Just found my weekend project.
This thread is very much worth reading, an interesting way of viewing code. That's patterns I've seen before and fought against.
I wonder, what does it tell about a company culture if the codebase is dominated by the "fearful" coding style?
BCP and DR? Lesson for any business, make plans and test often.
Digital exchange loses $137 million as founder takes passwords to the grave | Ars Technica https://arstechnica.com/information-technology/2019/02/digital-exchange-loses-137-million-as-founder-takes-passwords-to-the-grave/
Systemd - the gift that keeps on giving. Make sure you are patched.
Linux user? Check those patches! Public exploit published for systemd security holes… https://wp.me/p120rT-1Q9m
Twist: Google has a less-gross monitoring app, similar to the one Facebook was peddling. https://techcrunch.com/2019/01/30/googles-also-peddling-a-data-collector-through-apples-back-door/
1. I can not imagine the users, children and teens, have full informed consent.
2. I feel dirty reading this article. No app (maybe antivirus) should install a root cert. This is terrible invasion of privacy and misuse of user trust.
3. No, just no.
Facebook pays teens to download Research app with root access outside App Store Facebook pays teens to download Research app with root access outside App Store https://techcrunch.com/2019/01/29/facebook-project-atlas/
When Apple QA takes a week off.
The more Zuckerberg tightens his grip ( on the truth ) the more users slip through his fingers.
In WSJ Op-Ed, Mark Zuckerberg Speaks Down to Users and Misses the Point
I’m after some advice from the #infosec community, I’ll be publishing #security advised and best practices for regular people in an easy to understand way, mostly via a blog and facebook. I would like to get feedback on what topics, also why that topic. If you know of a great example already please let me know. The aim is to help regular people be more aware of the pitfalls of computers and security, making the internet a safe place for all.
I’m open to all suggestions.
Cloud creep cleanup.
Slowly closing out all the free cloud storage accounts that were the rage 5+ years ago, and merging into a self hosted #nextcloud instance.
I am down to only 1 Google drive, 1 Amazon drive, 1 Box account, 1 AWS Glacier.
How many free clouds are you using?
Would it be weird to let everyone see what you type before you send it? Yeah, totally weird.
Emergency Directive 19-01 - Mitigate DNS Infrastructure Tampering.
The real problem is not the DNS infrastructure but the stolen credentials. Sure, controls can be put in place to measure DNS setting deltas but why are credentials tied to a regular user account in the first place.
Is Privacy a Right?
"What matters is that the right thing to do is work is on tech that gives each of us ways to guard our private spaces and signal to others what's okay and what's not okay."
MITRE Enterprise ATT&CK Framework
Infosec from #boston. Avatar is generic infosec logo; it was that or an evil hacker in a hoodie. Ill think of something better soon.
A Mastodon instance for info/cyber security-minded people.