varx boosted

What are the best methods to protect against phishing?

We are currently dealing with a lot spear phishing attacks and I sum up methods to shrink the risk. Would appreciate any help and will gladly share my results in the end.

varx boosted

Action Fraud? Inaction Fraud.

In recent months serious questions have been raised about whether victims of cybercrime are getting the support they deserve from the UK’s national fraud reporting centre.

grahamcluley.com/action-fraud-

varx boosted

Signal should use exchanging safety numbers via QR code as an opportunity to perform an additional, out-of-band key exchange. This new key could be mixed in with every symmetric key used in the subsequent conversation, potentially giving you post-quantum security.

PSA: Yahoo Groups is being stripped down to purely a mailing list, dumping their archives.

(Despite being capable of sending out lots of email, they haven't actually *notified* anyone that way.)

Word on the street is that Groups.io is a pretty reasonable place to migrate to, although I've personally only poked around there and not actually tried it out for realsies.

varx boosted
varx boosted

Congratulations to the people of Berkeley, CA. You showed up, you wrote in, and your City Council heard you.

Berkeley’s City Council has voted unanimously to ban government use of face surveillance.

varx boosted

proposing new javascript event handlers 

How cool would it be to have a transactional filesystem? Or, at least, a way to mark parts of it as transactionally protected?

(Has anyone done this?)

This article on files hits home for me as I write my first serious desktop application.

I'm trying to keep as much as possible of the user's data in the form of individual, human-readable and editable files. But I keep running into the same problem: Filesystems are not transactional.

I'm keeping the most important things as individual files so they can be easily read without any special-purpose software, but everything else is going into a (sqlite) database for this very reason.

"Computer Files Are Going Extinct" onezero.medium.com/the-death-o

A remembrance of the file, in a time when files are obscured, discouraged, or replaced by streams, UI abstractions, or database rows.

Many great quotes.

varx boosted
@djsundog The key words "🤔​", ":thaenkin:​", ":blobrainbow:​", ":blobpats:​", ":blobangery:", ":oh_no:​", and ":blobmelt:" in this document are to be interpreted as described in RFC 2119.
varx boosted

We trust you have received the usual lecture from your local System Administrator. 

varx boosted

Genie: You have ONE WISH.

Me: Alright, I have one, but it's very detailed.
Genie: As long as it is only one wish, you're allowed to spend as much time as you want detailing it.

Me: Alright, here we go. *Grabs notebook and takes a deep breath* The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL are to be interpreted as described in [RFC2119].

Genie: Wait, is that...?

Me: *Flips notebook* Chapter 1. Preamble.

The Internet of Future Electronic Waste

varx boosted

Speaking of criminals trying to trick you into disclosing your online banking credentials on the phone: compare this script to the legit one outlined above.

twitter.com/DigitalLawyer/stat

varx boosted
@amsomniac The Internet of Things That Keep Probing My Internet Connection

@varx
varx boosted

The Internet of Things With Suspiciously Many Microphones And Cameras

The Internet of Things That Control Your House For You And That's Not Creepy At All

The Internet of Things That Are Selling You Out

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.