FYI, when sharing a link, check if the following are present in the URL
#sm.( followed by random string)
These are “engagement trackers” and they can reveal your source for the URL
Consider the #privacy implications if you include them. They’re not needed for the website you’re visiting to actually show you the content
We, you and I, have a chance to fix this. We, you and I, can rebuild and repair.
- Make user friendly (not user hostile) devices and software
- Write documentation
- Refuse to buy tech that *we* can render safe to use, but that the average user can't
- Support people that do things correctly financially whenever possible.
I’ve wanted to give up after every site was seized! I wanted to give up after my cc issue! I wanted to give up ..today! But instead, i told myself “I am worth it! I’m worthy of my desires, dreams, and hopes!” I have ppl that idek rooting for me & that is such a beautiful feeling to be in a community where you know you’re not alone! 💋
This is the most dystopian shit I've seen in a while:
Google and Microsoft are pushing websites to replace passwords with their fingerprint scans and facial recognition.
This shit pisses me off to no end.
Corporations working at lessening peoples security while increasing surveillance.
We had a working, standardized solution for the creation of TLS client certificates with <keygen> and SPKAC – and not only did those motherfuckers kill a good thing we had, they are actively trying to shovel a patently flawed and dangerous solution down everyones' throat.
Had a blast teaching at my friend’d group. Walked through what hacking into a corporation and person looks like. Then taught tools to prevent those hacks.
Had normal folks downloading and using password wallets, multifactor authentication, and Signal very quickly.
A couple deleted some choice public facebook and twitter posts :P
Oh my Eris!!!! @jerry ’s Defensive Security Podcast just posted!!!!
(I know who’s reading my bedtime story tonight!!! ::rolls tongue:: )
Today is home lab clean up day.
Then I’m teaching hacking and security to an adult hobbyist group (that isnt focused on hacking or security).
Strong breeze. Overcast. Birds are out and singing.
It’s a good day.
This also ignores the MASSIVE vulnerability from FB/Twitter apps.
Apps mean not only are you giving those companies your posts, but also your call logs, possibly SMS data, details of all the other apps on your phone, phone number, contact details, usage data, full social graph, detailed location data, ability to read phone storage, microphone access, access to your calendar, activity recognition (are you walking, driving etc), view network connections, etc etc
Hey here's something about the Fediverse that some people don't take into account:
I see on "hacker" "news" that there is currently discussion about Scuttlebutt and the very clever opinion is that oh no, distributed social is worse than FB/Twitter because nothing is stopping BigScaryCorp from scooping up all your public posts.
Ignoring the fact that you can very easily have a locked account or even one that has public AND non-public posts... 1/
Google Dork of the Day:
Sites with Trace.axd (e.g. (link: http://domain.com/Trace.axd) domain.com/Trace.axd) store all web requests here. Go through it. Cookies, Site Requests, etc.
Is it a login page?
- Look for POST requests! You will find Usernames and Passwords in the clear!
Regarding our recent outage. You can find an official statement below. The last documented time Cloudflare terminated services was when they terminated the account of a white supremacist website last year. We are waiting on answers.
Cloudflare Just Banned a Social Media Refuge for Thousands of Sex Workers https://motherboard.vice.com/en_us/article/8xk78x/switter-down-cloudflare-banned-sex-workers-sesta-fosta