Pinned post

For those who says Tor is traceable!

Tracking down Tor users requires lot of time and efforts... To track the tor users the attacker or the Government agencies should check/analyze each of the tor node that the user is connected to (where 1st node only knows where the traffic is coming from and the last tor node only knows where is traffic is going to not from where its coming...,) in real time. it is impossible when you change the tor circuits once a ten seconds and mainly hackers(good people somewhat like gray hat) strictly advised to disable JavaScript on the browser to prevent ipleaks. All the ad's, tracking scripts on the web were build using js, most of the people who caught on darkweb by police are literally not even following some basic OPSEC rules like browsing tor on tor focused Linux distro's like tails, whonix . especially when downloading torrents from Tor on Windows machine with AV running. so its 99.99% safe to use Tor when you follow strong OPSEC.

Pinned post

Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. ~Ed Snowden

God Access :verified: boosted

Admins don't read DMs, and I'm hoping that soon enough that'll be encrypted and I won't be able too.
Mastodon DMs should be considered "restricted messages" visible to people mentioned.

DMs are not that important when snapchat exists for sexts, and signal exists for crimes!

Real chat style DMs similar to Twitter/facebook is coming to the ecosystem soon and will be encrypted and secured from admins... but until then, you need to consider "DMs" in mastodon different than the normal style.

It's more of a direct toot, then a direct message.

and in fact, the #mastodev team really should rename Direct Messages to Direct Toots or restricted because people have mental associations with the word "direct message"... and I get annoyed when I see a DM in my timeline and the back of chat style DMs..

creates its own TLS certificate authority to bypass sanctions

Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals.

The sanctions imposed by western companies and governments are preventing Russian sites from renewing existing TLS certificates, causing browsers to block access to sites with expired certificates.

bleepingcomputer.com/news/secu

NVIDIA's Code Signing Certificates Stolen and Abused in Attacks

The recent use of a stolen NVIDIA certificate is a perfect example of how eager cybercriminals are in abusing any loose ends in security infrastructure. To avoid this threat, admins are suggested to configure Windows Defender Application Control policies to control NVIDIA drivers loaded into Windows OS.

cyware.com/news/nvidias-code-s

shares list of 17,000 IPs allegedly DDoSing Russian orgs

The list was shared by the National Coordination Center for Computer Incidents (NKTsKI), an organization created by Russia's Federal Security Service (FSB), together with guidance to defend against the attacks and a second list containing attackers' referer domain information.

bleepingcomputer.com/news/secu

God Access :verified: boosted

Tweet from Ars Technica (@arstechnica)
Ars Technica (@arstechnica) Tweeted:
Oculus consulting CTO John Carmack remains wary of Meta's Metaverse, issues a few words of warning for Zuckerberg.
t.co/lW7YOpAYWj twitter.com/arstechnica/status

The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler.

via Threatpost threatpost.com/eus-green-pass-

God Access :verified: boosted

Looking to use #opensource in your #enterprise? With great workshops and keynote speakers including @sabdfl and @fkarlitschek the Enterprise Open Source Summit has you covered!

Don't forget to book your tickets!
hopin.com/events/enterprise-op

Over 10 MILLION users have been targeted with 151 malicious apps from the Play Store that tricked users into paying for premium subscription services without their knowledge or consent.

Details: thehackernews.com/2021/10/over

FBI Given Power To Unlock Capitol Riot Suspect Phone With His Fingerprint.

January 6 investigators get a warrant to open devices using a defendant’s fingerprint. Though he’d been accused of assaulting officers with pepper spray, forced fingerprint unlocks remain a legally-questionable power.

forbes.com/sites/thomasbrewste

Mozilla cracks down on malicious add-ons used by 455,000 users

The troublesome add-ons misused an API that controlled how Firefox connected to the internet.

zdnet.com/article/mozilla-fire

Show older
Mastodon 🐘

A general-purpose Mastodon server with a 1000 character limit.

Support us on Ko-Fi Support us on Patreon Support us via PayPal