Pinned toot

When a bug tracker makes me jump through hoops () or the bug tracker is hosted by an unethical service (e.g. MS or []):

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report - APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by th... #podcasts #hacks

@thenewoil @efftoyz BTW, speaking of the Feb.17 version of , it introduced a new bug (which I won't report because it's an MS project): the "--startup" parameter no longer works, thus forcing users to see the Wire window & close it on every bootup.

Google fired another woman working in the ethics of AI... because she was looking into why they fired the woman before her who was working in the ethics of AI.

The single most important feature of any repository is the ability to clone a project. It is the only feature that secures, delivers, & enables users to exercise all software freedoms.

Yet .com's walled garden is so restricted (even moreso than ) that users are not even permitted to clone a project:

This article claims the US was breached - 200 million people compromized. The date of the article was 2020-03-20. Isn't that too soon to have collected the data? Perhaps it's from the 2010 census.

@orbital has started blocking the past few days. I suppose this is why. Docs on how handles @*.onion email addresses would be useful. Riseup claims users can reach @*.onion recipients, but the riseup webmail compose form rejects @*.onion addresses. Apparently users must enter the clearnet addy & hope/expect riseup to convert it to an onion address -- which doesn't work if the receiving svr is onion-only (e.g. ).

i have a die-hard church-going family member who went to church yesterday (in her 70s) & she was the only one wearing a mask. The other 25 unmasked. When asked why she's reckless enough to even show up she said "God will protect me". No doubt the other 25 are thinking the same thing. I wonder how many deaths would trace to religious nuts passing this around.

only loses my email if it's an important msg. Otherwise, no issues. WTF. SG's accounting page shows that a msg was forwarded, yet the msg never makes it to the inbox.

has the .me IMAP server been down for everyone all day today? Even the webmail is apparently down b/c it's dependent on the imap server.

@schestowitz #TorBrowser still throws an unnecessary fit when an SSL cert on an #onion site is self-signed. Then after several clicks to reassure TB that it's not an issue, it still in the end falls over with "secure connection failed.. [try again]". WTF, #Tor devs should know SSL to an onion site is redundant.

would love to use those to supply an sql-injection address to bring down a data broker

Show thread

interesting to see in the RFCs that these characters are permitted in email addresses (apart from +-_): #!%$&*/=?^`{|}~

@imattau @danie10 is a app distributed only as binary & the Android app is exclusively available from the of . When will ppl learn the importance of w.r.t ?

After .com moved into 's walled-garden, I have to chg my email address w/dozens of businesses. These companies all have 'd their contact forms & use broken ESPs, like . And no number. The only way to reach these businesses from the free world is snail mail. WTF. The Internet has become so broken by , CloudFlare, & .

US banks are a kind of law enforcement agency. When you call your bank, they will sometimes ask you questions irrelevant to your purpose for calling: "where do you live? who do you work for? what is your career? what is your annual income?" Treat these questions as if a cop is asking them (hint: don't answer them). They aren't asking for your benefit. It only works against you. is dead, apparently. Where can we search for posts now?

The IRS is also blocking in a misguided measure, so taxpayers who insist on to protect their IP can't get a PIN, thus exposing them to tax return fraud.

Show thread
Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.