social.stefan-muenz.de

Search

Items tagged with: security

ProtonMail offer a very valuable suite of free services including email and VPN to enable safe, secure communications without disclosing personal data.

A recent blog posting sets out some of the benefits of using their services.

Best Gmail alternative for #privacy and #security
https://protonmail.com/blog/gmail-alternative/

Why should you trust ProtonMail?
https://protonmail.com/blog/is-protonmail-trustworthy/

I have had a free account with ProtonMail for some time. It's very difficult to get others to get one to allow end-to-end #encryption.
Bild/Foto
Bild/Foto
Bild/Foto
Bild/Foto
 

John Opdenakker auf Twitter: "My email password has been hacked again. That's the third time I've had to rename the cat." / Twitter


#security #passwords #humor
 
Hey Chaos Bubble,
Hat sich jemand™ von euch mit BigBlueButton (BBB) Hardening befasst.

Die Default config mit diesen Standard Passwörtern ist nicht gerade fancy 😔

Gibt es da eventuell schon irgendwo Scripte/Guides/Tipps?

Danke für alle Tipps!
Boost gern gesehen.

#BBB #Security #hardening #videoconference
 
Nächste #CryptoParty aus #Berlin, nächste Woche online: Dienstag, 30. März 2021, ab 19 Uhr CET.
https://meet.systemli.org/CryptoPartyBerlin

Next Berlin CryptoParty, happing online, next week: Tuesday, March 30th, starting 7 PM CET.
https://meet.systemli.org/CryptoPartyBerlin

come by, learn, share your skills, have a good time

https://cryptoparty.in/berlin

#privacy #security
Bild/Foto
 
Successfully installed cryptography-3.4.7 matrix-synapse-1.30.1

#Matrix #Synapse #openSSL #security
Now that's interesting.

Hatte eben nen Anruf einer alten Bekannten, weil ihr Mann erpresst wird und sie dachte, ich könne hacken und den Scammer rausfinden...

Noch während des Anrufs krieg ich ne SMS von 80215 mit "neuen Konfigurationseinstellungen". Hab die natürlich gelöscht, ohne sie zu aktivieren, denn das war mir zu viel des Zufalls.

Ist ein Scam bekannt, der Änderung der APNs im Fon des Ziels involviert?

#sms #security #scam #boostok
 
Liebe Studierende,

schlümme Sache: Heute müßt ihr früh aufstehen! Um 11:30 startet der #Talk von Tilman Kranz zum Thema 'Who Contains the Containers? - Container Security auf Linux'

Ich hoffe auf gute Performance auf jeder Ebene, besonders auf der technischen.

#CLT #CLT2021 #Docker #Podman #Security #GNU/Linux
 

Talk: Who Contains the Containers? - Container Security auf Linux (CLT)

Content warning: Liebe Studierende, schlümme Sache: Heute müßt ihr früh aufstehen! Um 11:30 startet der #Talk von Tilman Kranz zum Thema 'Who Contains the Containers? - Container Security auf Linux' Ich hoffe auf gute Performance auf jeder Ebene, besonders auf der technis

#ThreatPost #Security #Malware #Ransomware #Ransomining #AdShieldPro
Fake Ad Blocker Delivers Hybrid Cryptominer/Ransomware Infection
 
Fake #AdBlocker Infects 20,000 Machines in 60 Days

A hybrid #Monero cryptominer and #ransomware bug has hit 20,000 machines in 60 days.

At its previous peak in February, the Monero Miner cryptocurrency ransominer was targeting more than 2,500 users a day, disguised as an #antivirus installer. Now, the tricky hybrid malware is on the rise again, this time impersonating an ad blocker and #OpenDNS service.

#security #itsecurity #itsec #cryptocurreny

https://threatpost.com/fake-ad-blocker-cryptominer-ransomware/164669/
 
Yes, they patched it, but I still don't like #Keybase, also because it was (partially) bought by #Zoom. I use the decentralized solution @keyoxide for this and yes it is more complex but you only do this once and then you have it. Apart from that there should now be a #shell #script for it.

#privacy #security #itsecurity #itsec #verify

https://www.zdnet.com/article/keybase-patches-bug-that-kept-pictures-in-cleartext-storage-on-mac-windows-clients/
 
Ende Februar [...] 70 Gigabyte an Daten erbeutet und weitergegeben habe. Dabei handle es sich um "so ziemlich alles", hatte es geheißen. Dass darunter aber auch die OAuth2-Token waren, sei nun überraschend gekommen, schreibt ArsTechnica.'

Scheint wohl doch nicht 'so ziemlich alles' gewesen zu sein, was die da bei #Gab rausgetragen haben. Vielmehr wohl eher 'alles'.

Mein Mitleid mit dem rechten Pack hält sich in engen Grenzen.
#EinmalMitProfis

#Security #PoweredByRSS
Heut hab ich mir ein Nikto-Docker-Dingens gemacht.

Überraschung: Wenn man einmal den Einstieg in #Docker geschafft hat, dann kommt man fix voran. Wer hätte das gedacht?

#Nikto #Security #Docker-Compose
Weiß nicht, ob ich Lachen oder Weinen soll...

#SmartMeter #BSI #Privatsphäre #Energiewende #Security #PoweredByRSS
So, sys-apps/firejail is super and efficient in the same way that its designed for, as many containers are: isolating processes running on the same kernel by namespacing. Excellent concept, proven to work, powering vast parts of the IT these days. Working nicely as a concept, YMMV for daily use patterns.

Firejail now does this for desktop applications: e.e. isolates your browser from the filesystem such that only innocuous fs access is possible. Someone hijacks your browser session or tab, all they get is the processes's own /tmp which looks like a regular full access but isn't, so they can't do harm.

The more applications you put into a firejail, the more cumbersomerer this becomes. Finds a happy animation on teh interwebs, wants to share to thelulz Telegram channel, can't find image you just saved, because folder Downloads the tab sees is a different one from the one that the file manager sees from what Telegram sees. Thus, no lulz on Telegram. Worse if you want The Gimp to fix up a few things in between. The file seems gone way too many times, over time which should not be longer than a handful of seconds.

I find myself deleting symlinks from /usr/local/bin/ one after the other. What is your experience?

#firejail #linux #namespaces #security #gentoo
 

European e-ticketing platform Ticketcounter extorted in data breach

In what should be a model of transparency, Ticketcounter CEO Sjoerd Bakker has told BleepingComputer that they copied a database to a Microsoft Azure server to test an 'anonymization process' that replaces personal data with fake data.
#security #leak
 
and accessible via telegram bot. It appears that the data is authentic.

#facebook #telegram #security #hacked
Facebook users’ phone numbers being sold via automated Telegram bot
 

'Spy pixels in emails have become endemic' | BBC News

The use of "invisible" tracking tech in emails is now "endemic", according to a messaging service that analysed its traffic at the BBC's request.
#technology #tech #security #privacy
 

'Spy pixels in emails have become endemic' | BBC News

The use of "invisible" tracking tech in emails is now "endemic", according to a messaging service that analysed its traffic at the BBC's request.
#technology #tech #security #privacy
 
Today I learned that Violet Blue is still doing regular cybersecurity news summaries, but they're published on Patreon so nobody knows about them. They are free (not even cookies required) and high quality. I recommend.

Violet Blue's Cybersecurity Roundup: February 9, 2021

By the way, uninstall Barcode Scanner now.

#security #violetblue #recommendation
 
Today I learned that Violet Blue is still doing regular cybersecurity news summaries, but they're published on Patreon so nobody knows about them. They are free (not even cookies required) and high quality. I recommend.

Violet Blue's Cybersecurity Roundup: February 9, 2021

By the way, uninstall Barcode Scanner now.

#security #violetblue #recommendation
 
Bild/Foto
#Technology #Security #Privacy #Linux #Debian #RaspberryPi #RaspberryPiOS #Microsoft

In the picture the moment, during software update, when the #vscode #repo is added


to Block Microsoft VSCode Add the following line:
0.0.0.0 packages.microsoft.com
to the file:
/etc/hosts
  • https://www.sebastianbuza.com/2021/02/04/microsoft-repo-secretly-installed-on-all-raspberry-pis-linux-os/
 
Bild/Foto
#Technology #Security #Privacy #Linux #Debian #RaspberryPi #RaspberryPiOS #Microsoft

In the picture the moment, during software update, when the #vscode #repo is added


to Block Microsoft VSCode Add the following line:
0.0.0.0 packages.microsoft.com
to the file:
/etc/hosts
  • https://www.sebastianbuza.com/2021/02/04/microsoft-repo-secretly-installed-on-all-raspberry-pis-linux-os/
 
Hey everyone, I’m #newhere. I’m interested in #anime, #doctorwho, #eff, #foss, #freesoftware, #gnu, #gpl, #haskell, #linux, #makerspaces, #nethack, #privacy, #programming, #security, and #startrek.

Been meaning to check diaspora out for a while now. Feel free do say hello.
 
Das BSI lädt mich zur Veranstaltung »Denkwerkstatt
sichere Informationsgesellschaft 2021« ein. Teilnahme erfolgt per Zoom. Ist das Ironie? 🤦‍♂️

Nein danke.

#Security #Privacy #Fail
 
I have seen some conversations about the security of pods and the like. I'd like to point my pod members and others who might be having the same questions to this excellent thread concerning where diaspora* sits in the security landscape:

https://discourse.diasporafoundation.org/t/i-want-to-try-diaspora-but-i-have-some-questions-about-how-it-works/3481/6

This includes some comments about features that would require external analysis of the social graph, which is currently made more difficult through diaspora*'s design.

#diaspora #security #sacrideo #encryption #e2e #privacy
 
I have seen some conversations about the security of pods and the like. I'd like to point my pod members and others who might be having the same questions to this excellent thread concerning where diaspora* sits in the security landscape:

https://discourse.diasporafoundation.org/t/i-want-to-try-diaspora-but-i-have-some-questions-about-how-it-works/3481/6

This includes some comments about features that would require external analysis of the social graph, which is currently made more difficult through diaspora*'s design.

#diaspora #security #sacrideo #encryption #e2e #privacy
 
and accessible via telegram bot. It appears that the data is authentic.

#facebook #telegram #security #hacked
Facebook users’ phone numbers being sold via automated Telegram bot
 
and accessible via telegram bot. It appears that the data is authentic.

#facebook #telegram #security #hacked
Facebook users’ phone numbers being sold via automated Telegram bot
 

Home alarm tech backdoored #security #cameras to #spy on customers having sex


source: https://arstechnica.com/information-technology/2021/01/home-alarm-tech-backdoored-security-cameras-to-spy-on-customers-having-sex/
He said he took note of homes with women he found attractive and then viewed their cameras for sexual gratification. He said he watched nude women and couples as they had sex.
#privacy #backdoor #technology #crime #news
 
...und dann bekommst du aus der #Security Bubble ein #Google Docs Spreadsheet mit der Auflistung welcher #Messenger Dienst welche Security Features hat.

Hey Leute wie soll ich euch ernst nehmen,? Mir ist schon klar, dass es kein "nur Schwarz oder Weiß" gibt aber so was...

🤷 🙄
 
Later posts Earlier posts