I have production networks where Suricata (all versions, old old stable, old stable and stable) is returning false negative reports on 25% of suspicious files. I filled a bug report 9 months ago, with a pcap sample to reproduce the bug, and an analysis. The devs and community could not care less. I am baffled. It seems to me you have to takedown bugs by yourself if you want something fixed. Sad.

X_Cli boosted

Petit fil en guise de #mémo pour le #téléenseignement (au cas où on ne soit pas les seul‧e‧s confronté‧e‧s au problème un an après tout le monde...):

Tout d'abord, un peu de lecture:


If you are a junior developer, please don't write that you are a full stack developer. Understand that people with years of experience don't dare write that. You are either showing that you don't know what you want to do, or that you are delusioned and full of yourself and need to learn about the Dunning Kruger syndrom.

X_Cli boosted

Do you have a hard time recruting a system developer? It's been six months and I am still searching and found noone. I'm not saying we can't interest them with a good package and they choose to go elsewhere. I'm not even having good resume in my inbox. Do you share that experience?

Je suis toujours à la recherche d'un dev système Python/Go. Télétravail OK en France. Boite de sécurité informatique, création de poste, ASAP. welcometothejungle.com/fr/comp

X_Cli boosted

Je me demande s'ils sont débiles et négligeants ou malveillants. Je vois pas de troisième voie.

Show thread

Je me demande combien de sites ont une ressource active (html ou js) de media.interieur.gouv.fr qui permettrait de dumper l'identité d'un utilisateur pour désanonymiser du trafic


X_Cli boosted

Alternative éthique aux événements, groupes et pages Facebook, #Mobilizon est un outil qui permet de trouver, créer et organiser des événements

Une instance Stop #Specisme pour l' organisation d'actions #antispécistes a été créé !

➡️ stop.specis.me


That's the second time this year that some researchers find something close or identical to something *I* found 6/7 years ago. At least, the first one had mentionned my work and explained the difference.

Show thread

Always nice to read a paper and find a full page about a "discovery" that the authors stole/"rediscovered" from the work you did 7 years ago. And with no attribution or quote.

X_Cli boosted

Companies House, the British registrar of newly formed companies, has forced a firm to rename itself from


On the grounds that merely including the name of the company on a web-page (including the Companies House website) could trigger cross-site scripting attacks.



X_Cli boosted

The EU Council is pushing for encryption backdoors to messenger apps such as WhatsApp and Signal to fight terrorism (German article): fm4.orf.at/stories/3008930/

Despite the fact that errors of investigation in Austrian authorities had made the attack possible in the first place and not a lack of digital surveillance powers. Politicians must start to understand that more surveillance will not lead to more security. That's why we fight any attempt for an encryption backdoor: tutanota.com/blog/posts/why-a-

The French people as a whole once again under house arrest by its authoritarian government. Liberty (not), Equality (not), Fraternity (not gender neutral). Fuck France. Fuck its gov. I fucking hate this country.

X_Cli boosted

After several months, @mobilizon is out!

It seems to be a very good fit in these times of protests when people need to self-organize to fight for their rights, away from large companies which can and have already censored them!

Have a look at the guided tour @Framasoft offers in their blog, it’s full of great ideas.

Congrats to them, I’m happy to support you financially, and it was well worth the wait 🎉


X_Cli boosted

La V1 de Mobilizon officiellement lancée !

Mobilizon. Vos événements. Vos groupes. Vos données.
Mobilizon est un outil libre et fédéré pour libérer nos événements et nos groupes des griffes de Facebook. Après deux ans de travail, la première version de ce logiciel sort aujourd’hui, accompagnée de toute une série d’o


#communsnumériques #Framasoft #mobilisation #mobilizon #pratiquescommunautaires #communs

X_Cli boosted
X_Cli boosted
Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.