@Case_Of @bortzmeyer Yes. Mais comme nous ne l'avons pas auditée, on ne pouvait pas la recommander. Idéalement, c'aurait dû être le MinInt qui aurait dû fournir une telle app... mais l'intégrer à StopCovid pour inciter les gens à installer leur app a été décidé à la place... Fallait bien rajouter des trucs dedans pour justifier le changement de nom, j'imagine 🤣

Je me demande s'ils sont débiles et négligeants ou malveillants. Je vois pas de troisième voie.

Show thread

Je me demande combien de sites ont une ressource active (html ou js) de media.interieur.gouv.fr qui permettrait de dumper l'identité d'un utilisateur pour désanonymiser du trafic

infosec.exchange/media/gkNdVQ-

X_Cli boosted

Alternative éthique aux événements, groupes et pages Facebook, #Mobilizon est un outil qui permet de trouver, créer et organiser des événements

Une instance Stop #Specisme pour l' organisation d'actions #antispécistes a été créé !

➡️ stop.specis.me

#ParcequEux

That's the second time this year that some researchers find something close or identical to something *I* found 6/7 years ago. At least, the first one had mentionned my work and explained the difference.

Show thread

Always nice to read a paper and find a full page about a "discovery" that the authors stole/"rediscovered" from the work you did 7 years ago. And with no attribution or quote.

@rysiek Did you try the -d option?
What really screwed me over are programs that do not reopen their fd on reload...

@sneak Except that long TTL value has basically nothing to do with performance and a whole lot more with resiliency. But values between 1h and two days are generally deemed within the acceptable range (depending on your Disaster Recovery Plan). So, whatever floats your boat.

X_Cli boosted

Companies House, the British registrar of newly formed companies, has forced a firm to rename itself from

""><SCRIPT SRC=HTTPS://MJT.XSS.HT> LTD

On the grounds that merely including the name of the company on a web-page (including the Companies House website) could trigger cross-site scripting attacks.

theguardian.com/uk-news/2020/n

1/

@lrvick It is not that they did not bother to wash their hands. Dirty hands was considered proof that they were hard-working. And to their credits, they had no idea what was the actual cause of so many deaths. I heard they even sacked the receptionist that was "causing stress to the pregnant women" with his bell, before considering washing hands.

X_Cli boosted

The EU Council is pushing for encryption backdoors to messenger apps such as WhatsApp and Signal to fight terrorism (German article): fm4.orf.at/stories/3008930/

Despite the fact that errors of investigation in Austrian authorities had made the attack possible in the first place and not a lack of digital surveillance powers. Politicians must start to understand that more surveillance will not lead to more security. That's why we fight any attempt for an encryption backdoor: tutanota.com/blog/posts/why-a-

@alainmi11 Mon conseil aux enseignants : fuyez cette daube. Utiliser un truc qui marche, genre Discord, Google Meet ou Jitsi Meet. Utilisez Zoom si vous savez faire que ça. Mais par pitié, éviter d'exclure vos étudiants avec Via. Ça ne marche pas.

@alainmi11 Ma compagne suit des cours avec Via. C'est de la grosse merde. Envoyer un message ? Crash systématique. Activer le micro ? Idem. Le son qui saute pendant plusieurs minutes. Vécu sur Android, et chromebook. En gros, faut un PC Windows ou ça marche pas. Au lieu d'utiliser un logiciel libre de qualité, l'EN a décidé d'utiliser un logiciel merdique qui discrimine ceux qui n'ont pas de thune et suivent leurs cours sur des téléphones ou PC alternatifs pas chers. C'est une honte.

X_Cli boosted

The French people as a whole once again under house arrest by its authoritarian government. Liberty (not), Equality (not), Fraternity (not gender neutral). Fuck France. Fuck its gov. I fucking hate this country.

@qrsbrwn @rysiek I agree that the free user is part of a transaction ads<->access, where access does cost something to the platform, while advertising is done freely and possibly passively by the user. I disagree with your original statement that the free users pay the platform by using it. (except, of course, if we disagree on what "paying" means and if your definition is "participating in a trade")

@qrsbrwn @rysiek The key problem is that you think freeloaders give the platform free advertising, while I say the platform buys this advertising by letting freeloaders use their platform at their expense. I don't think we can reconcile these views, indeed.

@qrsbrwn @rysiek The users are divided into three categories: the paying ones, those that may be converted with an additional effort (that you may or may not be willing to convert depending on the expected ROI), and the freeloaders. Freeloaders are only there as a form of advertisement (word-to-mouth marketing) that the company is willing to pay for. The company invests on the freeloaderd. The freeloaders do NOT pay the company by just being there and using the service.

@qrsbrwn @rysiek So said differently, if you think that your mere presence on a service is valuable, you seriously need to have your head deflated a bit.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.