Piero Bosio Social Web Site Personale

Social Forum federato con il resto del mondo. Non contano le istanze, contano le persone

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

The German #BSI has made 2025 the Year of #Email #Security

Uncategorized

1 Posts 1 Posters 3 Views

undefined This user is from outside of this forum
undefined This user is from outside of this forum
tutanota@mastodon.social

wrote on last edited by

#1

The German #BSI has made 2025 the Year of #Email #Security
Great initiative - and great rating for Tuta ❤️ - your secure email provider from Germany. 🇩🇪
https://www.bsi.bund.de/DE/Themen/Kampagne-einfach-absichern/EMSJ/Eckpunkte_EMSJ/Eckpunkte-EMSJ.html
1 Reply Last reply
1
0
undefined pierostrada@sociale.network shared this topic on

Feed RSS

The German #BSI has made 2025 the Year of #Email #Security

Gli ultimi otto messaggi ricevuti dalla Federazione

undefined
bryanredeagle@beige.party

@cwebber That's twice the risc!

read more
undefined
cwebber@social.coop

@aelaraji Damn!!! that's the shit I wanna hear

read more
undefined
cwebber@social.coop

if risc-v is so good why isn't there risc-w

read more
undefined
jfred@jawns.club

@cwebber @vagrantc Oh yeah that bit me years ago too when I was booting a Guix machine off of Heads (which likewise doesn't use grub). In that case though I could manually decrypt from the recovery shell, which isn't possible on the Reforms yet due to the lack of graphics in early boot
That might be a sticking point for Guix on MNT hardware too, since rolling back to previous generations from the boot menu is one of the nicer features of Guix

read more
undefined
evan@cosocial.ca

@virtuous_sloth @Anibyl Answer mine first!

read more
undefined
peacelink@sociale.network

Il Golden Dome USA prevede intercettori extra-atmosferici. Questi intercettori fanno parte di una parte del sistema definita Space-Based Interceptors (SBI). Sono pensati per ingaggiare missili nemici nelle prime fasi del loro volo. Gli SBI possono essere percepiti come potenzialmente riconvertibili in strumenti offensivi, ed è proprio qui che nasce gran parte delle preoccupazioni politiche e strategiche.
#GoldenDome #SBI #USA #Russia

read more
undefined
vladcampos@mastodon.social

@_elena It's crazy. One thing I would love to understand is why all these initiatives are based on the ATProto. There are some things that I see as better implementations there, for example, the domain name as a username. But I don't see any explanation on the websites, even technical ones, that clarifies why these people are not choosing ActivityPub.

read more
undefined
aeva@mastodon.gamedev.place

@Ronflaix 🤔 sounds like i should check in with them again in another 5-10 years

read more

@pierobosio@soc.bosio.info

Post suggeriti

undefined

The "Bluetooth Headphone Jacking" talk at #39c3 was awesome, too.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized 39c3 bluetooth phone whatsapp amazon youcannotbeparanoideno security
1

0 Votes

1 Posts

6 Views

undefined

The "Bluetooth Headphone Jacking" talk at #39c3 was awesome, too. They reversed a popular SOC that powers Bluetooth earbuds and headphones.They found that (even without being paired to the headphone), they could dump flash and RAM from the device. Then they dumped a bunch of info from the device - e.g. the #Bluetooth address and "master" encryption keys used for the communication with paired devices (e.g. a #phone).Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).The headphone (or the laptop impersonating the phone) has permissions to do some things on the phone, e.g. accept calls, increase/decrease volume, etc.Then they started recovering access a #WhatsApp account via some account recovery mechanisms. That required some one-time security key which would normally be delivered via SMS, but that could be delivered via phone call as a fallback option, too. Since the phone thought it was connected to the Bluetooth headphone, phone call audio would go to the laptop via Bluetooth.As the cherry on top, they escalated into the victim's #Amazon account.Scary shit. #YouCannotBeParanoidEnough #security
undefined

GrapheneOS migrates server infrastructure from France amid police intimidation claims
Watching Ignoring Scheduled Pinned Locked Moved News privacy security news privacyguides
1

0 Votes

1 Posts

14 Views

undefined

GrapheneOS migrates server infrastructure from France amid police intimidation claimshttps://www.privacyguides.org/news/2025/11/22/grapheneos-migrates-server-infrastructure-from-france-amid-police-intimidation-claims/#Privacy #Security #News #PrivacyGuides
undefined

Moving Beyond the NPM elliptic Package
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized npm crypto cryptography elliptic security infosec cve mitigation
1

0 Votes

1 Posts

10 Views

undefined

Moving Beyond the NPM elliptic PackageIf you're in a hurry, head on over to soatok/elliptic-to-noble and follow the instructions in the README in order to remove the elliptic package from your project and all dependencies in node_modules. Art: CMYKat Why replace the elliptic package? Yesterday, the Trail of Bits blog published a post about finding cryptographic bugs in the elliptic library (a Javascript package on NPM) by using the Wycheproof.http://soatok.blog/2025/11/19/moving-beyond-the-npm-elliptic-package/#npm #crypto #cryptography #elliptic #security #infosec #cve #mitigation #appsec #javascript #js #npm #npmsecurity #npmpackages
undefined

Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day.
Watching Ignoring Scheduled Pinned Locked Moved News redhat gitlab news technews cyberattack breach cybersecurity security
1

0 Votes

1 Posts

13 Views

undefined

Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day. Jeez.The Crimson Collective, the cybercriminal gang claiming responsibility for breaching the repo and stealing over 500GB of data, now seems to be collaborating with other cybercriminal gangs to extort Red Hat.From the article, the cybercrim alliance:"threatens to publish a "multi terabyte of data haul of your most sensitive intellectual property" and accuses Red Hat of failing to safeguard what it claims are trade secrets and personal data, invoking GDPR and US state privacy laws. It also reckons Red Hat's doors were kicked in on September 13 – weeks before the company came clean about the break-in."https://www.theregister.com/2025/10/07/red_hat_breach_new_claims/?td=rt-9bp#redhat #gitlab #news #technews #cyberattack #breach #cybersecurity #security #cybercrime #crime #extortion

Piero Bosio Social Web Site Personale

The German #BSI has made 2025 the Year of #Email #Security

Feed RSS

Gli ultimi otto messaggi ricevuti dalla Federazione

Post suggeriti

The "Bluetooth Headphone Jacking" talk at #39c3 was awesome, too.

GrapheneOS migrates server infrastructure from France amid police intimidation claims

Moving Beyond the NPM elliptic Package

Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day.