictionaries based on popular passphrase generator word pools. Then, each word is as useless as a single character in a password.

Create a complex password system only you know and you can memorize, so you can have a different password for every account, which can be rotated on a regular bases, and never have to put all your security in one basket with a password manager or use a security defeating short-cut like the passphrases. If done correctly, you should be able to make paper notes, that no one else can decipher, in case your memory falters.

Apple fixes ‘actively exploited’ zero-day affecting most iPhones by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

How North Korea’s Hackers Became Dangerously Good by Drewski in Security

[–]Drewski[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

TSA now wants to scan your face at security by TheRealPanzer in Security

[–]iamonlyoneman 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

how about fuck you? I was driving since before 9/11 because "security" at airports was an offensive joke back then. this is just not happening with me and i hope the cities of the nation jump on board the 'no biometrics' bandwagon even more with this news

ETA: this is really dunking on the low-information "security" employees at TSA who obviously suck at their jobs.

Consider Disabling Browser Push Notifications on Family and Friends Devices by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Lastpass says hackers accessed customer data in new breach by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Accidental $70k Google Pixel Lock Screen Bypass by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

"Anyone running an (Mastodon) instance can see your hashed password and all user data, read all of your DMs and take over your account." by TheRealPanzer in Security

[–]SoCo 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

The same is true for Facebook, Twitter, everything centralized. The only difference with Mastodon, being federated (ie somewhat decentralized), is that you have to trust your pod/instance, but not all of Mastodon.

Big Tech is Demanding Our Personal Cell Phone Numbers but No One is Talking About it. by raven9 in Security

[–]iamonlyoneman 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I set up my life so i interact with people IRL and make phone calls to find out how they're doing. You should try it some time.

Big Tech is Demanding Our Personal Cell Phone Numbers but No One is Talking About it. by raven9 in Security

[–]raven9[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Maybe not to you, but then are you elderly and therefore only minimally involved in society?

If you were actively part of todays modern generation you would understand that almost EVERYTHING in todays society requires a social media presence.

You would understand that most young people do not want to be excluded while all their friends and family, partners etc are all interacting on social media.

You would understand that they do not want to be left out of the loop while all their work collegues share information and discussion in their company's own social media groups.

You would understand when people meet for the first time and exchange social media links no one wants to be the loner weirdo that says they don't do that.

Therefore when the tech corporations hold their users social media accounts to ransom in demand for their phone number it is like like putting a gun to their head. It is saying you either give us your phone number or we will prevent you from participating in all of the above. You will be a pariah excluded from the rest of society. A second class citizen depersoned and deplatformed.

Patch OpenSSL on November 1 to avoid “Critical” Security Vulnerability by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Big Tech is Demanding Our Personal Cell Phone Numbers but No One is Talking About it. by raven9 in Security

[–]IkeConn 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I don't use social media platforms. Fuck them and the horse they rode in on.

Big Tech is Demanding Our Personal Cell Phone Numbers but No One is Talking About it. by raven9 in Security

[–]iamonlyoneman 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

zero of those are mandatory to use

Linux Foundation, Not ‘Supply Chain’ Nonsense, is Becoming the Biggest Threat to Linux Security and Computing Security (It’s Deliberate) by TheRealPanzer in Security

[–]x0x7 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

I'm going to need to see more than that. Two screenshots of two headlines and a small comment does not an article make.

Now you are going to just tell me I'm uninformed and don't get why it matters. That's what an article is supposed to do.

Serious vulnerabilities in Matrix’s end-to-end encryption have been patched by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Security Threats of Public Wi-Fi - Is It Just Fearmongering? by TheRealPanzer in Security

[–]FuckYourMom 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

These kinds of attacks require hardware, software, and often reap bad results. Also, isn’t the internet encrypted these days? Password typing is no longer viewable to a middle man attack because of end to end encryption. Is that correct?

The most secure cloud is your computer by TheRealPanzer in Security

[–]jet199 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

This is why I only use the cloud to store sensitive documents I've stolen, never my own stuff.

The most secure cloud is your computer by TheRealPanzer in Security

[–]iamonlyoneman 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

Lame title, but yeah

BrandNewTube (2022) Database - Leaked, Download! by [deleted] in Security

[–]JasonCarswell 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Thanks.

The funny thing about it is that I was emailed as one in that database.

You are correct. I should have found and linked articles about the breach, not pointed to it.

BrandNewTube (2022) Database - Leaked, Download! by [deleted] in Security

[–]JasonCarswell 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

The funny thing about it is that I was emailed as one in that database.

You are correct. I should have found and linked articles about the breach, not pointed to it.

BrandNewTube (2022) Database - Leaked, Download! by [deleted] in Security

[–]magnora7 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

Yeah I think that was a good removal vulptex, it's a database of other people's passwords that were leaked. Articles about the database would be fine, but I see no reason to continue the propagation of stolen personal data. Thanks for removing and then deferring to me if I wanted to reinstate, good approach, much appreciated.

BrandNewTube (2022) Database - Leaked, Download! by [deleted] in Security

[–]Vulptex[A] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

I'm pretty sure this is illegal so I'm going to have to remove it and let u/magnora7 review it. It could contain private information as well.

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug by Drewski in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Sounds like a recklessly lame vulnerability to have and only feasible to exploit because their whole design was weaksauce.

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs or by another hidden technique. by TheRealPanzer in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Usually you use rkhunter and configure it to also use unhide as part of its checks.

The world's best password advice by TheRealPanzer in Security

[–]x0x7 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

The real best password advice would be to put nothing on the internet you can't afford to lose or have somebody access.

I should really cancel my bank account or get one without an online access.

The world's best password advice by TheRealPanzer in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I've advocated the formula method for years. Redditors trying to sell or promote password managers usually would just dog-pile and mass-report me when I said it.

One great feature of this, is that you can write your password down on paper or a text file too. Knowing your formula, allows you to write it down in a way that doesn't include or elude to the whole password. It's just a few letters of nonsense to anyone else. Add yearly password changing to your formula for regular rotation and you are golden.

Biggest password security failure of 2022: Using Character replacements like P@$$W0rd

Come on, its not 1990 anymore, every low quality tech college has been telling kids to do this poorly thought out trick for a decade and a half. It's easy to get around and mostly avoids adding any actual additional complexity to your password, because of it.

When you learn to crack password, the limitations become more clear. Automated tools already try silly character replacements and other cracking tools allow you to do so easily with rules and character sets. (I'm thinking of hashcat)

Complete guide for the paranoid user by TheRealPanzer in Security

[–]TheRealPanzer[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

You have to disable JavaScript to view this site.

Firefox & AppArmor hardening - Custom rules by TheRealPanzer in Security

[–]TheRealPanzer[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Firefox & AppArmor hardening - Custom rules by TheRealPanzer in Security

[–]TheRealPanzer[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

His whole site is down at the moment ...

Firefox & AppArmor hardening - Custom rules by TheRealPanzer in Security

[–]JasonCarswell 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

Not Found
The requested URL was not found on this server.
Apache/2.4.51 Server at www.dedoimedo.com Port 443

Wi-Fine - it is fine to use public Wi-Fi by TheRealPanzer in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Public Wi-Fi is still the biggest security risk most people will stumble upon. Having all your traffic sniffed leaves you hoping that every website you go to with an account didn't screw up....like they all seem to do over and over.

That non-https secret hashed address link doesn't do much good if some meth head with a laptop is sniffing all the Wifi traffic. On someone else's Wifi, your chances of using DoH successfully is pretty low. Why have an open Wifi, if you aren't blocking all DoH and DNS, so you can funnel all through your own DNS and collected massive sensitive user data! The opportunities on an open-Wifi are abundant for reset tricks, HTTPS downgrade attacks, MiM stuffy stuffs...

Then, devices leak more information than ever about you! They run so very many useless services you'll never use, by default! Bonjour!

You must trust the open Wifi operator 100%, because they have you by the ball bearings! They can MiM all your crap, record everything, and profile you better than a Amazon, Cloudflair, and Google tag-teaming your Mom's every online usage into a virtual profile with the Internet security breaking side-channel attack of a Cloudflair DDoS protection Recaptcha box.

You are also at the mercy of targeted attacks as well, while on that Road Warrior network. Time to spray your teeth with silver paint and get crazy!

I'd say, at least use a junk VPN or proxy, if you are to use such an insecure party line as an Open Wifi.

More Pixel 6a owners find that any fingerprint can unlock the phone by TheRealPanzer in Security

[–]Drewski 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Don't use any biometrics to secure your phone, unlike a password the 5th Amendment does not apply and you can be compelled to unlock your device.

Router Security by TheRealPanzer in Security

[–]IkeConn 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

If it's Made in China it is not secure.

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us by TheRealPanzer in Security

[–]HiddenFox 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Would a BOIS flash with a new HDD at the same time work?

I would also think a hash for the UEFI code and some way to compare it so you can check for mods in the code.

After reading more of the article it seem to be very limited in use and requires a lot of investment to get it working. I doubt it is a mainstream attack or ever will be. Also the researchers believe (in one case anyway) that the motherboard itself was modified before even shipping to the customer. IMO this looks like something government would do to target specific people of interest. But hey, who knows, anything is possible.

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us by TheRealPanzer in Security

[–]iamonlyoneman 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

Use hardware that's airgapped and never online?

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us by TheRealPanzer in Security

[–]Drewski 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

This is nuts, how do you even defend against this type of attack?

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us by TheRealPanzer in Security

[–]raven9 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 3 fun -  (0 children)

Exactly. I was just about to post, 'it's not a rootkit it's a feature'.

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us by TheRealPanzer in Security

[–]SoCo 7 insightful - 3 fun7 insightful - 2 fun8 insightful - 3 fun -  (0 children)

Everyone could tell UEFI was a totally dumb nest for permanent root kits. It just made the already popular root-kitting of firmware convenient and standardized.

Mega says it can’t decrypt your files. New POC exploit shows otherwise. by TheRealPanzer in Security

[–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

The new POC showed that probably, before MEGA fixed it, that they could have, if intentionally trying to for a long enough period of time, while you had logged in several hundred times.

Then, they explained, once they have your master key, you're kind of boned in many ways.

This, using a technique, malleability of RSA, that is largely under-mentioned for websites that display user content.

All Chromium browsers store passwords and sensitive data in clear text in memory by TheRealPanzer in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

"In memory" LOL

If that's your bar for good security, there are thousands of issues like that on your computer right now.

All Chromium browsers store passwords and sensitive data in clear text in memory by TheRealPanzer in Security

[–]iDontShift 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

here they tell you they are aware and are not interested in fixing it

the reason is because they say you must trust the local user.

i say they are full of shit, as later in the very same answer they tell users they could use encryption on their entire harddrive.. and pretend as if encrypting your passwords would be a waste of time.

All Chromium browsers store passwords and sensitive data in clear text in memory by TheRealPanzer in Security

[–]sox-lox 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

based Google, just move it around in memory with every release and don't fix it

All Chromium browsers store passwords and sensitive data in clear text in memory by TheRealPanzer in Security

[–]yelgy 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

reported

NSA Swears It Won't Allow Backdoors in New Encryption Standards by Drewski in Security

[–]Drewski[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Well yeah, they wouldn't just lie to us.

NSA Swears It Won't Allow Backdoors in New Encryption Standards by Drewski in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Well, if the government says they won't, we can rest easy. cough

NSA Swears It Won't Allow Backdoors in New Encryption Standards by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Researchers Identify ‘Master Problem’ Underlying All Cryptography by Drewski in Security

[–]magnora7 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 1 fun -  (0 children)

IMO all cryptography is based on "this is harder to break with current technology than you have time for".

The moment the technology changes, so must cryptography change.

Researchers Identify ‘Master Problem’ Underlying All Cryptography by Drewski in Security

[–]Drewski[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Lupinia Studios - I'm a Scam Prevention Expert, and I Got Scammed by Drewski in Security

[–]Drewski[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

North Korean hackers exploit Chrome zero-day weeks before patch by Drewski in Security

[–]raven9 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

If they say its N.Korea, Iran, Russia or Anonymous, it means its the NSA/CIA using back doors that were built into the worlds computer systems by microsoft and intel.

North Korean hackers exploit Chrome zero-day weeks before patch by Drewski in Security

[–]Vulptex 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

It's always North Korea

SentryPeer - a distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot by TheRealPanzer in Security

[–]IkeConn 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Sounds like a souped up version of Fail2Ban.

"I can probably hack your password in MINUTES!" by TheRealPanzer in Security

[–]suzew 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

sounds like something a neckbeard reddit hacker would say

Public CDNs Are Useless and Dangerous by infocom6502 in Security

[–]infocom6502[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

A mysterious threat actor is running hundreds of malicious Tor relays by Drewski in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

WOW. Time to start running our own nodes, guys.

Apple's disregard for security and privacy is mind-boggling by [deleted] in Security

[–]Node 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

But what would you do for a computer if Apple died? Afaik, your only other choices would be a Frankenstein hodgepodge of components, running an OS from the evil empire, or the tinkerers dream OS.

Both of those would be like moving from a beautiful beach town to a place like Detroit or Chicago.

Secret terrorist watchlist with 2 million records exposed online by Drewski in Security

[–]raven9 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

If the list is accurate most of them are members of the government and the CIA.

Apple's disregard for security and privacy is mind-boggling by [deleted] in Security

[–]raven9 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Resistance is futile. The day Steve Jobs died Apple was assimilated into the corporatocracy.

GitHub Kisses Passwords Goodbye by [deleted] in Security

[–]raven9 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

The security of any account login is only as strong as it's lost password options.

Apple's disregard for security and privacy is mind-boggling by [deleted] in Security

[–]IkeConn 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

It was only a matter of time until they shot themselves in the foot. I would love to see this company die.

Large batch of high score Vulnerabilities in Mozilla Firefox are disclosed. High risk for government, businesses, and targeted individuals who use Mozilla open sores. by infocom6502 in Security

[–]raven9 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Mozilla == NSA

Vulnerabilities == back doors

VisibleV8 allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs by [deleted] in Security

[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

nice, it's about time somebody did this! good website and a nice read.

How to keep your smartphone safe from spying by [deleted] in Security

[–]IkeConn 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Don't download a shitload of apps is a great start.

Facebook is reportedly trying to analyze encrypted data without decrypting it by [deleted] in Security

[–]IkeConn 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

I purposely send encrypted files just to fuck with the NSA and other fuckers. I encrypt bullshit files and then send them to folks inside texts and emails. If you are an NSA fuck and you spent a week decrypting Granny's biscuit mix then I caught you in my trap.

JavaScript will probably ruin your life. Disable it, block it, and stay safe from the most common vector of malware infection. by [deleted] in Security

[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

A plugin that could act like a black box to log all dynamically uploaded JS would be incredibly useful in tracking malicious JS. Has anyone thought of developing this and putting it out there?

A Western Digital Vulnerability is Being Actively Exploited to Wipe Connected Devices by [deleted] in Security

[–]Drewski 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

As if we needed another reason to avoid the Internet of Things.

Irish police to be given powers over passwords by Drewski in Security

[–]x0x7 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

We should really get rid of passwords. Signing a phrase is not hard to do, and is way more secure.

How governments and spies text each other: Matrix has become the messaging app of choice for top-secret communications by Drewski in Security

[–]hennaojichan 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I'd guess that Israel has eight ways to Sunday of getting any telephone transactions in the US."No, we're not listening. Promise."

How governments and spies text each other: Matrix has become the messaging app of choice for top-secret communications by Drewski in Security

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

He and fellow co-founder Amandine Le Pape started working on the project in 2014, as employees of Israeli technology company Amdocs.

See also https://en.wikipedia.org/wiki/Amdocs#Controversy

What is Lacking in Linux Security and What Are or Should We be Doing about This by [deleted] in Security

[–]MacRace 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

You post very good

What is Lacking in Linux Security and What Are or Should We be Doing about This by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

You are welcome.

What is Lacking in Linux Security and What Are or Should We be Doing about This by [deleted] in Security

[–]Gaydolf_Titler 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Just wanted to tip my hat to you for all the great content you've shared, Panzerfaust. Top poster on this platform, imo.

How to Enable Account Security for your Consumers by ameliagrey100 in Security

[–]Airbus320 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

Feed nana

How to Enable Account Security for your Consumers by ameliagrey100 in Security

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Thx!

How to Enable Account Security for your Consumers by ameliagrey100 in Security

[–]Airbus320 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

u/theameliamay this user a spammer

Google’s Project Zero Finds a Nation-State Zero-Day Operation by [deleted] in Security

[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

yup the feb 2020 and oct 2020 campaigns.

i'm very skeptical it was anti-terror in nature. it's probably newspeak for a terrorism operation.

i much wonder who the targeted groups were.

Cloaker.mobi - a simple in-browser file encryption by [deleted] in Security

[–]jykylsin2034 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Nice

Cloaker.mobi - a simple in-browser file encryption by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Snort is an Open Source network intrusion prevention system capable of performing real-time traffic analysis and packet logging on IP networks. by [deleted] in Security

[–]dissidentrhetoric 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

You can use snort on pfsense. Works well.

Flatpak - a security nightmare by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Can We Stop Pretending SMS Is Secure Now? by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

But without a plausible justification your phone numbers database would grow slower.

Hetzner Cloud Firewall by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Spectre exploits in the "wild" by Drewski in Security

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Can't justify endless income without endless updates, eh.

New Browser-Tracking Hack Works Even When You Flush Caches or Go Incognito | Ars Technica by [deleted] in Security

[–]thoughtcriminal 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

favicons

they're going to corrupt every facet of web browsing until we're all reading the news through a text only terminal sent by email through tor. RMS was right all along.

How to Choose a Secure Password in 2021 by jackforbes in Security

[–]Alan_Crowe 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

$ cat /dev/random | strings | more
<Dq*
-!BV}
%WZ+w

FBI and Europol Shut Down 'Bulletproof' VPN Service That Helped Criminals by Drewski in Security

[–]FediNetizen 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I was trying to figure out what cause they would have to seize and shut down a VPN service, but then towards the bottom it mentions they also offered hosting. Now it makes more sense.

A Security Flaw Could Send Your Dick to Jail Forever by [deleted] in Security

[–]chadwickofwv 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Wow, that product has abusive girlfriend/wife written all over it. Anyone who buys this should be investigated for sexual abuse.

Boom! Hacked page on mobile phone website is stealing customers’ card data by [deleted] in Security

[–]x0x7 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Boom!

Any encryption backdoor would do more harm than good. by [deleted] in Security

[–]Drewski 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Haha nah it's all good keep doing what you do.

Any encryption backdoor would do more harm than good. by [deleted] in Security

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Sorry about that.

Pick some other sub for posting.

:)

Any encryption backdoor would do more harm than good. by [deleted] in Security

[–]Drewski 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Great posts here lately panzer, everything I go to share something you've already posted it ;)