Show more
Jerry Bell boosted

I was on Paul's Security Weekly in early January. Here's my interview segment. I was actually on the whole show, which went 3+ hours...

youtube.com/watch?v=wjLEZxzuda

I’ve been in IT for decades, worked as an industrial engineer, programmer, sysadmin, network engineer, and now in . Being selective makes sense, but I like my electronic locks, Nest thermostats and doorbells, i can turn my air compressor on with my phone, and find OpenWRT to be more trouble than its worth (ubiquiti unifi all the way).

Smart speakers seem a bit much, though.

Jerry Bell boosted

“After leaving her job at the NSA in 2014, Lori Stroud worked as a contract intelligence operative for the UAE. Stroud, now living in an undisclosed location in America, said the mission crossed a line when she learned her unit was spying on Americans.” Photo by Reuters/Joel Schectman

reuters.com/investigates/speci

Jerry Bell boosted

An interesting note on the ex-NSA mercenaries working for the United Arab Emirates story: the third party software they used to easily root iPhones via iMessage sounds very similar to exploits described by Lookout researchers at when they recently exposed an unnamed nation state's attempt to purchase spying tools (and named the names of the vendors selling those tools). Point is, these 0-day phone exploits are available to the highest bidder.

reuters.com/investigates/speci

Jerry Bell boosted

1. I can not imagine the users, children and teens, have full informed consent.

2. I feel dirty reading this article. No app (maybe antivirus) should install a root cert. This is terrible invasion of privacy and misuse of user trust.

3. No, just no.

Facebook pays teens to download Research app with root access outside App Store Facebook pays teens to download Research app with root access outside App Store techcrunch.com/2019/01/29/face

Jerry Bell boosted

What a bug... FaceTime lets you call another iOS user and listen to their microphone briefly without them even answering 9to5mac.com/2019/01/28/facetim

Jerry Bell boosted

For people that are into , here's a blog with some useful resources. I regularly update it. If you have good resources that are missing please contribute!
medium.com/@john.opdenakker/so

Jerry Bell boosted

So as my second is breaking already I need something new
(Or better used )
The graphics should be preferably compatible to

I use it mostly to SSH into other systems and for a Webbrowser and

I would be able to spend a maximum of 200 EUR

Feel free to boost

The fediverse apparently adds a dimension that was missing from twitter: the ability to argue about implementation details of the underlying code and protocols and why I will affectionately call “rage forks” (though I haven’t seen any come to fruition yet).

Jerry Bell boosted

Looks like I missed out on some mastodon/Pleroma compatibility drama. What’s going on?

Jerry Bell boosted

Anyone on Masto going to this year? I'll be scuttling around the briefings.

Jerry Bell boosted

Not strictly related, but this is a very big deal. The main hurdle facing the plaintiffs' bar on these suits was this standing/injury issue. If your company has been playing fast and loose with data...you may want to get on top of that. capitolfax.com/2019/01/25/supr

Jerry Bell boosted

Hi All

I’m after some advice from the community, I’ll be publishing advised and best practices for regular people in an easy to understand way, mostly via a blog and facebook. I would like to get feedback on what topics, also why that topic. If you know of a great example already please let me know. The aim is to help regular people be more aware of the pitfalls of computers and security, making the internet a safe place for all.

I’m open to all suggestions.

Thank you

P.S. you don’t have to connect your new smart TV to the internet. Get a roku or Apple TV or use a Pi.

Jerry Bell boosted
Jerry Bell boosted

What on *earth* could Jenny Radcliffe be describing in the new episode of "Smashing Security" out tonight (Weds 7pm EST, Midnight UK)?

Subscribe in your favourite podcast app to make sure you don't miss out.

smashingsecurity.com/subscribe

“No good deed goes unpunished” is my life today 😕

Jerry Bell boosted

Emergency Directive 19-01 - Mitigate DNS Infrastructure Tampering.

cyber.dhs.gov/ed/19-01/

The real problem is not the DNS infrastructure but the stolen credentials. Sure, controls can be put in place to measure DNS setting deltas but why are credentials tied to a regular user account in the first place.

Jerry Bell boosted

*sigh* GDPR compliant shredder? Visitor cards? Oh well, I'm quite sure someone will buy it because of that, but ..... theregister.co.uk/2019/01/22/g

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.