@danyspin97 @Shamar

Besides, redirecting from HTTP to HTTPS is a flawed idea.

The browsers should always try HTTPS first, and only if it doesn't work, try HTTP.

If they MITM your first connection, they can downgrade you to HTTP in both approaches.

If there's HSTS, the you type link w/o scheme, and you get MITMed on _second_ connection, you're protected in both approaches.

The approach w/o redirect saves a round-trip and increases support for older devices.

Apparently at least one major government had an insider working undercover at Twitter:

nytimes.com/2018/10/20/us/poli

It doesn't really matter if Twitter is trustworthy or not, simply having a vast amount of personal data in one place is going to attract spies from all sorts of organisations that wish to misuse it.

This is why decentralisation is important, to make it technically more difficult to invade people's privacy.

#Privacy #Twitter

@FlyingLawyer this is a somewhat common question without a great answer. Ransomware itself rarely exfiltrates - I’m not aware of any that actually does. When you think about it, exfiltration complicates, and likely breaks the commodity ransomware business model. Not to mention that most computers and company networks have much more data that can be easily exfiltrated on some reasonable timeline. That means exfiltration would have to be targeted to certain files/types. However...

bug permitted the CD key for ANY to be provided without the account holder owning any of these titles. I would have loved 36,000 copies of Farm Simulator 😂
zdnet.com/google-amp/article/s

Bug Bounty Hunter Ran ISP Doxing Service as a double life. Reporting bugs and collecting the rewards on one hand whilst selling services underground exploiting those very vulnerabilities krebsonsecurity.com/2018/11/bu

This is an excellent reason why you do not undertake attacks and publicise your taunts on social media. Old mate here is up for 10 years prison for hitting EA and Sony
bleepingcomputer.com/news/secu

US Cyber Command begins uploading samples to to share with the community. No attribution, no politics. Just raw samples to bolster collaboration with the community. Great start to a professional relationship
zdnet.com/google-amp/article/u

Old mate in thought he could maximise his mining revenue by moving his 8 rigs to the school he heads. He made it a year without being caught. Dismissing complaints of high bills with the classic excuse of AC use 😂
bbc.com/news/amp/technology-46

An unidentified group has reverse engineered 's latest patch on servers and as a result exploiting unpatched devices for potential future use as watering holes or for hosting .
zdnet.com/google-amp/article/a

I don’t want to maintain your account. I just want to validate that you have an account.

But there is not an account provider I trust.

So I guess I’m back to email addresses and maintaining a password database.

In case you missed it, there's a non-technical explanation of federation/decentralisation on switching.social:

switching.social/federated-sit

It's aimed at people who have no prior knowledge. If you know someone who is confused by how a decentralised platform works (for example Mastodon compared to Twitter), you might want to send them this link.

#Decentralisation #Decentralization #Federation #FederatedNetworks #Fediverse

@ekaitz_zarraga @Shamar

The most harmful thing I see about a blockchain is it's energy consumption and need for expensive technology where some lower tech solution would be less harmful and better suited.

We need to reduce the amount of data centers in this world. Adding halls of hash cash playing machines does not help that.

This is a beautiful guide for anyone looking to conduct in-office training. Several strong points about password management, social media and practical demos. Highly recommended for the c suite appeal
minutehack.com/opinions/why-se

trials their gait recognition system with accuracy up to 50 metres away. Sounds like a great way to catch criminals without facial recognition or a way to enable further mass
techcrunch.com/2018/11/07/chin

Facebook's Portal speaker is now on sale and the company claims it definitely won't spy on you. Can't wait to see the first cases hit the courtrooms 😂 mashable.com/article/facebook-

Bill Gates, the man behind , brings us a jar of poop at a toilet conference. Talk focused around water-less toilet technology. That's one way to get the audience going 😂 gizmodo.com/bill-gates-showed-

AT&T will cut off service for customers who distribute content. This is a bold move for an internet service provider in the fight for theverge.com/platform/amp/2018

'Almost All' Pakistani banks were with lots of personal information stolen in addition to the standard pilfering of account funds. The national intelligence body is labelling it an external attack it.slashdot.org/story/18/11/06

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.