Tinker is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Tinker @tinker@infosec.exchange

Need to rip something apart.

Tinker boosted

Hospital security: unsupervised & unlocked computers sitting in an open hallway. Screens showed names + medical data of patients... yuck 😷 t.co/zjsNYwSJmE

Tinker boosted

@tinker @thinkMoult @RyuKurisu I've got a Nexus 5 running the Ubports build right now, but it isn't my daily.

It is a little rough as they're transitioning to 16.04. But shows a lot of promise. If you're new to it, I would wait until after that transition to make a serious evaluation.

Now this is Social Engineering.

Stuttering John live records his vishing (voice phishing / conning over the phone) of the White House.

He actually gets in touch with President Trump on Airforce One.

stutteringjohnpodcast.libsyn.c

Tinker boosted
Tinker boosted

Once again an enormous database of personal info was left unprotected and open to the public. Why is this so hard for these companies with incredible wealth.

wired.com/story/exactis-databa

Tinker boosted

@tinker Agreed, and that would be bad, but I did not perceive that slipperuy slope from reading the announcement -- unless I missed something?

Google does do a lot of good non-surveillance-y support & funding of #OpenSource stuff through #GSoC and their open source programs office. opensource.google.com/

Article Quote:

“We want to ensure that Google apps and services are available to everyone, whether they are using desktops, smartphones, or feature phones.” said Anjali Joshi, Vice-President, Product Management, Next Billion Users. “Following the success of the JioPhones, we are excited to work with KaiOS to further improve access to information for feature phone users around the world.”

Article Quote:

In addition to the investment, Google and KaiOS have also agreed to work together to make the Google Assistant, Google Maps, YouTube, and Google Search available to KaiOS users. These apps have been developed specifically for the KaiOS platform, which is entirely web-based, using open standards such as HTML5, JavaScript, and CSS.

There goes my hope for (a fork of FirefoxOS).

“Google Leads Series A Investment Round in KaiOS to Connect Next Billion Users”

kaiostech.com/google-leads-ser

Tinker boosted

@tinker importing from a torrent/magnet is planned. That would need to add a UDP/TCP/WebRTC client in PeerTube's server, so technically the base to make PeerTube servers seed over these protocols will be there, and implementing it is not out the question.

But the PeerTube web client can only do WebRTC. Don't expect them to seed back to non-WebRTC swarms anytime soon :/

Tinker boosted

It's #FollowFriday! Here are some #alternatives to follow:

@cloutstream CloutStream: An open source federated alternative to LinkedIn, just launched its new website

@Chocobozzz Chocobozzz: Lead developer of #PeerTube, the ethical alternative to YouTube

@Purism Purism: Makers of privacy-oriented computers and the upcoming Librem5 smartphone

@fdroidorg F-Droid: The open source alternative to Google Play

@krita Krita: Open source painting software aimed at artists and illustrators

#FF #FFed

Tinker boosted

I dont accept ads, or aggressive brand/s accts or paid toots (I’ve been approached) but I do support free & #opensource programs. We have some amazing creative orgs represented on the #Fediverse thru :mastodon: #Mastodon’s super-scalable #ActivityPub implementation.

If you havent tried them then you’re missing out (a-z). U have control over ur social & creative lives w #FLOSS

:blender: @Blender
#DarkTable
:gimp: @GIMP
:inkscape: @inkscape
:krita: @Krita
:ubuntustudio: @ubuntustudio
Others?

Tinker boosted

@tinker it gets even better /o\ checked the .bash_history file on the prod file -> mysql -u root -h IP -p
Remote connection to the mysql server is enabled and uess what's the pwd? "toor"!

I swear its the truth /o\

Tinker boosted

@tinker TLDR: no, not yet.

There is not yet an "import torrent/magnet" feature. And then there is the problem that, would the torrent share the same announced trackers, archive.org seeds over UDP/TCP, and not over WebRTC. And the peertube server is not a torrent client (yet?). It only exposes a WebSeed, so it wouldn't help archive.org.

Question concerning :

I want to take old movies that are currently available on archive.org and make a classic movie Peertube instance.

But I don’t want to seed from scratch.

Since archive.org already seeds these movies, can I add their tracker info to my peertube instance? Share the load with archive.org?

(If there’s a better place to ask this question, than the public fediverse, let me know!”

Tinker boosted

That moment when your conducting a pentest, gain access to a development server but not the production one and then you try ssh user@serverIP and it works...

Tinker boosted

Reclaiming RSS

“Before Twitter, before algorithmic timelines filtered our reality for us, before surveillance capitalism, there was RSS: Really Simple Syndication … As we move away from the centralised web to the peer web, it’s time to rediscover, re-embrace, and reclaim RSS.”

ar.al/2018/06/29/reclaiming-rs

#ethicaltechnology

The plot to Casablanca, but instead of Ilsa being married to a freedom fighter, she’s married to a high ranking Nazi.

I get lost in my sockpuppets sometimes. Like when I’m logged into a LinkedIn profile of a fake persona, I get into the InMails and recruiter DMs that I receive.

I get flattered that they want to hire my fake persona. I tweak my profile a bit to show off my best fake skills.

I coyly explain to the recruiters that I am not currently interested in a new opportunity, but that I’ll pass the job req to my fake friends and fake associates.