seb @seb@ioc.exchange

I am here because I love Gnu/Linux and its philosophy. I am using it since I have installed it on my first computer in 1998. I used to buy computer magazines and they used to have program CDs or Floppies. One day I saw a program called Slackware Linux and it changed my life. #introductions

good morning!

i'm here to toot

ahhh yes, it is once again Sunday morning in Sundogistan and that means #jazz

this morning it's cold, I'm tired, and the brain is unresponsive, so nothing too tricksy this week, just some newish jazz releases to review and contemplate.

so, if a slow start with some new sounds seems an okay way to come around, feel free to follow along over on @nowplaying or https://radio.reclaim.technology/stream

Ever wanted to see how 2FA gets compromised?

https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/

https://samy.pl/slipstream/

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website.

This is neat, although you have to dig in a bit to learn it requires the NAT gateway to do some fancy SIP proxying.

#browser #exploit #networking #security #turtles #web

"your music is great, you could make so much money! put it up to stream!"

OMG, am dying!!!

Someone used the bug GitHub refused to fix, that allows you to add a commit to a repo you don’t control... to upload YouTube-dl to the DMCA request repo on GitHub.

https://github.com/github/dmca/tree/416da574ec0df3388f652e44f7fe71b1e3a4701f

#introduction

Hi.
I’m 34 years old, dad of two, ICU-nurse and a hobbyist computer programmer and FOSS-lover.
I just learned about mastodon and I am fascinated by its concept.

Hoping to find some chill people here to talk about my interests!

#security #cryptography https://kryptor.co.uk/ Looks to be a promising project for file encryption. :)

Awesome AWS S3 - Security, Tools and Intel

Collection of tools, techniques and useful links concerning security and exposed AWS S3 Buckets

https://github.com/mxm0z/awesome-sec-s3

How to properly manage ssh keys for server access :: Päpper's Coding Blog — Have fun coding.

Every developer needs access to some servers for example to check the application logs. Usually, this is done using public-private key encryption where each developer generates their own public-private key pair. The public keys of each developer are added to the authorized_keys file on each server they should have access to.

https://www.paepper.com/blog/posts/how-to-properly-manage-ssh-keys-for-server-access/

Another #fediboost, this time for https://social.nixnet.services.

It's a Mastodon instance run by @amolith who also provides a bunch of other services for people to use over at https://nixnet.services. He's a genuinely great guy and runs a good instance.