X_Cli boosted
X_Cli boosted

"The first rule of PAKE is: nobody ever wants to talk about PAKE. The second rule of PAKE is that this is a shame, because PAKE — which stands for Password Authenticated Key Exchange — is actually one of the most useful technologies that (almost) never gets used. It should be deployed everywhere, and yet it isn’t."

blog.cryptographyengineering.c

X_Cli boosted

Easily and securely send things from one computer to another

croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool does all of the following:

allows any two computers to transfer data (using a relay)

provides end-to-end encryption (using PAKE)

enables easy cross-platform transfers (Windows, Linux, Mac)

allows multiple file transfers

github.com/schollz/croc

X_Cli boosted

Please remember that the coronavirus has not gone away just because people are bored with it now

It's always a DNS problem. Wait, not quite...
---

Critical DNS Bug Opens Windows Server to Infrastructure Takeover

Microsoft gives the ‘wormable’ flaw a security rating of 10 – the most severe warning possible.

threatpost.com/critical-dns-bu

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Researchers identified serious flaws in Qualcomm’s Snapdragon SoC and the Hexagon architecture that impacts nearly half of Android handsets.

threatpost.com/qualcomm-bugs-o

X_Cli boosted

@isagalaev @deutrino Come to think of it, I feel this is going to be very interesting: Europe is planing on forcing social networks to be interoperable. I wonder how this will impact Signal :)

X_Cli boosted
X_Cli boosted

Does anyone in Fediland have any experience using the new Mozilla VPN?

Please boost.

vpn.mozilla.org/

X_Cli boosted

@nolan >Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!

>Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.

X_Cli boosted

"Should I use KeePass 2, KeePassX, or KeePassXC?"

✔️ Use KeePass 2 – this is the original KeePass, primarily developed for Windows. However, it can be used on Linux, too.
keepass.info/

✔️ Use KeePassXC – this password manager indirectly originates from KeePass 2. Most features are similar to KeePass 2.
keepassxc.org/

❌ Don't use KeePassX – development ceased in 2016.

#KeePass #KeePassXC #KeePassX #PasswordManagement #Passwords #InfoSec #Security

, une messagerie chiffrée se voulant sécurisée, a publié il y a deux mois sa spec technique olvid.io/assets/documents/2020

J'ai pas encore lu ; je découvre ce matin. Qqn a déjà fait le tour ?

Java1.5 in a bigass "nutshell". Just found this in an old box under my bed. I'm not getting younger. Damn.

infosec.exchange/media/m-chWVi

X_Cli boosted
X_Cli boosted

will no longer refer to masters, slaves or blacklists.

In their place coders will use alternatives such as “primary” & “secondary”, or “leaders” & “followers”, or even “directors” & “performers”.

Blacklists are to become either “denylists” or “blocklists” and whitelists will become “allowlists” or “passlists”.

X_Cli boosted

Mon nouvel article dans le numéro hors-série n°21 de : "Back to basics" / les indispensables. Pas de gros prérequis pour la lecture dans ce numero ! À mettre entre toutes les mains d'informaticiens !

infosec.exchange/media/lFLgDMN

X_Cli boosted

This is a fascinating read. Let this sink in: law enforcement compromised the network of a secure chat solution and pushed malware to all endpoints in order to read all the messages. All that on the premise that the majority of the users were criminals, even though some weren't.

vice.com/en_us/article/3aza95/

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.