Show more

@stux A big . May the saints and spirits of computing and the Internet be with you.

@lacrosse @kuketzblog Möglich isses. Aber halt etwas, das man als dumme Idee bezeichnen könnte.

@dc@det.social @tagesschau Ich will keinen Weltkrieg, und das wäre einer. Nichtsdestotrotz sollten wir mehr Waffen liefern.

Mirko Adam boosted

Mastodon pilot has a chance to win open source award

At the beginning of this year, SURF and its members started the pilot project social.edu.nl. There is a growing need for a social community platform of and for the whole of Dutch education and research. At the same time, we want this platform to be based on the public values we ourselves advocate.

surf.nl/en/news/mastodon-pilot

Vote:
joinup.ec.europa.eu/collection

@alvar @ankedb @ZDF Naja, Sie schreiben hier mit einer Person auf einer solchen Seite einer Fraktion. Auch die Grünen haben so was. Auch die SPD hat einen Server, AFAIK. Leider habe ich von der FDP noch keinen gesehen, obwohl wir hier eine innovative technologische Lösung Made in Germany haben.

@lacrosse @kuketzblog Naja, man kann durchaus einem Hackerangriff durch einen Luftschlag ein Ende setzen, wenn man den weiß, wo er herkommt. Das herauszufinden ist halt die Schwierigkeit und quasi nie möglich.

@ivo @kuketzblog Naja, systemische Probleme haben systemische Ursachen. Die Fettleibigkeit wurde schon mit von der Lebensmittelindustrie verursacht, auch Lehrer können an schlechten Noten Schuld haben und auch ist nicht immer der Eigentümer für den Schaden in seinen Systemen verantwortlich. Das Problem ist hier, dass der Eigentümer sich keiner Schuld bewusst ist.

@larsweisbrod Vielleicht ist deine Bubble einfach zu langweilig. Es gibt Teile des Fediverses, die erinnern eher an einen Politthriller als ein soziales Netzwerk.

Mirko Adam boosted

A battle in the fight against has been lost yesterday: The has been passed by the Parliament. However, is suspended until there is a method that works sufficiently well.

@why0hy
Thanks for the tips.

With "bombarding" I meant calls by many people, so we as community show that we really mean it.

Any more tips to share?

@apps
When I am in a thread, I get all toots two times. That annoys me.

Mirko Adam boosted

HEY Infosec Mastodon! Wanna help me out?
I'm looking for screenshotable quotes about pentesting. Wanna respond to any of these questions? If you do you may be included in my next talk!

What's the biggest pitfall a pentester can make?
What makes a good pentest?
What makes a bad test?
Vuln scan versus pentest - which one is "better"?

Or just whatever you want. I will include any memes I get, so reply away.
Boosts help :)

@maxim
Well, it does not *really* work, I use it to select MEPs to "annoy" and not to phone MEPs as this feature (which is the main one) does not work yet, at least not reliably. Still, I hope that they fix it soon, as the idea is great and the project is a great asset for our campaign to stop Chatcontrol.

Mirko Adam boosted

I keep hearing people say that Microsoft has finally come clean and provided an honest reckoning of the mistakes that led to the breach.

Allow me to push back on that HARD.

Wednesday's update is the first time Microsoft disclosed that hackers connected to Storm-0558 were inside the corporate network. In journalism parlance, Microsoft (intentionally?) buried the lede.

This allowed the company to omit key details we need to fully assess the damage these hackers did. How long were the hackers inside Microsoft's network? Did they access other data beside the crash dump? Were any other employee accounts hacked? How did they get in? Has Microsoft remediated whatever weakness or vulnerability made the network breach possible?

Storm-0558 is among the world's most skilled hacking outfits. As Microsoft observed: "The actors are keenly aware of the target’s environment, logging policies, authentication requirements, policies, and procedures. Storm-0558’s tooling and reconnaissance activity suggests the actor is technically adept, well resourced, and has an in-depth understanding of many authentication techniques and applications." In short, Storm-0558 has telemetry into Microsoft's network that's a par with Microsoft's own telemetry.

Storm-0558's technical tradecraft prowess is on full display by its ability to suss out a signing key in a crashdump made two years prior to the hack. It's further bolstered by the hackers' success in exploiting the failure of a Microsoft API to validate signatures properly.

So Microsoft reveals for the first time on Wednesday that Storm-0558 was inside its network. It provides no other details and doesn't respond to reporters' emails seeking them. And people say Microsoft has finally put the issue behind it?

Er, no. This should be the very beginning of the inquiry. We need to press Microsoft to answer these questions.

Show thread

@auschwitzmuseum Thank you, Auschwitz Memorial that you transform the stats of all the people killed during Holocaust back into the single tragedies. Just as a man that was responsible for other mass killings, Stalin, said: The death of one person is a tragedy, the death of thousands in statistics.

Mirko Adam boosted

Wie genial ist das denn? Unter dem Motto "Weil Appelle nicht mehr reichen – Wer blockiert, muss mit fast dreimal höherer Strafe als bisher rechnen" Ab sofort kostet in #Wien das Falschparken im Gleisbereich der Tram oder auf der Busspur so viel ... wie eine Jahreskarte: 365 Euro. Das sind verkehrspolitische Zeichen - in Deutschland undenkbar.

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml