On tonight's #AttackOnTuesday, we're diving into ADCS attacks, using the recently-reintroduced vulnerability as a jumping off point! This'll be new for me as well, so let's learn together! Live at 5PM Pacific at twitch.tv/mttaggart

#infosec #cybersecurity

@sten @alcinnz Passwords could be killed, but it would require a creation of a National Online ID, like South Korea. Smart cards have been a thing for years.

Tech has a long tail. Maybe around the turn of the next century, if the climate disaster doesn’t take out civilization.

I’ll probably play with it as soon as FreeIPA and other FOSS projects pick it up.

I just noticed "foreach" on npm is controlled by a single maintainer.

I also noticed they let their personal email domain expire, so I bought it before someone else did.

I now control "foreach" on NPM, and the 36826 projects that depend on it.

Show thread

I've heard about the "death of passwords" many times in my security career so far, but passwords have always outlived the other solutions.

But with Microsoft, Google, and Apple pushing FIDO, this time round might indeed be different!

My personal view is that it's a very solid technical solution (wouldn't expect anything else from these participants), but it risks leaving out important parts of the population (e.g., elderly, disabled, poor).

What do you think?

Ich bräuchte einmal Rat von Leuten, die sich mit dem Thema #fahrrad gut auskennen.

Ich muss an meinem alten Rad, so Typus #Trekking bis #City, etwas wegen der #Bremsen machen und habe entschieden diese komplett auszutauschen.
Habe momentan mechanische V-Brakes. Möchte auch bei Mechanischen bleiben, weil ich da noch selbst dran schrauben kann.
Frage ist dann aber #Felge oder #Scheibe? Und dann gibt es ja weiterhin zig Typen 😅

Gerne boostern :)

#fahrradbubble #Schrauber #radfahren

Optimist: The glass is ½ full.
Pessimist: The glass is ½ empty.
Excel: The glass is January 2nd.

@TechNews I am unconvinced that more biometrics is a net good. And reliance on smartphones seems like an accessibility issue, no?

Wie jetzt… keiner geht zu Helene Fischer? Wie seid ihr denn alle drauf?

Show thread

"Reading" put aside, I didn't even KNOW most of these existed!

10 books for GNU/Linux beginners


OMFG I'm using ffmpeg to extract the frames of Hackers and frame 93353 was flagged as a trojan >.<

I have firmware for an ARM7EJ-S. The only technical documentation on this specific processor from ARM that I can find is this series of web pages: developer.arm.com/documentatio

This is very inconvenient for me and I would much prefer a PDF, but I can't seem to find one. Is this the ONLY technical info out there?

I'm seeing reports that some people feel compelled to hate programming languages in a non-ironic way.

I'm the first person to make jokes about languages. All software sucks, and, by extension, so do all languages.

But can't you guys (and they are all guys, as far as I can tell) save your hate for something that's actually hateworthy? Otherwise you're just like some teenager who hates a band just because they make noises that he happens not to like.

RT @EdOverflow
After 5 years of work, security.txt is officially an RFC. I am pleased to announce RFC 9116: rfc-editor.org/rfc/rfc9116.

I would like to use this opportunity to thank those who made this possible. Thank you. ❤️

Show older

InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: https://ioc.wiki/mastodon