moved (Chris Vogel) @chrichri@librem.one

Megacorp Inc security policy 1. This policy is approved by Management.
2. All staff shall obey this security policy.
3. Data shall be available only to those with a “need-to-know”.
4. All breaches of this policy shall be reported at once to [Security. Figure 9.1 – typical corporate policy language]

This sort of language is common, but useless – at least to the security engineer.

[1/2]

@ijatz_La_Hojita
I use #imagepipe (which I found through a recommendation here in the fediverse).

You just share a picture with imagepipe which then gives you in turn another share menu to share it with the application which should get it without metadata and resized.

https://f-droid.org/en/packages/de.kaffeemitkoffein.imagepipe/

@mcol ...so go get that #rock64 or if you prefer raspberry, download #libreelec and get going. Who needs a TV that is either dumb of spying on you?

And while you're at it look at #tvheadend and dvb-s. #satellite near you is transmitting tons of content free and without subscription.

All that smart meters have achieved in Britain is to put a few tens of thousands of meter readers out of work, at a cost to the bill payer of £20 billion. Ontario was the same, but with one less trailing zero (Ross Anderson, "#SecurityEngineering — Third Edition", PDF-Preview 2020-05-16)

@fribbledom

Not really representative and I'd expected less then 2 out of 8 people having discussed their vaccine before the covid vaccination.

But in the end it supports, what I wanted to write: the discussion of the vaccines at its best is cooked up and useless if not harmful for the overall progress of vaccination.

There are only very few people who do have enough understanding of the science behind the vaccination to discuss this, I believe.

Started to support #noyb.eu, because I visited https://www.sueddeutsche.de/. I darely wish that the website is one of the first 500 to get mail from noyb concerning their #cookie banner.

#CookieBannerTerror or #WeComply ?

https://noyb.eu/en/noyb-aims-end-cookie-banner-terror-and-issues-more-500-gdpr-complaints
https://wecomply.noyb.eu/de/app/faq

@fribbledom

Uh, this topic know on TV in extra3...

"...notoriously insecure Zoom videoconferencing system..."

(Ross Anderson, "#SecurityEngineering — Third Edition", PDF-Preview 2020-05-16)

"Face-to-face trust establishment is an ancient part of being human; replacing it with overarching surveillance may be convenient for taxi drivers (whose profession was historically one of the most dangerous) but can cause deep collateral damage. The less we evaluate others, the less good we may become at it."

https://www.lightbluetouchpaper.org/2021/06/03/security-and-human-behaviour-2021/

#trust #technocracy

"The asymmetries of knowledge get worse; even in medieval times the priest, who knew people’s sins and secret desires, was visible and in a single place."

https://www.lightbluetouchpaper.org/2021/06/03/security-and-human-behaviour-2021/

#privacy #surveillance

@fribbledom

You've been vaccinated before Covid vaccination started?

Please let us know, whether you ever discussed with your medic the producer of one of the used vaccines or the technical details or their production.

Or did you rely on your medic that the vaccine approved in your country and chosen by your medic would be an appropriate one?

When you think about it, this is political #language. A #politician’s job is to resolve the tensions in society, and this often requires vague language on which different factions can project their own wishes (Ross Anderson, "#SecurityEngineering — Third Edition", PDF-Preview 2020-05-16)

In the case of drivers, people adjust their #driving behaviour to keep their #risk exposure at the level with which they’re comfortable. This also explains why mandatory seat-belt laws tend not to save lives overall, merely to move fatalities from vehicle occupants to #pedestrians and #cyclists (Ross Anderson, "#SecurityEngineering — Third Edition", PDF-Preview 2020-05-16)

Gut einen Monat später hat die Pumpe der Maschine entgültig ihren Dienst versagt. Brummt noch, aber kein Druck mehr.

Die neue Pumpe lag schon in der Schublade und nach dem Einbau läuft die Maschine deutlich leiser und es gibt wieder #Espresso :).

@Qwertziop@mastodon.social

Ich würde andersherum schauen: Bei jeder Bedrohung überlegen, ob einem Teil des Risikos durch die Funktionen einer WAF begegnet werden kann.

- Einschränkung der nutzbaren URLs (z.B. ausblenden von Admin-Seiten, die nur intern erreichbar sein sollen, Schutz gegen irgendwelche Strings, die nur dem Abklopfen auf mögliche Fehler der Applikation dienen können).
- Einschränkung der Parameter in der URL
- zusätzliches Protokoll
- Schutz vor zukünftigen Fehlern nach Update der Applikation

@Herbstfreud

#FKK?!