bcl @bcl@infosec.exchange

Zoom's encryption has some major flaws, is "not suited for secrets", and Zoom has servers in China generating meeting encryption keys for users in other countries, Citizen Lab researchers discover https://theintercept.com/2020/04/03/zooms-encryption-is-not-suited-for-secrets-and-has-surprising-links-to-china-researchers-discover/ (by me)

Today: there are new #prohibitionOrcs. Seriously. Blog post to follow.

https://amzn.to/33ZVDLS

anyone want a copy of Undertale or World of Goo? I have a spare Steam key for each that came in this week's Humble Bundle

boosts+

If you are using Zoom, stop.

https://theintercept.com/2020/03/31/zoom-meeting-encryption/

Lots of folks are maintaining a thin shell of calm over a warm gooey center of freaking the hell out. It's coming out in weird, tangential ways. Folks getting mad over irrelevancies and minutiae.

Empty your lungs. Breathe in. Be patient with your friends. We need each other.

Ladies and gentlemen, I present… THE NETWORKOMICON. https://www.barnesandnoble.com/w/the-networknomicon-or-snmp-mastery-michael-w-lucas/1136684485

As the COVID-19 outbreak forces most companies to collaborate remotely, more people are turning to tools like Zoom. If you’re using Zoom, you may want to be aware of these concerning privacy practices. https://protonmail.com/blog/zoom-privacy-issues/?utm_campaign=ww-en-2a-mail-coms_com-pm_blog_post&utm_source=twitter.com&utm_medium=link&utm_content=zoom_&utm_term=tw_post_1

Tor 0.4.2.7, the third stable release in the 0.4.2.x series, backports numerous fixes from later releases, including a fix for TROVE-2020-002, a major denial-of-service vulnerability that affected all released Tor instances since 0.2.1.5-alpha. https://blog.torproject.org/new-releases-03510-0419-0427

Also a few weeks ago I started "The Missing Semester of Your CS Education," a free course published by MIT. It's meant to teach "proficiency with [computer science] tools" and I've learned some new things about the shell. 100% recommend. It includes videos and text https://missing.csail.mit.edu/

No Starch Press Humble Bundle, coding starter kit.

https://www.humblebundle.com/books/coding-starter-kit-no-starch-press-books

Chelsea Manning has been released, but she was fined $1,000 for each day she refused to testify.

Those fines now total approximately $256,000, and she's been ordered to pay them.

Help her out: https://www.gofundme.com/f/help-chelsea-pay-her-court-fines

With all the talk of hand washing and avoiding face touching, this is a great illustration of how easily something like a cold can spread, thanks to an old Mythbusters episode.
https://www.youtube.com/watch?v=3wPKBpk7wUY

I know we all heard of the Seti@home shutdown last week, but there is a new viable project. Folding@Home has been around for nearly as long as SETI@Home, but they have turned their efforts toward speeding up research toward treatments to battle COVID-19.

If you have spare cycles, I would ask you to consider spending them here.

Thanks.

https://foldingathome.org/2020/02/27/foldinghome-takes-up-the-fight-against-covid-19-2019-ncov/