Show more

Just 24hrs with Pi-hole protecting my home network. That's a lot of DNS activity.

Users: "We want multidevice, always-on, end-to-end encryption, like OMEMO."

Telegram: "Here you have Image Search."

Users: "That's nice, but we'd really like to have encryp..."

Telegram: "Hey, we have new stickers!"

Users: "But good crypt..."

Telegram: "Chat Backgrounds."

So much for strong German privacy laws.

"Meanwhile, it added, Germany's Telecommunications Surveillance Ordinance (TKÜV) obliges providers to "provide the technical infrastructure necessary for carrying out telecommunications surveillance and to take the organizational measures necessary in this regard to ensure that surveillance can be implemented without undue delay".

Log-free email provider Posteo: 'You must log user IP addresses', court rules (ZDNet)

57% of IT workers who get phished don't change their password behaviors

Despite the wide-ranging effects of the Facebook data privacy scandal, only one-fifth of people are concerned over privacy issues related to social media use, according to a Yubico study.

57% of IT workers who get phished don't change their password behaviors - TechRepublic

I hope to see some beneficial outcomes from this project that shame IoT manufacturerers into producing secure devices.

Japanese government plans to hack into citizens' IoT devices | ZDNet

Japanese government wants to secure IoT devices before Tokyo 2020 Olympics and avoid Olympic Destroyer and VPNFilter-like attacks.

Japanese government plans to hack into citizens' IoT devices | ZDNet

"If you don't know how to code, learn - like planting a tree, the best time to start was ten years ago, but the second best time is now. If your technical competence is ten years out of date, don't cling to your hard-won kingdom of decaying knowledge and sabotage any attempts at change: get out and pick up a certification, attend a meetup, something. Anything. At the end of the day, we're all self-taught engineers."

How sloppy OPSEC gave researchers an inside look at the exploit industry

“Those government developers were testing out the WhatsApp malware on their own devices, and it was storing their discussions on the program’s servers.

The nation-state essentially had hacked itself and accidentally dumped highly sensitive information on the open internet—including details of its interactions with the secretive vendors who sell spyware to governments.”


If there's anything natural element that looks like it's been made by an advanced alien civilization, it's crystallized bismuth.
Seriously - it's like the fairies that used to live in mushroom circles now live in a post-singularity society.

Who’s Really Behind the World’s Most Popular Free VPNs?

Half of the world’s most popular free VPN apps are run by secretive Chinese companies. Find out what’s really happening to your data.

Who’s Really Behind the World’s Most Popular Free VPNs?

Microsoft tries to take on the Chromebook once more

Will the third time be the charm, or will Windows Lite join Windows 10 S and Windows RT as failed Windows variations?

IMHO, this is mainly due in part to people and organizations getting motivated about secure communication after the Snowden NSA leaks.

WTF... For some reason I was certain that encrypted swap on Linux needs some complicated setup...

In reality, you just need cryptsetup, a line in /etc/crypttab that has the "swap" attribute and uses /dev/urandom as source for an ephemeral key (swap doesn't usually need to survive reboots), and then point your swap entry in fstab to the resulting device mapper device.

See cryptsetup FAQ, 2.3 How do I set up encrypted swap, or the CRYPTTAB(5) man page.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.