Show more

After decades of suffering through ipchains/iptables syntax, and seeing how easy fw and ufw made common firewall workflows, it's disappointing that the best Debian's iptables replacement can do is:

nft add rule inet filter input tcp dport 22 accept

When syntax for common workflows is complicated, you increase the chance the admin will make a mistake that exposes them to attackers. See S3 bucket permissions for more examples of this.

I really appreciate all of the kind and generous offers to host Linux Journal mirrors. For that matter many of the ex-staff (including me) have the knowledge + resources to mirror, but site hosting is up to the parent company as they own it, not the ex-staff.

I can't speak for the rest of the @linuxjournal archive, but I own the decade+ worth of articles I wrote. A lot of them are just as relevant today (I refer to them myself quite often). Would anyone be interested in some kind of "Best of Hack and /" polished and updated compilation?

The Register covered my article announcing @linuxjournal closing and included a number of quotes from my first goodbye that add extra context.

@kyle For me, I want to thank you for the past year of Linux Journal, which I only rediscovered last September. Best wishes to you and the rest. And good luck with the Librem 5. I hope for its success.

Well, this sucks. Linux Journal is no more (again).

Hopefully the website stays around as it has some really good content.

Sorry to see it go. All the best to @kyle and crew.


I'm so sorry to say it, but today @linuxjournal closed down for good. As you can imagine we are all so sad that this is the end. You can read my final goodbye here:

I had accepted that machines will take over many jobs in the coming decades but tasting whisky? That's the last straw.

achievement unlocked: phobos needs to figure out how to do business in france, spain, ireland and england.

and I'm now looking for folks who have some experience with that so I can pick their brains :D

ohai infosec nerds

The Grugq is now on tootsite.



The lengths some will go to escape vendor lock-in: Two men bribed AT&T employees over $1 million to install malware that unlocked iPhones.

My roots must run deep, because I just bought a corded jigsaw to avoid the vendor lock-in from the incompatible lithium ion battery systems in modern power tools.

The quid pro quo between Ring (gets police 911 data) and the police (gets access to Ring customer devices) is more troubling then either arrangement by itself.

It's not too late for bug bounty companies to source practical grasshopper-plague-related swag. Swatters, bug spray, mesh netting:

Paige should have watched Hackers. You don't hack a bank across state lines from your house, you'll get nailed by the FBI. Posting evidence on your personal Github is universally stupid.

The whistleblower said: “There have been countless instances of recordings featuring private discussions between doctors and patients, business deals, seemingly criminal dealings, sexual encounters and so on. These recordings are accompanied by user data showing location, contact details, and app data.”

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml