I developed a script to generate anonymous email addresses over Tor (or any proxy configuration you want): anonfiles.com/neLfc753qf/tmpma

It relies on proxychains for proxying traffic anonymously.

(This is a fork. The original can be found at github.com/sdushantha/tmpmail)

As a reminder to anyone currently using PGP/GPG, you shouldn't. PGP is an outdated, overly complex protocol that doesn't meet the standards of a modern secure system.

latacora.micro.blog/2019/07/16

Someone in a Matrix room I'm a part of mentioned this:

C: Do you want more buffer overflow vulnerabilities? No? Well... take it anyway!
nitter.net/FiloSottile/status/

Of course `gcrypt` would have an exploitable heap overflow. This is why I recommend avoiding PGP

A while back I performed a mini-audit on the Threema messaging app. You can read about Threema on my blog: serpentsec.1337.cx/threema

With today being data privacy day, I decided to publish an article explaining why privacy is important, and discussing why we shouldn't simply believe companies who try to claim "we care about your privacy". I imagine many people here already understand this, but I figured I'd release the article anyway.

serpentsec.1337.cx/privacy-day

In light of a recent report from Google's TAG, I'm like to remind everyone of the importance of verifying trust. According to TAG, North Korean attackers have been posing as security researchers to steal research and obtain vulnerability information they can exploit.

TAG also discovered the same attackers have been exploiting a zero-day in Chrome on Windows.

serpentsec.1337.cx/trust-and-v

I created this account a few days ago (maybe a week?), but haven't introduced myself yet. So, I'm doing that now.

I'm a security and privacy researcher, and a blogger. My primary focus is cryptography, but I work in all aspects of privacy and security. I do a lot of code review, pentesting, and red team assessments.

For anyone interested, my blog is available at serpentsec.1337.cx/

IOC.exchange

INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: https://guide.ioc.exchange

HAVE FUN and STAY SAFE!