“An attack by a malevolent human adversary...requires that we recognize the capability of the human adversary to adapt and thus eventually defeat the security system.”

- Design & Evalutation of Physical Protection Systems. M. L. Garcia

Safety:
Operation of systems in abnormal environments, such as floods, earthquakes, and accidents.

Security:
Systems used to prevent or detect an attack by a malevolent human adversary.

“It is useful...to recognize that a fire has no powers of reasoning, while adversaries do.”

- Design & Evalutation of Physical Protection Systems. M. L. Garcia

Tinker boosted

@tinker @uranther Exactly this. A lot of times, it’s hindsight, which would be too late

There are still only a few viable mitigations for “person with thumb drive”, none which are particularly appealing if you want to preserve that access for folks who really need it

Meanwhile, a fly on the wall is worth 20,000x its weight in gold, but only when used the right time

Tinker boosted

@tinker Today, I was at a Public Storage facility and noting some similarities and attuning to their #PhysSec.

One technique they use that seems applicable to #infosec is the multiple uses of a keycode at the external entrance, internal entrance, and elevator; that's followed by one cylinder lock and possibly another padlock.

Every time you have to authenticate to reach the next deepest layer.

Tinker boosted

@bob So the Linux Technical Advisory board is comprised entirely of men and includes representatives of surveillance capitalists Facebook and Google.

:thisisfine:

Also, thank you to everyone who suggested places to buy phone batteries!

Repair and Refurb all the way!

‪New battery for my old phone project...‬

‪Remember when you could replace the batteries on your phone?‬

Tinker boosted

@cosullivan I should consider the offerings on @tinker ‘s site. He has a few lovely tutorials on using bash to skim data on Linked in, which after studying had me understand nicely the potentials and uses of grep for economizing mayhem, etc.

Anyone have suggestions on where to buy replacement batteries for smart phones (that isnt Amazon)?

I’m fixing an older motorola (Droid 4 / Photon Q).

Tinker boosted
Tinker boosted

Finally, I am slowly moving from the proprioatery #Medium platform to the much more interesting looking #Plume.

Very excited to expand #fediverse content!

Tinker boosted

A few stats about the beta launch:
- the announce at Medium/Hackernoon has been accessed more than 50,000 times
- e.foundation website is receiving visits from most of countries in the world.
/e/ is global, people want more privacy in their digital life.

Tinker boosted

For those interested in leaving Apple and Google, and reconquer their privacy, the first beta of /e/ is here for download and testing! Happy flashing.

#/e/Foundation #privacy #android #google #apple

medium.com/@gael_duval/leaving

Tinker boosted

So Alpine Linux has a pretty serious set of vulnerabilities because

- It doesn’t download packages over TLS, making them prone to MitM. Which on its own isn’t terrible but it also...

- Doesn’t check hashes before extracting to root (!)

- And uses custom gzip code which is vulnerable to arbitrary code execution (!!)

#Infosec

justi.cz/security/2018/09/13/a

Tinker boosted

I actually built a little toy service (that I will also eventually open source) which converts any RSS feed to an ActivityPub actor that you can subscribe to in Mastodon (or any other AP-compatible client).

Play with it if you like! It is SUPER rough and most feeds end up horribly rendered in Mastodon but it's still kinda cool to see it work: bots.tinysubversions.com/conve

Tinker boosted

@tinker famous last words before sirens go off in the distance, a small fire starts smoking and someone is sitting in a corner sobbing?

Tinker boosted
@tinker heads up

the quectel ec25 modem performed well

tested on Kolbi in Costa rica. the USB adapter was prone to hiccups but overall the modem itself performed very well

TY for the post and find. Saved my buttocks at least once ;)

‪My home lab has become ruin through months of neglect.‬

‪Today I shall clean and organize it.‬

‪This will be a good day.‬

Tinker boosted

My top 10 people who's toots I favorite are:

@cypnk (46)
@tildetown (37)
@m455b (30)
@tinker (27)
@TheGibson (24)
@selfsame (20)
@dansup (20)
@emsenn (19)
@Siphonay (18)
@RussSharek (16)

I guess these should be my #FFED #FollowFridayEveryDay

Found these numbers with this tool:

t5.codesections.com/

Great work @codesections !

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.