Search
Items tagged with: security
This is a great piece by @micahflee about the significance of supporting ephemeral usernames in @signalapp and the challenges #Signal faces developing the gold standard of private messaging apps.
https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/
#privacy #security #encryption #signal
Signal’s New Usernames Help Keep the Cops Out of Your Data
Ephemeral usernames instead of phone numbers safeguard privacy — and makes the Signal messenger app even harder to subpoena.Micah Lee (The Intercept)
Today I've been really busy and I'm exhausted, but I wanted to share the "gem" of the day.
A colleague (whom I've never spoken to before) calls me and explains that they need to connect a client's server with their management system. To communicate, the client's server needs to be reachable via telnet. I explain that I can't open telnet to the world, but if necessary, I can set up a VPN of their choice (Wireguard, OpenVPN, even Zerotier if it's helpful) and grant telnet access through the VPN. Not ideal, but better than nothing...
That said, the colleague attacks me: "Here you are, with these VPNs - don't you understand they're used to spy on us? Governments intercept all VPNs to steal our personal data." I try to clarify that I may not have explained myself well and that I don't mean using the famous commercial VPNs, but a private VPN access to allow the two machines to communicate securely. No luck: "Haven't you realized yet? Every time we open a VPN, they know and intercept us."
Frankly, I was speechless...
#VPN #Privacy #Security #Misconceptions #IT #SysAdmin #ITHorrorStories
An absolutely naive question:
Are there any OAuth 2 (similar) solutions that also or especially insist on post-quantum cryptography and also conform to OpenID Connect or similar? 🤔
(Sharing this post would be nice and I thank you for it )
—
#itsecurity #oauth2 #pqc #crypto #it #cryptography #openidconnect #openid #postquantumcryptography #security #pqc #question #itquestion #question #share #shareplease #nerdquestions
Password Card Generator - Raphael
Password Card Generator. This website allows you to generate customized password cards in the spirit of Qwertycards.com. If you like the concept, please buy a card from their website. Generate a new card. Pick the characters you want to use. numbers lower case upper case symbols space other.
Clone it!
https://monodes.com/predaelli/2024/04/15/11605/
#Security #Software
https://monodes.com/predaelli/2024/04/15/11605/
Password Card Generator – Raphael Password Card Generator. This website allows you to generate customized password cards in the spirit of Qwertycards.com. If you like the concept, please buy …Paolo Redaelli
Grazie al cielo docenti del calibro del prof. Zanero @raistlin stanno spiegando "perché bloccare gli IP è una pessima idea"
> Stefano Zanero, professore ordinario di #Computer #Security e #DigitalForensics and #Cybercrime del #politecnicomilano risponde all'intervento del Commissario Agcom Massimiliano Capitanio in merito al "#PiracyShield", la piattaforma Agcom contro la diffusione online di contenuti illegali
Piracy Shield, Zanero: “Ecco perché bloccare gli IP è una pessima idea”
Stefano Zanero, professore ordinario di Computer Security e Digital Forensics and Cybercrime del Politecnico di Milano risponde all'intervento del Commissario Agcom Massimiliano Capitanio in merito al "Piracy Shield", la piattaforma Agcom contro la d…Stefano Zanero (Agenda Digitale)
🚨 ⚠️ Emergency PSA: A critical security exploit was discovered in the xz package recently, used for compression and decompression on nearly all Linux distributions.
Rawhide users ARE impacted and should immediately STOP using Rawhide until the package update is fully rolled back. (1/3)
Security Advisory: https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
#Fedora #Linux #OpenSource #Security #Privacy
Urgent security alert for Fedora Linux 40 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access., (Red Hat)
The whole story:
Users ditch Glassdoor, stunned by site adding real names without consent.
#infosec #security #IT #enshitification #jobs
Users ditch Glassdoor, stunned by site adding real names without consent
Anonymous review site Glassdoor now consults public sources to identify users.Ars Technica
Libera Chat is an Internet Relay Chat (IRC) network that supports connecting via Tor using their Onion Service, this provides a layer of anonymity and security.
IRC: https://en.wikipedia.org/wiki/Internet_Relay_Chat
Tor: https://www.torproject.org/about/history
Tor Onion Service: https://community.torproject.org/onion-services
Website: https://libera.chat
Mastodon: @liberachat
#Libera #LiberaChat #IRC #Tor #Encryption #Anonymity #Security #OpenSource #InfoSec
The Tor Project | Privacy & Freedom Online
Defend yourself against tracking and surveillance. Circumvent censorship.www.torproject.org
LibreOffice supports symmetric and asymmetric encryption for OpenDocument Format (ODF) files.
Select File > Save/Save As
The "Save with password" option encrypts the file with AES-256.
The "Encrypt with GPG key" option encrypts the file with a public key.
Symmetric encryption: https://en.wikipedia.org/wiki/Symmetric-key_algorithm
Asymmetric encryption: https://en.wikipedia.org/wiki/Public-key_cryptography
Website: https://www.libreoffice.org
Mastodon: @libreoffice
#LibreOffice #Encryption #OpenSource #OpenPGP #PGP #GnuPG #GPG #InfoSec #Privacy #Security