Notices tagged with security

Yesterday, here's how I connected to the Internet from home:

I used a router someone else (AT&T) owned. This router was hard-coded to record every website I visit (because it redirected all DNS queries to AT&Ts servers).

Today, here's how I connect to the Internet:

I use a router I own, running #openWRT and using #pihole for nearly all of my DNS queries, falling back to #openNIC for the rest.

I <3 #FOSS!

#privacy #security

It seems like these days you no longer need a postit on your monitor with the password. Just put all your passwords in your password book. 🤦♂️ #security #passwords

Protip: systemctl disable: disable from launching at boot time. If you want to make sure a service cannot be started at all, what you want is systemctl mask.

e.g., if the (insecure) rsync daemon could be running at the moment, these three should have you covered:

sudo systemctl stop rsync
sudo systemctl disable rsync
sudo systemctl mask rsync

(PS. Yeah, you really shouldn’t be running the rsync daemon. And you don’t need it to use rsync over ssh.)

#systemd #rsync #security

Just popped up on my XPS 13 updates:

“This update integrates the BIOSConnect feature into Dell SupportAssist OS Recovery. This feature connects the system to the Dell image server to download and recover the operating system.”

Umm… how about no, Dell, do not connect my BIOS to the Internet thank you very much.

Wtf is wrong with these people? *smh*

#security #privacy

“This update integrates the BIOSConnect feature into Dell SupportAssist OS Recovery. This feature connects the system to the Dell image server to download and recover the operating system.”

Umm… how about no, Dell, do not connect my BIOS to the Internet thank you very much.

Wtf is wrong with people? *smh*

#security #privacy

@cancel

> If you have some established track record with security auditing then email me cancel@cancel.fm (my PGP key is on keybase) and I will grant access to the source code.

I don't have a security background, but I hope someone else can help. I'll boost this toot to see if we can find one of the great #infosec and #security folks in the fediverse.

The fact you've build a native discord/slack replacement is incredibly awesome, and I really hope someone can help with an audit of ripcord!

💕 a poignant message of love on V Day: "And that’s why I love free software! It gives you back the control over your machine. It’s something that you can trust, as there are no secrets kept from you..." 💘 https://blog.jabberhead.tk/2019/02/14/i-love-free-software-day-2019/ … #ilovefs #privacy #security @fsfe

"Every tap, button push and keyboard entry is recorded — effectively screenshotted — and sent back to the app developers", including credit card numbers, passwords, etc. When will people stop pretending that the #Apple system of a proprietary walled garden lead to more #security and #privacy? https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots

annual Linux Journal #security issue: "Todd A. Jacobs... gives an overview to using a YubiKey... Then he follows that up with The Purism Librem Key and how that specific USB hardware key compares to others on the market..." https://www.linuxjournal.com/content/security-issue

🎁 Buy Now & Save: Librem 5 Early Bird pricing ($599 USD) *extended to February 3*. Preorder pricing ($649 USD) begins Feb 4 and ends when general availability and shipping begins. https://shop.puri.sm/shop/librem-5/ #DemandFreedom #privacy #security

Remote Code Execution in apt/apt-get

https://justi.cz/security/2019/01/22/apt-rce.html

#debian #ubuntu #security #apt

Hardware Updates for 2019! 🎉

Today we introduce Version 4 of the Librem laptop line — now with an updated CPU and graphics for all models and a 4k/HiDPI screen for the 15″ model.

https://puri.sm/posts/librem-laptops-now-at-version-4/

Protect your digital life with strong #security and #privacy *and* do so on one of our beautiful, high-end laptops.

🎁 Buy Now & Save: Librem 5 Early Bird pricing ($599 USD) ends January 31. Preorder pricing ($649 USD) begins Feb 1 and ends when general availability and shipping begins. https://shop.puri.sm/shop/librem-5/ #DemandFreedom #privacy #security

In January, the #EU is launching bug bounties on #FreeSoftware projects to increase the #security of the #Internet! https://juliareda.eu/2018/12/eu-fossa-bug-bounties #FOSSA

our @diggity on https://firewallsdontstopdragons.com podcast: "Using video cameras and signals from our smart devices, marketers are tailoring their billboards and digital signage based on our appearance and even our identity." #privacy #security cc @yaelwrites

http://podcast.firewallsdontstopdragons.com/2018/12/17/ads-tracking-you-in-real-world/

public authorities "can secretly compel tech companies and individual technologists, including network administrators, sysadmins, and open source developers – to re-engineer software and hardware under their control, so that it can be used to spy on their users. Engineers can be penalized for refusing to comply with fines and prison"... sounds like a nightmare but it is reality in the #UK and #Australia https://www.eff.org/deeplinks/2018/12/new-fight-online-privacy-and-security-australia-falls-what-happens-next #eff #spy #privacy #security

We are preparing our ethical and #security-focused technology products & services offering for your #business. You can help by taking a few minutes to fill out our survey or letting collaborators know about it! Check out https://puri.sm/enterprise/ #B2B #infosec

"We believe that freedom is essential to security and privacy and any solution that aims to secure your privacy must also protect your freedom" https://puri.sm/posts/apple-is-right-about-privacy-but-wrong-about-freedom/ #freedom #privacy #security #FreeSoftware

.@tim_cook the CEO of @apple absolutely correct to attack the "data industrial complex". He's right about privacy but wrong about freedom. Read on: - https://puri.sm/posts/apple-is-right-about-privacy-but-wrong-about-freedom/ #DemandFreedom #Privacy #Security #infosec

Nice study for everyone who thinks that open platforms are a #security risk. Exactly zero malware found in #FDroid, the independent #FreeSoftware repository / #appstore for #Android https://nsl.cs.waseda.ac.jp/wp-content/uploads/2018/04/submitted_wama2017.pdf