Show more

ohai infosec nerds

The Grugq is now on tootsite.

@thegrugq

:D

The lengths some will go to escape vendor lock-in: Two men bribed AT&T employees over $1 million to install malware that unlocked iPhones. zdnet.com/article/at-t-employe

My roots must run deep, because I just bought a corded jigsaw to avoid the vendor lock-in from the incompatible lithium ion battery systems in modern power tools.

The quid pro quo between Ring (gets police 911 data) and the police (gets access to Ring customer devices) is more troubling then either arrangement by itself. gizmodo.com/cops-are-giving-am

It's not too late for bug bounty companies to source practical grasshopper-plague-related swag. Swatters, bug spray, mesh netting: nytimes.com/2019/07/27/us/gras

Paige should have watched Hackers. You don't hack a bank across state lines from your house, you'll get nailed by the FBI. Posting evidence on your personal Github is universally stupid. engadget.com/2019/07/29/capita

The whistleblower said: “There have been countless instances of recordings featuring private discussions between doctors and patients, business deals, seemingly criminal dealings, sexual encounters and so on. These recordings are accompanied by user data showing location, contact details, and app data.” theguardian.com/technology/201

"Recently, tech companies have come to a troubling consensus: that they can change your computer, remotely (and often silently) without your knowledge or permission."

puri.sm/posts/consent-matters-

I ran into a new security measure the other day: my bank has added complexity requirements to *usernames* now, presumably to make them harder to guess and brute force attacks more difficult.

Satellites could soon track our movements from space, which would allow for surveillance on a mass scale that most people haven’t ever contemplated. eff.org/deeplinks/2019/07/depa

Looking forward to in a few minutes. Green Music Center is always such a nice venue. It's like being inside of a classical guitar.

I wrote a piece on the @purism blog on why consent is critical for , the tech industry's failure to get consent, and as a result how "Privacy has become the tattoo removal of the information age". puri.sm/posts/consent-matters-

at means arriving/leaving when I want and avoiding invasive airport and hotel searches. Last year my DEFCON vanlife experiment was a failure. This year I'm hopefully learning from my mistakes:

1. New AC to replace original that 110F Vegas heat killed last year.

2. Camping on strip, so no 30-min commute from camp to venue.

3. Leaving van plugged in, AC on, taking cabs to venues, so no more parking unplugged in direct sun all day (limited high-clearance parking in garages).

“@DuckDuckGo is a poster child for a future in which companies stand with their users and still make money...They counter the assumption that we’ve all been socialized to accept: that it is normal to hand over all your information." - EFF's @jenuhhveev nytimes.com/2019/07/15/technol

Good: burning post-it notes containing secrets after use.
Bad: holding the post-it by the sticky side as you light it.

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml