Show more
Hans-Christoph Steiner  

The key thing to remember is that luck plays a role in not being discovered, in a way that it does not with proper security measures. In my example, the hunters could have gotten lucky if they just happened to think to open the right door nearby and look at the servers there.

Show thread
0
Hans-Christoph Steiner  

Given that physical access to computers is a lot harder to defend against than internet access, my one hour of time vs the time they spent was quite a good payoff.

Show thread
1
Hans-Christoph Steiner  

I learned this lesson by operating a hidden server on a university network in a room next to a lab funded by three letter agencies, it was actually a feeder program, the grad students mostly went to work for those agencies. They had seen that my non-university domain name was mapped to a university IP address. They emailed me while I was on vacation, saying they were hunting for it. Two weeks later, I got back, and they still hadn't found it. They never did. That setup took me an hour.

Show thread
1
Hans-Christoph Steiner  

I totally agree that Through Obscurity does not work, I think the key word that often gets lost is "through". Make systems as secure as you can, don't rely on them being hidden. Obscurity can actually add quite a bit. Compare a build server reachable on a public domain name to one only reachable on a tor onion service. Finding the tor onion service could take the determined attacker quite a lot of time. The key measure is time to attack vs time spent setting up defenses. 1/

1
Hans-Christoph Steiner boosted
D. Creemer  

“Seen in downtown #PaloAlto
nitter.net/howardkushlan/statu

nitter.net/pic/orig/media%2FFq

0
Hans-Christoph Steiner  

Reading the section in the book about makes me think how so much digital media is a form of of our personal relationships, education, and even thought processes. It is driven by companies with the mentality of extracting profit from mining resources, in this case, the resources our human relationships and education.

0
Hans-Christoph Steiner boosted
John Sullivan  

NPR leaves Twitter (for now): engadget.com/npr-is-ditching-t (good on ya)

0
Hans-Christoph Steiner boosted
Nathan Freitas 🕺  

Learn how @guardianproject and @torproject are working together to bring Arti, the Rust-based next-gen Tor, to mobile devices guardianproject.info/2023/03/0 #orbot #rust #privacy #circumvention #torproject

0
Hans-Christoph Steiner boosted
F-Droid  

#WireGuard becomes the first VPN app on #FDroid to be built reproducibly! This means that WireGuard on F-Droid is now guaranteed to be 100% (bit-by-bit) equal to the WireGuard the developer builds.

If you're using WireGuard from F-Droid, please export your tunnels and re-install to switch to the developer's signature and continue receiving updates.

More details in the official WireGuard announcement: lists.zx2c4.com/pipermail/wire

New to reproducible builds? Check out f-droid.org/en/2023/01/15/towa

1+
Hans-Christoph Steiner  

I wonder if and its kindred projects will just kind of slowly consume themselves via a downward spiral of driving down the level of public, online content via computer generated spam and . They are trained on these public datasets, for example. For example, vice.com/en/article/jg5qy8/red

1
Hans-Christoph Steiner boosted
Michał "rysiek" Woźniak · 🇺🇦  

Side note: I am wondering how best to highlight this as a clear example of anti-competitive behavior on part of Google.

Our Yunohost hosts e-mail, #Nextcloud, other services that can be seen as "competing" (not in scale, but in function) with some Google services.

Google flagging @Yunohost login pages as "deceptive" makes it considerably harder to self-host.

And it doesn't matter if it is on purpose or accidental. Google has the resources to not make such "mistakes".

Show thread
1+
Hans-Christoph Steiner  

So many projects get caught in this trap of adding ever more as users request more features. When starting out, new software needs to directly solve a problem better than others, then people adopt it. As more people adopt it, they demand more features. Incrementally adding more features works for the existing user base, but makes it harder and harder for newcomers to jump in. Then new software does a key thing better, and the complex old one collapses under its own weight.

0
Hans-Christoph Steiner boosted
Debian  

Survey to gather feedback on the native Debian package of GitLab lists.debian.org/debian-ruby/2

1
Hans-Christoph Steiner  

's article on exploiting is a nice example to work through to understand how an advanced works
arstechnica.com/information-te

Does anyone have any examples of advanced that were not targeted? I guess the and maybe are examples. I'd love to see a story about a recent exploit like this (those two examples don't really work when HTTPS is used).

0
Hans-Christoph Steiner boosted
Wolfie Christl  

Report on devastating working conditions at dpd Austria. Up to 17-hour days and 350 deliveries per day, €6 hourly wage, no breaks, and subcontractors, of course. And while dpd tracks every move via its 'Predict' system, it claims to have no idea [German]:
derstandard.at/story/200014521

1
Hans-Christoph Steiner boosted
Wolfie Christl  

In 2020, the Austrian police raided the Amazon fulfillment center near Vienna and found that almost all of Amazon's delivery subcontractors violated employment/tax laws. But nothing happened to Amazon itself, and I'm afraid nothing has changed.

---
RT @WolfieChristl
In early 2020, the Austrian financial police raided Amazon's distribution center near Vienna.

Turns out they found 130 out of 133 subcontracting delivery companies, most…
twitter.com/WolfieChristl/stat

Show thread
1
Hans-Christoph Steiner boosted
Stefano Zacchiroli  

« Honestly, it's probably the phones [The most plausible explanation for teenage unhappiness.] » noahpinion.substack.com/p/hone

1+
Hans-Christoph Steiner boosted
Free Software Foundation Europe  

Looking for an easy read for kids and adults this holiday season? 📚

☑️Check out 'Ada & E. Zangemann, a story about software, skateboards and raspberry ice cream'. And dive into the wonderful world of inventors, tinkering and freedom.

fsfe.org/activities/childrensb

#ChildrenBooks #SoftwareFreedom #freesoftware

1+
Hans-Christoph Steiner boosted
Michał "rysiek" Woźniak · 🇺🇦  

The website of Reykjavík #Hackerspace, Hakkavélin, just got flagged by #Google Safe Browsing as "deceptive", and anyone who visits this site gets a huge, red, scary warning. Check it out:
hakkavelin.is/

Thing is, I happen to manage this site. It's literally a single static HTML file.

This is what we get for allowing shitty journalists to farm clicks by abusing the words "hacker" and "hack" to mean "cybercriminal" and "attack".

#FuckGoogle #Hackers #InfoSec

1+
Hans-Christoph Steiner boosted
European Commission  

🚲 Pedalling our way towards a greener future!

The summer of 2023 will be a milestone for cycling. We will propose a European Declaration on #Cycling, inviting the European Parliament and the EU Council to sign up for it.

We want to make sure that all our European initiatives, wherever possible, include a cycling dimension; supporting sustainable urban #mobility plans, doubling the number of safe cycling infrastructures, or creating more bicycle parking facilities.

#EUGreenDeal #EuropeanUnion

1+
Show more

fdroid

69

debian

38

privacy

14

guardianproject

1

gnu

1
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml