Notices by Joshua Judson Rosen (rozzin) tagged security
-
Joshua Judson Rosen (rozzin)'s status on Wednesday, 25-Sep-2019 05:32:22 EDT Joshua Judson Rosen #Termbin is a nice #pastebin !hack https://termbin.com/
Obvious down side: no #TLS #security.
But it's also #nonobvious if any of the other pastebin tools use TLS—where TLS is easily added in front of #termbin and clients just swap #netcat for #socat or #gnutls.
#transparency -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 21-Nov-2018 13:55:42 EST Joshua Judson Rosen Conversations with kids, about #umwelt, #superpowers, and #infosec:
"Why are they looking at me?"
"Because they heard you fart."
"Whhhhat do you mean?!?!"
"Hearing people can hear farts."
…
https://www.jwz.org/blog/2018/11/tell-them-to-stop-listening-to-my-farts/
!education !parenting #poop !security -
qbi (qbi)'s status on Thursday, 01-Feb-2018 10:43:07 EST qbi Call for action: Please send me an encrypted file!
http://yaturl.net/1ce0
!security #encryption -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 19-Oct-2016 17:13:50 EDT Joshua Judson Rosen Luckily, that was only... 2014. Are we beyond `your fingerprint is your password' type !security yet in 2016? -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 19-Oct-2016 17:03:40 EDT Joshua Judson Rosen Why #biometrics ≠ !security, #again: https://status.hackerposse.com/url/12263 -
Joshua Judson Rosen (rozzin)'s status on Monday, 16-Mar-2015 10:34:32 EDT Joshua Judson Rosen Gibson's at it again with some squirrelly new web #authentication scheme... https://www.grc.com/sqrl/sqrl.htm !security -
Joshua Judson Rosen (rozzin)'s status on Saturday, 21-Feb-2015 17:40:02 EST Joshua Judson Rosen I've heard corporate IT types say "the fundamental underlying problem" with #endtoend !security is that it's secure end-to-end: http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-3/123_security.html -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Thursday, 19-Feb-2015 07:56:10 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca MITM cert software is all too common. There's a whole ecosystem of vendors selling MITM "solutions" to corporations. And since nobody ever checks the cert details when they're browsing with https, nobody realizes they've been compromised. Never do your banking from your employer's computer! The whole hierarchical PKI of certs, CAs and browsers is completely broken. !surveillance !security -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 18-Feb-2015 21:10:57 EST Joshua Judson Rosen @lnxw48, this reminds me of a rule I once encountered about 'safe' image-formats for exporting data: #PNG is dangerous because the orthogonal alpha channel means pixels can contain invisible (recoverable) data; #GIF is safe because transparent pixels contain only the transparency. !security -
lnxw48 (Linux Walt) (lnxw48)'s status on Wednesday, 18-Feb-2015 00:40:24 EST lnxw48 (Linux Walt) Do not copy/paste from web sites into your terminal. Here's an example of why you should not do so: http://head4.me/33 (I know it is basic !security, but you'd be surprised how many people do this, often while following some tutorial.) -
Joshua Judson Rosen (rozzin)'s status on Monday, 26-Jan-2015 01:15:45 EST Joshua Judson Rosen This #USB PortPilot thing seems like a pretty good idea, even just considering the !security angle: hakshop.com/portpilot #want -
Joshua Judson Rosen (rozzin)'s status on Thursday, 11-Dec-2014 23:53:59 EST Joshua Judson Rosen #TaylorSwitft on !security? https://twitter.com/SwiftOnSecurity -
Joshua Judson Rosen (rozzin)'s status on Sunday, 09-Nov-2014 13:18:36 EST Joshua Judson Rosen Genkin, Shamir, & Tromer explain how to build a #sonic-screwdriver to open nearby #GnuPG keyrings: http://www.cs.tau.ac.il/~tromer/acoustic/ !security -
Joshua Judson Rosen (rozzin)'s status on Sunday, 09-Nov-2014 13:11:51 EST Joshua Judson Rosen #Reading the Genkin/Shamir/Tromer paper on accoustic extraction of RSA keys from #GnuPG < 1.4.16: http://www.cs.tau.ac.il/~tromer/acoustic/ !security -
Joshua Judson Rosen (rozzin)'s status on Sunday, 09-Nov-2014 12:41:34 EST Joshua Judson Rosen I'm a little conservative WRT major revs of !security software: trying to decide now, is it finally time to upgrade from #GnuPG 1.4 to 2.0? -
benfell (benfell)'s status on Thursday, 06-Nov-2014 09:58:35 EST benfell #GnuPG 2.1.0 is out: secring.gpg is no longer used, but the announcement doesn't say how secret keys are now maintained. !security -
lnxw48 (Linux Walt) (lnxw48)'s status on Thursday, 25-Sep-2014 04:57:39 EDT lnxw48 (Linux Walt) @vegos Patch does not completely fix the issue. New CVE number issued. http://url.federati.net/rS61B !security !crypto
-
lnxw48 (Linux Walt) (lnxw48)'s status on Wednesday, 24-Sep-2014 14:08:05 EDT lnxw48 (Linux Walt) Seen on #PumpIO: serious !security hole in #bash. Link 1 Link 2 Time to patch.
-
Joshua Judson Rosen (rozzin)'s status on Thursday, 07-Aug-2014 11:45:19 EDT Joshua Judson Rosen PGP pathfinder, a tool that finds trust-paths between #PGP keys: http://pgp.cs.uu.nl/