101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

480
active users

#comsec

2 posts1 participant0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.ml/@Xeniax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Xeniax</span></a></span> All attacks on <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> are illicit and illegitimate per definition, and merely appealing at authorities is not gonna work.</p><ul><li>Instead <em>encrypt harder</em> by using <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> [i.e. <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME &amp; <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>), <a href="https://infosec.space/tags/decentralize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralize</span></a> and use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> to <em>normalize</em> proper <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>! </li></ul><p>Anything else is <em>undue leniency</em> in the face of <a href="https://infosec.space/tags/Cyberfacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberfacism</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Cappyjax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Cappyjax</span></a></span> IDGAF about <em>"passion"</em>. <a href="https://infosec.space/@kkarhan/114697690127511140" rel="nofollow noopener" target="_blank">All I care about is the security of users!</a></p><p>Requiring <em>any</em> <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> is inacceptable when it comes to <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> &amp; <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a>, espechally given <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> is not only able but entirely willing to restrict service based off said numbers, making their "solution" insecure by design.</p><ul><li>There's a reason why <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> and <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME [both each over <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a>] is the <em>evidently superior and more secure approach</em>, as being unable to <em>"<a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a>"</em> a user is a matter of security...</li></ul><p>Espechally since obtaining a phone number anonymously is oftentimes illegal (i.e. <a href="https://infosec.space/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Germany</span></a> made it illegal starting 07/2017, so using any service that demands a phone numner is out of question)</p><ul><li>And even <em>if</em> one can get an anonymous <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIM</span></a> (with a phone number) or god forbid <a href="https://infosec.space/tags/eSIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eSIM</span></a>, (which is at best pseudonymous as tracking down users by virtue of matching ICCID, IMEI &amp; IMSI to location and time) the chances are high that one ends up with recycled phone numbers that have already been used.</li></ul><p>Obviously the devs of <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> are well aware of this critical flaw, which is why I consider them to act as <a href="https://en.wikipedia.org/wiki/Useful_idiot" rel="nofollow noopener" target="_blank"><em>"useful idiots"</em></a> or rather <a href="https://en.wikipedia.org/wiki/Opposition_(politics)#Controlled_opposition" rel="nofollow noopener" target="_blank"><em>"controlled opposition"</em></a> as <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> could've been shutdown trivially by the <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> Government or forced into banning users based off their <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> (they may call this <em>"<a href="https://infosec.space/tags/sanctions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sanctions</span></a> <a href="https://infosec.space/tags/compliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>compliance</span></a>"</em> given they added a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a> - Wallet into Signal!)...</p><ul><li>All the <em>"but <a href="https://infosec.space/tags/Metadata" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Metadata</span></a>"</em> <a href="https://infosec.space/tags/FUD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FUD</span></a> turns into <a href="https://infosec.space/tags/MarketingLies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MarketingLies</span></a> once put under the looking glass and examined against the risk of state-sponsored / -endordsed / -supported attackers.</li></ul><p>Whereas with <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a>, <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a> and <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thunderbird</span></a></span> / <a href="https://infosec.space/tags/Thunderbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Thunderbird</span></a> respectably I can not only use Tor, but do <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> for the entire <a href="https://infosec.space/tags/communications" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>communications</span></a> infrastructure (i.e. using an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a> = only reachable via Tor) and get the advantages of a self-routing, self-authenticating &amp; battle-hardened against censorship proxy network that can't be shutdown!</p><ul><li>And if you think this is too tinfoilhatted, then consider yourself privilegued enough of having your mere existance not being <a href="https://ilga.org/news/state-sponsored-homophobia-december-2019-decade-update/" rel="nofollow noopener" target="_blank">criminalized by the government under threat of public execution!</a></li></ul><p><a href="https://ilga.org/wp-content/uploads/2024/02/ILGA_World_map_sexual_orientation_laws_December2019.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ilga.org/wp-content/uploads/20</span><span class="invisible">24/02/ILGA_World_map_sexual_orientation_laws_December2019.pdf</span></a><br><a href="https://infosec.space/@kkarhan/114697690127511140" translate="no" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1146976</span><span class="invisible">90127511140</span></a></p>
Kevin Karhan :verified:Rant re: Signal Shills being dangerous Tech Illiterates
ƧƿѦςɛ♏ѦਹѤʞ<p><span class="h-card" translate="no"><a href="https://mstdn.social/@hkrn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hkrn</span></a></span> <br>Unbelievable idiocy.<br>Also ROTF.<br><a href="https://mastodon.social/tags/computer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>computer</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/comsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comsec</span></a> <br><a href="https://jltee.substack.com/p/new-zealand-companys-impossible-to-hack-security" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/new-zeala</span><span class="invisible">nd-companys-impossible-to-hack-security</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@erebion" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>erebion</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.online/@inaruck" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>inaruck</span></a></span> <a href="https://infosec.space/tags/Scherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scherheit</span></a> bedeutet ja <a href="https://chaos.social/@erebion/114038705703666014" rel="nofollow noopener" target="_blank">nicht nur</a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, sondern <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>.</p><ul><li>Alle <em>zentralisierten</em> Systeme sind diesbezüglich inhärent schlecht, gerade <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> welches eine <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VCmoneyBurningParty</span></a> ist und in keinster weise <a href="https://infosec.space/tags/nachhaltig" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nachhaltig</span></a> ist.</li></ul><p>Gibt Gründe warum <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>, <a href="https://infosec.space/tags/IRC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IRC</span></a> &amp; <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a> bis heute existieren ubd warum keiner mehr <a href="https://infosec.space/tags/AIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIM</span></a>, <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICQ</span></a>, <a href="https://infosec.space/tags/MSN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSN</span></a>, <a href="https://infosec.space/tags/BBM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BBM</span></a> &amp; Co. nutzt!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dalias" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dalias</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span><br><span class="h-card" translate="no"><a href="https://troet.cafe/@pixelschubsi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pixelschubsi</span></a></span> </p><p>Also the <a href="https://hachyderm.io/@dalias/113999748481227961" rel="nofollow noopener" target="_blank">blatant dismissal</a> of absolitely basic <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> is just flabberghasting.</p><ul><li>It's inherently wrong to <em>put all eggs in one basket</em> and <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> being not shut down like <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a> &amp; <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> makes it just as sus as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> / <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> / <a href="https://infosec.space/tags/OperatioTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperatioTrøjanShield</span></a> and <a href="https://infosec.space/tags/CryptoAG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoAG</span></a> / <a href="https://infosec.space/tags/MINERVA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MINERVA</span></a> / <a href="https://infosec.space/tags/RUBIKON" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RUBIKON</span></a>.</li></ul><p>Only <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralized</span></a>, <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> &amp; <a href="https://infosec.space/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenStandards</span></a> can actuall survive long-term and remain <a href="https://infosec.space/tags/secure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secure</span></a>.</p><ul><li>Otherwise we'd all gaslight ourselves into ignoring the hard lessions we learned that bought us to the <a href="https://infosec.space/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a> and why we ain't on <a href="https://infosec.space/tags/Shitter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitter</span></a> or <a href="https://infosec.space/tags/tumblr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tumblr</span></a> or <a href="https://infosec.space/tags/BrownSky" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrownSky</span></a> or <a href="https://infosec.space/tags/NSAbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSAbook</span></a> (any more)!</li></ul><p>It's the same reasons we use <a href="https://infosec.space/tags/PGPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGPG</span></a>/MIME &amp; <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a> and not <a href="https://infosec.space/tags/X400" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>X400</span></a> &amp; <a href="https://infosec.space/tags/X25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>X25</span></a>!</p><ul><li>Unlike with <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> one doesn't has to trust the provider or app. <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> works regardless if you use <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> or <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> or do <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> and only trust code you wrote yourself...</li></ul><p>IOW: Think <em>"How can you weaponize Signal?"</em> and see what you csn do <em>just holding key people in contempt</em>...</p><ul><li>And I'm not even talkibg about <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> - <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoors</span></a> and <a href="https://infosec.space/tags/MassSurveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MassSurveillance</span></a> alike <a href="https://infosec.space/tags/Room651A" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Room651A</span></a>, but just <em>duely submitted warrants</em> that <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> <em>will comply with</em>... </li></ul><p>The less <a href="https://infosec.space/tags/info" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>info</span></a> a provider has, the less they can be forced to snitch upon customers.</p><ul><li>So even if you don't give a shit that <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> makes this a <em>"<a href="https://infosec.space/tags/CantUse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CantUse</span></a> &amp; <a href="https://infosec.space/tags/WintUse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WintUse</span></a>"</em> (out of US-centrist privilegue to not comply <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> &amp; <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a>) for many, it's still dishonest.</li></ul><p><em>"<a href="https://infosec.space/tags/JustUseSgnal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JustUseSgnal</span></a>!"</em> is a form of <em>dangerous "<a href="https://infosec.space/tags/TechPopulism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechPopulism</span></a>"</em> aimed at bamboozling <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> <em>who don't know better</em>, abusing information asymetry to <em>pull rank</em> instead of investing the time and effort to *explain "how" and "why" this is indeed a good or bad idea.</p><ul><li>There's a reason why <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> doesn't include <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and why I'll say it again that XMPP+OMEMO over <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> is the gold standard in terms of <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> and <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> when it comes to <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> that isn't <a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgapped</span></a> aka. <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank"><em>"Airgapped PGP"</em></a>.</li></ul><p>The only ones that have a chance to beat that are <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> but that's just <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a> in a nice UI...</p><ul><li>You may now laugh at me and think my <em>"<a href="https://infosec.space/tags/TinfoilHat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TinfoilHat</span></a> sits too tight"</em> but I'm shure sooner or later I'll be evidenced as <em>correct</em>...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.coop/@cwebber" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cwebber</span></a></span> I disagree.</p><p><a href="https://infosec.space/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActivityPub</span></a> does allow for more privacy and granularity, unlike the fake shitshow that is <a href="https://infosec.space/tags/ATProto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ATProto</span></a>.</p><ul><li>OFC proper <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> demands that people consider all comms not <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> to be compromized in realtime!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@ck" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ck</span></a></span> <span class="h-card" translate="no"><a href="https://soc.hardwarepunk.de/profile/sven222" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sven222</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kuketzblog</span></a></span> problem is <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> is a <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Centralized</span></a>, <a href="https://infosec.space/tags/Proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution that falls under <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> and demands <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the form of <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a>.</p><ul><li>So even if we'd agree that <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> as implememented in <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> &amp; <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a> is bad (and <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME over XMPP isn't good either) there are still better options than <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> (i.e. <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> which uses PGP/MIME &amp; <a href="https://infosec.space/tags/IMAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IMAP</span></a>-Push aka. <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a>) that don't require a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a>, allow <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> and are truly <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> with an <a href="https://infosec.space/tags/OpebStandard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpebStandard</span></a> that allows for <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> as in <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the <a href="https://infosec.space/tags/Keys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keys</span></a>.</li></ul><p>Cuz all the <a href="https://infosec.space/tags/advertising" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advertising</span></a> of Signal is close to <a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustMeBro</span></a> and I'd not trust in <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> to <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">risk jail for users</a>!</p><ul><li>But you do you... </li></ul><p><a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://toot.cat/@EveHasWords" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EveHasWords</span></a></span> <em>Everything that isn't <a href="https://infosec.space/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrypted</span></a> securely with a *real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> = <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a>-only like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME &amp; <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> needs to be regarded as <a href="https://infosec.space/tags/public" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>public</span></a> - period!</p><ul><li><a href="https://web.archive.org/web/20210226175949/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank"><em>NEVER EVER</em> TRUST A VPN!</a></li></ul><p><a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a></p>
vruz<p>If you are a small ISP and you host anything vaguely similar to this, and it gets discovered, the FBI will drop by your home, and take you for a ride in a van blindfolded in the middle of the night.</p><p>But for Google Doxx... business as usual.</p><p><a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://mstdn.social/tags/comsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comsec</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@wmd" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>wmd</span></a></span> <span class="h-card" translate="no"><a href="https://denden.world/@miqokin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>miqokin</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> <span class="h-card" translate="no"><a href="https://social.librem.one/@guardianproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>guardianproject</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@micahflee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>micahflee</span></a></span> also it's not as if I'm <a href="https://infosec.space/tags/shitposting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shitposting</span></a>, cuz I mean this serious.</p><ul><li>I've ~ 18 years of IT skills at my fingertips, &gt; 15 just with *getting "<a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a>" setup when it comes to <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>.</li></ul><p>And I'm not talking just about helping some kiddies spread the news, but criticsl comms that literally saved lives.</p><ul><li>I wish I could.go into details but alas my confidentiality was requested and I'm nit gonna violate an NDA and put a life at ridk just to wib an argument on the Internet.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@lucasmz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lucasmz</span></a></span> <span class="h-card" translate="no"><a href="https://ioc.exchange/@Avitus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Avitus</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@david_chisnall" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>david_chisnall</span></a></span> the benefit of <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> is that there are <a href="https://github.com/greyhat-academy/lists.d/blob/main/xmpp.servers.list.tsv" rel="nofollow noopener" target="_blank"><em>several providers</em>, including free options</a>...</p><ul><li><span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> also supports <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Monero</span></a> and <a href="https://infosec.space/tags/CashByMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CashByMail</span></a> for those that can't use <a href="https://infosec.space/tags/PayPal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PayPal</span></a>, <a href="https://infosec.space/tags/Stripe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Stripe</span></a> or <a href="https://infosec.space/tags/SEPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SEPA</span></a>.</li></ul><p>All <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> incl. <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> can and will be abused by existing governments and <em>if users don't pay, then they are the product and their data is the one to be sold</em>.</p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a> <em>IS</em> THE <a href="https://infosec.space/tags/IllicitActivity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IllicitActivity</span></a> WHEN IT COMES TO <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>!</li></ul><p>After all, you have the same <em>cost problem</em> with phone numbers. Even if one doesn't pay per line/number and never pay for calls and texts, they still have to top it up to extent validity.</p><ul><li>And again: It's way easier for a government to demand an ID for a <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIM</span></a> that works in networks around their country (i.e. <a href="https://infosec.space/tags/Turkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Turkey</span></a> demands registration on a per-<a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IMEI</span></a> - basis *with <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ID</span></a>) than to tunnel XMPP+OMEMO through <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> over <a href="https://infosec.space/tags/EDGEland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDGEland</span></a>-speed <a href="https://infosec.space/tags/2G" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2G</span></a> networks.</li></ul><p>Plus you relying an <em>unfixably insecure</em> <a href="https://infosec.space/tags/Telephony" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telephony</span></a> makes a system inherently unsafer than it needs to be...</p><ul><li>This is how people get caught!</li></ul><p>Also <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> is <em>able and willing</em> to use said PII to <em>restrict and ban users</em> and if I were some dissident in Cuba or North Korea or even just Eritrea or Yemen I'd not rely on non-enforcement of <a href="https://infosec.space/tags/OFAC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OFAC</span></a> / <a href="https://infosec.space/tags/USML" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USML</span></a> / <a href="https://infosec.space/tags/ITAR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITAR</span></a> since Signal can obviously distinguish &amp; identify accounts by virgue if their <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a>! </p><ul><li>Always think <em>"How can this be weaponized against someone?"</em> when it comes to <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a>!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.social/@rysiek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rysiek</span></a></span> <span class="h-card" translate="no"><a href="https://circumstances.run/@agturcz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>agturcz</span></a></span> that's not how you fix <a href="https://infosec.space/tags/TechIlliteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliteracy</span></a>, espechally since things changed for the better.</p><p><span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> &amp; <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a> are quite easy, whereas <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> demands <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the form of a <a href="https://infosec.space/tags/Phone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phone</span></a> number which is more often than not not legally obtainable without <em>"<a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a>"</em> aka. <em>"forced <a href="https://infosec.space/tags/SelfDoxxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfDoxxing</span></a>"</em> all whilst being an extremely <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution that falls under <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> ant thus <em>cannot</em> adhere to <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> &amp; <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a>!</p><ul><li>Sorry, but <em>"<a href="https://infosec.space/tags/TechPopulism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechPopulism</span></a>"</em> alike <a href="https://mstdn.social/@rysiek/113869169340313254" rel="nofollow noopener" target="_blank"><code>"JuSt UsE sIgNaL !"</code></a> won't fix <a href="https://infosec.space/tags/TechIlliteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliteracy</span></a> but rather provide false sense of security to <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> when the <em>correct solution</em> is to teach <em>proper</em> <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechLiteracy</span></a> like <span class="h-card" translate="no"><a href="https://chaos.social/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cryptoparty@chaos.social</span></a></span> / <span class="h-card" translate="no"><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cryptoparty@mastodon.earth</span></a></span> / <a href="https://infosec.space/tags/CryptoParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoParty</span></a> does...</li></ul><p>Otherwise we'd only perpetuate the <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a>-<a href="https://infosec.space/tags/Lifecycle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lifecycle</span></a> as has happened with <a href="https://infosec.space/tags/AIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIM</span></a>, <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICQ</span></a>, <a href="https://infosec.space/tags/BBM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BBM</span></a> and so many more...</p><ul><li>Mark my words, cuz I've been proven correct up to this point.</li></ul><p>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> <em>actually cared</em>, they would've setup their system <em>truly decentralized</em> as an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a> over <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a>!</p><p><a href="https://infosec.space/tags/THXBYE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>THXBYE</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOD</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/DigitalSnakeoil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSnakeoil</span></a> <a href="https://infosec.space/tags/FakeSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FakeSec</span></a></p>
F3715H<p><span class="h-card" translate="no"><a href="https://mastodon.social/@MartinaNeumayer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>MartinaNeumayer</span></a></span> <span class="h-card" translate="no"><a href="https://net4sw.com/@VixenBlu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>VixenBlu</span></a></span> <span class="h-card" translate="no"><a href="https://spookygirl.boo/@thelusciouslibra" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thelusciouslibra</span></a></span> Anyway, I do recommend for *everyone* to check out <span class="h-card" translate="no"><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cryptoparty</span></a></span> 's materials and read up on <a href="https://noods.fun/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://noods.fun/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://noods.fun/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://noods.fun/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> and evaluate threats vs. risks vs. cost.</p><p>But using i.e. <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thunderbird</span></a></span> and <a href="https://noods.fun/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME for *real* <a href="https://noods.fun/tags/EndToEndEncryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndToEndEncryption</span></a> is a good start...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.vivaldi.net/@MastoDenunzianten" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>MastoDenunzianten</span></a></span> <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> </p><p>Natürlich kannste der <a href="https://infosec.space/tags/Desinformation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Desinformation</span></a> von <a href="https://infosec.space/tags/Diensteanbietern" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Diensteanbietern</span></a> glauben, aber dann ist <a href="https://infosec.space/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WhatsApp</span></a> <a href="https://www.youtube.com/watch?v=WpymYLptu8o" rel="nofollow noopener" target="_blank">auch</a> <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> weil die <a href="https://infosec.space/tags/SSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSL</span></a> nutzen (und mit der Logik auch <a href="https://infosec.space/tags/WeChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WeChat</span></a> &amp; <a href="https://infosec.space/tags/QQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QQ</span></a> - lol)!</p><ul><li>Ernsthaft, es gibt nen Grund warum <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> &amp; <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME bis heute sich halten und proprietäre shice alla <a href="https://infosec.space/tags/MSN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSN</span></a> &amp; <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICQ</span></a> tot ist.</li></ul><p>Gerade weil wirkliche <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> &amp; <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> sowie <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> &amp; <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> nur mit <a href="https://infosec.space/tags/Transparenz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Transparenz</span></a> geht.</p><ul><li>Ich vertrau' prinzipiell <em>keinem</em> Code oder Anbieter...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://nrw.social/@FrankM" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>FrankM</span></a></span> natürlich ist es gut wenn Leute endlich die <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> aus Redmond entsorgen!</p><ul><li>Allein wegen <a href="https://infosec.space/tags/CensorBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CensorBoot</span></a> und der dadurch erzeugen Menge an <em>100% vermeidbarem <a href="https://infosec.space/tags/Elektroschrott" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elektroschrott</span></a></em> sollte <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> verboten werden! </li></ul><p>Alles andere wäre Akzeptanz von <a href="https://infosec.space/tags/umweltverbrechen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>umweltverbrechen</span></a>! </p><ul><li>Von <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> ganz zu schweigen!</li></ul><p><a href="https://www.youtube.com/watch?v=ODFc8xYjsmo" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=ODFc8xYjsm</span><span class="invisible">o</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.linux.pizza/@http" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>http</span></a></span> <span class="h-card" translate="no"><a href="https://sakurajima.moe/@Rob298" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Rob298</span></a></span> <em>precisely that!</em></p><ul><li><p>Also most corp/org/edu networks only backup the <code>$HOME</code> directory and sometimes even allow syncing them across distros &amp; keep them across version updates, so all the settings, addons and stuff remaib where they are: in said <code>/home/</code> subfolders!</p></li><li><p>In fact most places with a sizeable <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>-<a href="https://infosec.space/tags/Desktop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Desktop</span></a> landscape will just keep the /home/ directory on a redundant, <a href="https://infosec.space/tags/iSCSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iSCSI</span></a>-SAN and <a href="https://infosec.space/tags/netboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>netboot</span></a> their <a href="https://infosec.space/tags/DisklessWorkstation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DisklessWorkstation</span></a>|s via <a href="https://infosec.space/tags/iPXE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPXE</span></a>, as this way burglars stealing devices most likely end up with a locked-down machine (anything but booting the preset network targets won't work without admin password!) that is a paperweight to them and espechally <em>no data</em>, which is crucial when it comes to <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>. </p></li></ul><p>Cuz it's way easier to secure 1-5 server rooms than thousands of publicly accessible machines on multiple campuses.</p><ul><li>It's also a real godsent for technicians as they can just login / boot into a diagnostics system and quickly see what's wrong if a system has issues (if they don't already see it in their dashboard that collects logs, telling them they need to replace the CPU fan or clean a machine as it's overheating)...</li></ul>
LaemenPang<p><span class="h-card" translate="no"><a href="https://mastodon.ie/@EugeneMcParland" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EugeneMcParland</span></a></span> If I wasn't 60 years old and <a href="https://mastodon.social/tags/Neurodivergent" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Neurodivergent</span></a> I would be there in a <a href="https://mastodon.social/tags/Heartbeat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Heartbeat</span></a> 2 decades <a href="https://mastodon.social/tags/usaf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usaf</span></a> <br><a href="https://mastodon.social/tags/comsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comsec</span></a> <a href="https://mastodon.social/tags/tactical" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tactical</span></a> <a href="https://mastodon.social/tags/combat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>combat</span></a> <a href="https://mastodon.social/tags/communication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>communication</span></a> <a href="https://mastodon.social/tags/webappsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webappsecurity</span></a> <a href="https://mastodon.social/tags/socialengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>socialengineering</span></a> <a href="https://mastodon.social/tags/osint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osint</span></a> <a href="https://mastodon.social/tags/cook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cook</span></a> <br><a href="https://mastodon.social/tags/commitment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>commitment</span></a> I am going look up <a href="https://mastodon.social/tags/UkraineJenny" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UkraineJenny</span></a></p>
Kevin Karhan :verified:<p>Wer <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> in einem <em>"Hochsicherheitsumfeld"</em> nutzt, sollte wegen gemeinfefährlicher Fahrlässigkeit geknastet werden!</p><p><a href="https://www.hays.de/jobsuche/stellenangebote-jobs-detail-it-administrator-fuer-hochsichere-infrastruktur-neuss-788648/1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">hays.de/jobsuche/stellenangebo</span><span class="invisible">te-jobs-detail-it-administrator-fuer-hochsichere-infrastruktur-neuss-788648/1</span></a></p><p><a href="https://infosec.space/tags/KRITIS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KRITIS</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/EpicFail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EpicFail</span></a></p>
ƧƿѦςɛ♏ѦਹѤʞ<p><span class="h-card" translate="no"><a href="https://mastodon.social/@jensorensen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jensorensen</span></a></span> <br>Which reminds me. I occasionally shop at <a href="https://mastodon.social/tags/Ocado" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ocado</span></a> and have never had a problem with the process... except the other day I could no longer get the 'login' button to 'stay depressed'. After spotting some 'interesting' traffic I tried (temporarily) relaxing my firewall rules wrt certain g00gle domains and, et voila, all was 'normal'.<br><a href="https://mastodon.social/tags/WTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WTF</span></a> <a href="https://mastodon.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.social/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>surveillance</span></a> <a href="https://mastodon.social/tags/consumer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>consumer</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/comsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comsec</span></a> <a href="https://mastodon.social/tags/thirdpartyparasites" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdpartyparasites</span></a></p>