Any hints on how to report McAfee security vulnerabilities? I tried the official process documented under https://www.mcafee.com/enterprise/en-us/threat-center/product-security-bulletins.html but my mail to firstname.lastname@example.org didn't trigger the automated response. And email@example.com bounces.
There is a redirect set up for security.txt on http://mcafee.com domain but it points to a non-existent file of course...
In case anybody considered Amazon Echo an exception: no, Google Assistant sends audio recording to the "cloud" and now we know for sure that Google employees can listen in: https://twitter.com/mikko/status/1149025136173113344. Big surprise.
If you ask me...
The visible change: sync should now work with any server supporting remoteStorage protocol (https://remotestorage.io/). The bigger but rather hidden change: sync protocol requires even less trust in the storage provider now, no tampering with the data should succeed.
Previous screenshot shows a minor improvement: website name is a link now. Here is one more: you can copy the user name from the password menu. Oh, and you can navigate both the password list and the password menu with arrow keys: https://pfp.works/documentation/keyboard-navigation/
And the six months transition period actually took 16 months... I finally implemented the last migration step for #PfP towards stronger crypto, all the old stuff is gone for good now. Lots of backwards compat code removed.
I think I'm down overhauling user interface for #PfP, it looks good now. A few changes to core functionality and this can be released.
So the specialty of #VPNMentor is apparently creative email #spam? Got a mail today trying hard to look like it was sent by an unaffiliated private person when it was clearly automated. Not the first time they did it either: http://spam.tamagothi.de/2018/10/10/quick-question/
Stumbled upon a malicious Facebook ad. The add promises a funny quiz and links to hallo-quiz [dot] com. That site will then redirect you to fimepobala [dot] com which shows the supposed quiz (only visible with the correct referrer). #infosec
Quite remarkable statistics of a private #bugbounty program. So one report got the maximum $5000 bounty, and around 21 others got rewarded around $250 on average. The other 765 reports didn't receive any bounty at all. Worth contributing?