Jerry Bell @jerry@infosec.exchange
- Protonmail
- jerry@bell.st
Admin
Yeah, that Jerry Bell.
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: @maliciouslink
#infosec #security #llamas
Joined Apr 2017
Jerry Bell
boosted
Jerry Bell
boosted
Apple sued because two-factor authentication... oh, I give up.
https://www.grahamcluley.com/apple-sued-two-factor-authentication/
Jerry Bell
boosted
Well, it finally happened to me: My very own creepy Facebook moment.
But I don't even use Facebook.
https://www.brainonfire.net/blog/2019/02/17/my-own-creepy-facebook-surveillance-moment/
TL;DR: Facebook account I opened 8.5 years ago and never used receives "recommendation", out of the blue, to check out a small store I only just learned existed and started patronizing.
(That account: No phone number, no friends, no profile info, sort-of-fake name, dedicated email address. Me: No smartphone, didn't pay by credit card.)
Jerry Bell
boosted
Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus
It's that time again! Yes, another Tabletop D&D episode is upon us! This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters. Let's just say this particular episode is not for the faint of heart, and w
@maxeddy they had to take a parting shot.
Jerry Bell
boosted
InfoSec Guy, looking for Security Champs to connect :)
Jerry Bell
boosted
runc container breakout PoC
https://github.com/feexd/pocs/blob/master/CVE-2019-5736/exploit.c
(via Frank Denis on birdsite)
@loke in any event, you’re right. We should try to find a fundamentally more secure method than needing to look inside encrypted network flows.
In other news, exactly what is wrong with EU parliament these days? (Re #copyrightdirective)
Jerry Bell
boosted
Calling all #Fediverse admins of instances in the #EU. The #CopyrightDirective is coming, we need to show the MEPs how massively the EU Internets will be affected.
We are preparing a list of all EU-based #Pleroma, #Mastodon, #GNUSocial, #Peertube, #Funkwhale, and any other instances.
Please *contact me*. All I need is the domain name, which EU Member State it's located in, and the rough topic of the instance. Approximate user count welcome, but not necessary.
Please help. This is important.
Jerry Bell
boosted
It does not matter if your instance is small. It does not matter if your instance is not run for profit.
You *will* be affected by the #CopyrightDirective.
Your instance being on this list will help us make that point.
@loke it’s a good question, and it does make sense to segment workstations from other parts of the network, but even so, regardless of placement, there is an implicit level of trust placed on the integrity of those workstations. Qubes is a great idea, and I hope it becomes useful one day. MS is working on a similar model, which will likely be more usable in enterprises using hyperv
Jerry Bell
boosted
So I was listening to Defensive Security Podcast today, and they were talking about the problem of Enterprise wanting to MitM traffic, which can be problematic sometimes.
Isn't the root cause that end-users have access to the corporate network in the first place. Shouldn't users be outside, and always assumed to be compromised?
Or let users access the Internet via secured VM's (a bit like what Qubes does).
Speaking which, I didn't realise that infosec.exchange was managed by @jerry
@Re4mstr load. They have a huge number of accounts, and had a recent flux of porn accounts.
Jerry Bell
boosted
Brief look at #logs - SNARE, BSD, LEEF https://medium.com/@hannahsuarez/brief-look-at-logs-snare-vs-bsd-vs-leef-9bc9ce7e2672
@rysiek @TheGibson @Gargron @eloisa seems like the US-based lobbyists are on holiday in Europe recently. I’ll see if I can track some instance owners down. Is there clarity on how they expect this to apply to non-EU sites?
@fallenhitokiri while true, I have to say the pictures out of the Xs are noticeably nicer than any phone I’ve used before.maybe make them just a bit thicker. Would also not need the lens bump then.
@JohnsNotHere I’ve made some valiant attempts...
- Protonmail
- jerry@bell.st
Admin
Yeah, that Jerry Bell.
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: @maliciouslink
#infosec #security #llamas
Joined Apr 2017
