bcl @bcl@infosec.exchange
bcl
boosted
During this pandemic it is more important than ever to be able to speak out and share information online, but Egypt's government is retaliating against journalists who report on COVID, and arresting others for seeking information about prison conditions https://www.eff.org/deeplinks/2020/06/egypts-crackdown-free-expression-will-cost-lives
“Enhance your calm”
bcl
boosted
Starting with Chrome 80, its sync functionality will encrypt your data properly - as long as you set a passphrase. This still isn't the default however.
Firefox Sync design has been better from the start. No progress here unfortunately. #crypto #appsec
https://palant.info/2018/03/13/can-chrome-sync-or-firefox-sync-be-trusted-with-sensitive-data/
bcl
boosted
Oh my, this is rather bad. Now I'm busy figuring out whether I use GnuTLS anywere...
bcl
boosted
Telegram has some nice client software and services, but I wouldn't use it if I were you.
"The default messages and media use client-server encryption during transit. This data is also encrypted at rest, but can be accessed by Telegram developers, who hold the encryption keys."
bcl
boosted
🎉 Time to update: Tor Browser 9.5 is out now.
This Tor Browser release is focused on helping you understand and use onion services.
bcl
boosted
When ISPs or governments block access to Tor, our users rely on bridges to connect. With BridgeDB, we tackle the problem of how to get bridges to censored users while making it difficult for censors to get all bridges.
BridgeDB version 0.10.1 is out now: https://blog.torproject.org/new-release-bridgedb-010-1
bcl
boosted
Trump's Executive Order will force hosts of our online speech to toe the government line. This is an assault on free expression: https://www.nydailynews.com/opinion/ny-oped-the-president-vs-internet-freedom-20200528-sh4m5legjjf4xivdztfvdl2xwq-story.html
bcl
boosted
Every time I see people complaining about GitHub being down and they not being able to get work done or deploy I feel like giving a talk (and putting it on YT) - without any irony or sarcasm - „this is how diff - email - patch“ works.
Most people are using a DECENTRALISED version control system but never had to use or understand the first word. We are missing out on a powerful feature because we centralised on a platform :(
When chmodding /dev/ nodes using readlink always remember to use -n!
Zoom buys Keybase. I guess that's one less thing to trust :/
Today I spent way too much time learning that if your #golang project contains multiple packages, and you want good coverage reports, you need to do this:
go test -v -race -covermode=atomic -coverprofile=coverage.txt -coverpkg=$(go list ./... | tr "\n" ",") ./...
bcl
boosted
For those who might be interested:
bcl
boosted
In case you missed it: the best possible thing to watch while you're stuck inside! Watch many, many hours of entertaining and educational talks from #LibrePlanet2020 on our Mediagoblin page -- made and shared entirely with free software: https://u.fsf.org/31p
bcl
boosted
Whoever came up with the term „social distancing“ should be ashamed. The correct term is physical distancing IMHO. We should collectively stop using the „social distancing“ term from now on.
bcl
boosted
Ok - registrations on infosec.exchange are now closed. All members should have the ability to send an invitation to people who might like to join. The intention is not to close off the site to anyone who legitimately wants to use the site - even if just to lurk. But, no spammers, please.
