Show more
Jerry Bell boosted
Jerry Bell boosted

These phones cost $50 in China and are total fakes. But also total fakes preloaded with malware. The iPhone is especially remarkable, just from the highly modified version of Android it's running. Credit to Afilias for showing these off.

I am about to instance block freefedifollowers.ga. Anyone know what is up with them?

Jerry Bell boosted

Is it better to fight to be a CISO, switch to be a senior consultant, or start my own journey in my own company?

Ok, media for infosec.exchange is now served by Wasabi. Let's hope it keeps working

Jerry Bell boosted

Dou you use a centralised authorisation authority (, , ), Users deployed with your configuration management[ ](per system ) or network wide or do you manually add users to your systems ? For your "home" network? For your workplace?
Feel free to RT

I’m staring at a putty terminal scrolling files uploading to Wasabi at ~20Mbps, which has been running for several hours now. It occurs to me that infosec.exchange just passed its second year, meaning I’m seeing two years of memes streaming by.

If you’re interested in helping out, I pay about $350/year to host infosec.exchange, not including my time. I have about $30/year in donations. You can donate here: liberapay.com/Infosec.exchange

Note: don’t feel bad about not donating. The service will still be here. I am fortunate to be in a position to provide the service. But I get the angry stare from my wife now and then when she asks me about the charges 😂

For those wondering, infosec.exchange has about 2 million media files taking up about 110GB of space.

Here ye citizens of infosec.exchange:
I am in the process of rehoming the media files for this instance to the Wasabi cloud storage service. There may be some funkiness as I’m flying without a net (though I have plenty of backups).
This is the first step in moving to a new server, likely to happen in a few weeks.

Thank you for your patience.

I've tried to keep registrations on infosec.exchange open, however it's clear that there's a lot of bot registrations - mainly from mail.ru and yandex.ru. I've blacklisted those domains (sorry) and may disable registrations.

Jerry Bell boosted
Jerry Bell boosted

Soooooo, who's going to be at Black Hat? Because I'll be there for the first time and I'd love to meet some InfoSec folks!

Jerry Bell boosted

Blog post: 8 methods for bypassing cameras and facial recognition software - medium.com/@hungrybytes/8-meth
Reading: 5 min
Published: 07/26/2019

Jerry Bell boosted

@jerry Looks great. And I think I am going to invest in a new fan as well. My current one is too loud for my taste. What is the temp when you play HD videos?

Currently use Raspbian on mine. What are you using?

Jerry Bell boosted

Umm....because it's a huge target, the keys to the kingdom, and because they can? Is that a TL;DR?

inforisktoday.com/hackers-abus

Jerry Bell boosted

US residents:

Jump on the Equifax leak claim wagon. You get $125 in the settlement, automatically. ALSO, you can be compensated at the rate of $25 per hour for time spend remediating their fuckup, and only have to provide documentation if you spent more than 10 hours unfucking them. The official claim site is equifaxbreachsettlement.com/

Jerry Bell boosted

A new NDA contract, intended to be offered by privacy-respecting websites to their users: writing.kemitchell.com/2019/07

The creator hopes that it will do for privacy-respecting Terms of Service what Creative Commons did for free-licensed content—serve not just as a contract, but as a readily recognizable shorthand for desirable terms.

Jerry Bell boosted

also, let's say i want to set up a fediverse-related web app, which is very narrowly-scoped, so it won't be popular. how do i find out if someone actually uses it? is it ok to add analytics from a 3rd-party service (which isn't google analytics)? is it ok to save data on my server? and what data is ok? country and sha256 hash of ip address? i could make a big red warning before executing the tracking code!

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.