Android users can now disable 2G to block Stingray attacks

Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators.

bleepingcomputer.com/news/secu

~Open Source Security Tool of the Day~

log4jscanner

A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

github.com/google/log4jscanner

Email was, and still is today, the most federated, open, and critically important communication system on the Internet.

utcc.utoronto.ca/~cks/space/bl

Let's Encrypt and Certbot making the web a safer place. Now if we could just do something about end-users....

In 2010, EFF launched its campaign to encrypt the entire web—that is, move all websites from non-secure HTTP to the more secure HTTPS protocol. Over 10 years later, 2021 has brought us even closer to achieving that goal. With various measurement sources reporting over 90% of web traffic encrypted,...

eff.org/deeplinks/2021/12/we-e

Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of log4j-scanner, a scanner that helps organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

github.com/cisagov/log4j-scann

With everything going on lately, it's refreshing to see secure open source software at its best.

How to build large-scale end-to-end encrypted group video calls

Signal released end-to-end encrypted group calls a year ago, and since then we’ve scaled from support for 5 participants all the way to 40. There is no off the shelf software that would allow us to support calls of that size while ensuring that all communication is end-to-end encrypted, so we bui...

signal.org/blog/how-to-build-e

This tool allows you to run a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046.

log4shell.tools/

The Log4Shell 0-day, four days on: What is it, and how bad is it really?

If max-severity 0-day hasn't already dampened your Xmas spirit, it likely soon will.

arstechnica.com/information-te

I give @kev one...no, wait, it's almost the holidays...two months before he's back to WordPress. Come back Kev, we miss you. 🤠

Goodbye WordPress, I’ve Switched To Jekyll (Again)

I’ve decided to leave WordPress behind and switch to Jekyll…for a second time. This post explains why…

kevq.uk/goodbye-wordpress-swit

Build distroless images with apk!

Witchery is a collection of tools which can be composed to build distroless images. It is intended to be portable for use with any package management tooling, but is primarily focused on apk-based distributions at the moment, such as Alpine.

It is also designed to be easy to use with any other third-party tooling in a fully composable fashion, e.g. with Docker.

github.com/witchery-project/wi

This is from same developer of Nimbus Notes, a dodgy clone of Evernote

Mozilla has banned the FVD Speed Dial extension and removed it from Firefox - gHacks Tech News

Mozilla has banned the FVD Speed Dial extension from the AMO. It has also been removed from Firefox installs, and users aren't happy.

ghacks.net/2021/11/24/mozilla-

I have to agree with Kev on this point. Tech elitism only does a disservice to the Linux community.

This Is What’s Wrong With The Linux Community

I was recently listening to a Linux podcast and it was the perfect example of what’s wrong with the Linux community

kevq.uk/this-is-whats-wrong-wi

Simple SSH Security

Within a couple of minutes you can improve your SSH security significantly. Here's how.

disknotifier.com/blog/simple-s

I guess that's how Emacs tries to win over VIM

GitHub - qdot/deldo: Deldo is a sex toy control and teledildonics mode for Emacs

Deldo is a sex toy control and teledildonics mode for Emacs - GitHub - qdot/deldo: Deldo is a sex toy control and teledildonics mode for Emacs

github.com/qdot/deldo

I personally use Vivaldi on Android, but Firefox is another great alternative.

It's time to dump Chrome as your default browser on Android

Jack Wallen makes his case for Android users to switch from Chrome as their default browsers. He also shows you how.

techrepublic.com/article/its-t

Show older

Scott Mortimer's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.