Pinned toot
Zack boosted
Zack boosted
Zack boosted
Zack boosted

86's ETP Strict Mode has "total cookie protection"

The good: to silo off each in a digital cookie jar assigned to each website. To prevent browser history .

The bad: this feature adds some exceptions for popular third-party log-ins providers. Exceptions, which are NOT manual, mean it is NOT total.

The ugly: ETP Strict Mode with exceptions will break some websites, so, how many people will actually use and
continue using this feature ?

More on site isolation later.

2/2 Some to watch out for :

_ network traffic that traverses in unusual ports;

_ tampered file, DNS and registry configurations as well as changes in (mobile) system settings;

_ large amounts of compressed files and data unexplainably found in locations where they shouldn't be;

_ HTML response sizes;

_ large number of requests for the same file;

_ unexpected patching of systems;

_ Web traffic with unhuman behaviour;

_ signs of DDoS activity;

Not a definitive list, of course...

1/2 Some to watch out for :

_ unusual ingoing and outgoing network traffic;

_ anomalous activity in administrator or privileged accounts;

_ unknown files, applications and processes in the system;

_ irregular activities such as traffic in countries / regions an organization doesn't do business with;

_ dubious log-ins, access, and other network activities that indicate probing of brute force attacks;

_ anomalous spikes of requests and read volume of company files;

to be continued...

stands for Of .

In computer , it is an artifact observed in an OS or on a network that, with high confidence, indicates a computer . Several IOCs must be correlated in order to modelize the behavior of, and, ultimately recognize, the .

By for known IOCs, professionals and system administrators can detect future activity.

Indicators of (IOA), imply that an attack is still raging.

Zack boosted
Zack boosted
Zack boosted
Zack boosted

« Le consentement »
Explications détaillées de la @CNIL avec des exemples de bonnes et mauvaises pratiques, pour comprendre les 4 critères (cumulatifs) de la définition du consentement en matière de traitement des #DonnéesPersonnelles
À connaître !

Zack boosted

la société Doctolib a choisi de faire appel au géant américain Amazon Web Services pour héberger les données de santé.

Or, conformément à une série de décisions intervenue devant la CJUE mais également en ce qui concerne le Health Data Hub hébergé chez Microsoft, le droit américain n’assure pas un niveau de protection adéquat avec RGPD.

En ayant recours à Doctolib, le Ministère s’inscrit donc en violation du RGPD.

🍿 🍿 🍿 🍿 🍿 🍿 🍿 🍿 🍿 🍿

Show thread
Zack boosted
Zack boosted

A super easy way to disable camera and microphone access on #Android for #privacy. This is built into the system (Android 10+)

settings > developer options > quick setting developer tiles > sensors off

This will place a quick settings tile in the notification shade to enable/disable sensors on the device, allowing you to completely disable camera/microphone access on the device

Zack boosted

The reason why most smartphones don't have a headphone jack anymore is because when you have to rely on Bluetooth, you are far easier to track.

Getting rid of the headphone jack means less user #privacy.

Zack boosted
Zack boosted

voice-to-text technologies that are currently widespread and often used in every-day activities could be used by law enforcement.

Zack boosted

📢Nextcloud 21 is here!

🚀10x faster with high performance back-end for Files

📝Collaborative features: Whiteboard, author colors in Text, and Document Templates

🗨Nextcloud Talk: message status indicators, raise hand, conversation description & more!

Show older

InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: