ashar boosted
ashar boosted
ashar boosted

#BOFH excuse #452:

Somebody ran the operating system through a spelling checker.

ashar boosted

"Zombie grannies and unintended leaks"

We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast!

Find it in your favourite podcast app now link.chtbl.com/smashingsecurit

ashar boosted

A cat sat atop a tower. A passing knight spotted her and called out:
"Are you a princess, perhaps, a wizard, or dragon?"
"It's a poor cat that cannot be all three."
"Should I then court you, seek your advice, or fight you?"
"A conversation could reveal that, but you bore me."
#MicroFiction #TootFic #SmallStories

ashar boosted

RT @GossiTheDog@twitter.com
Amazing, 7 Eleven launch mobile payment app: a day after launching it attackers stole half a million USD from customers, as the app had no security around password reset (any user could reset anybody else’s password) zdnet.com/article/7-eleven-jap

ashar boosted
ashar boosted
People who can't distinguish between etymology and entomology bug me in ways I cannot put into words.
ashar boosted

periodic reminder that in Polish they say "Nie mój cyrk, nie moje malpy" which means "not my circus, not my monkey" and that is wonderful

ashar boosted

Back when the GNU project was starting, among the first things they rewrote as Free Software were:
- text editor / IDE (Emacs)
- assembler, linker, and compiler
- make

IOW, they made tools that they needed to further develop Free Software without relying on proprietary tools.

They wanted their project to be self-hosting.

Nowadays, we have more free software than ever, but we develop it using github and Discord...

ashar boosted

"Can I fully control my Android phone?": No, you can't.

– in our tests, AFWall+ leaked DNS queries of all apps on the device (including blocked apps), making it easy to determine apps installed on the phone
– updating Android doesn't imply that firmware vulnerabilities get fixed
– apps from F-Droid/Play Store etc. can still leak personal data as shown in our /e/ article
– besides, your proprietary baseband processor, GPS, sensors etc. remain out of control

#android #security #privacy #infosec

ashar boosted
ashar boosted

June 20, 1994 – Paid $1,700 for a used Toshiba notebook computer. Base price was $1,400 plus $300 for a fax/modem PCMCIA card.

It was a heavy mother but I was in heaven.

ashar boosted

5 lessons learned from the matrix.org breach:

infosec-handbook.eu/blog/matri

– purely focusing on technical security causes insecurity
– the cause of the breach isn’t limited to matrix.org at all
– think twice about using any service on the internet
– think twice about running your own server on the internet
– react to any security-related messages

#matrix #serversecurity #vulnerability #lessonslearned #goodpractices #responsibility #webserver #server #infosec #security #cybersecurity

ashar boosted

@quad @bitofhope windows subsystem for linux and dot net core seem to be subtly different than their "absorb and extinguish" strategy

they seem to be intentionally creating a product that's inferior to both of the things it's combining

the idea (presumably) being that they can trick a bunch of people into using these systems

even though their code is woefully inadequate for most purposes, you'll only find that out after putting a significant amount of work into a project

at which point you have two choices: drop what you're doing and start over (which helps Microsoft by wasting their competitors' money) or switch to Microsoft's similar but non-open-source solution that actually has the features you need

ashar boosted

In one corner we have the Master Lock 570, a pin tumbler lock with a dead core (not spring loaded) and 4 security pins. In the other corner we have a snake rake and tension wrench. Guess who wins? (Within 45 seconds, every single time.)

ashar boosted

"What are you doing?"
The princess wiped the sweat off her brow and looked down at the knight.
"I'm building a tower."
"Why?"
"For safety."
"From whom?"
"From knights. No offence."
"You do not need to fear knights!"
"I don't. But my dragon does. This is for him."
#MicroFiction #TootFic #SmallStories

ashar boosted

Question on #OpenBSD vmm: is there a reason whereby the host cannot tell the guests to shutdown when the host shutsdown? e.g. by sending the equivalent of C-A-Del to the console, for example (and C-A-Del mapped to “shutdown -h now”)?

Is there no ACPI “message” one can send the guests about shutting down cleanly?

ashar boosted

"Why are all these people marching," the alien ambassador asked. "Will it make a difference?"
"Maybe, maybe not. But that is secondary."
"So why?"
"Same reason we put the plaque you found on our probe."
"And that is?"
"To say we exist, to ask not to be forgotten."
#MicroFiction #TootFic #SmallStories

ashar boosted

"i hope you go viral" is the new "may you live in interesting times"

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.