Notices tagged with security

"Someone logged into your account from an untrusted device."

Do you trust this device, or do you want to prevent it from logging in again?

#pixelfed #security

Guide to Web #Authentication

An introduction to Web Authentication (#WebAuthn), the new API that can replace passwords with strong authentication.

https://webauthn.guide/

Supported by most major web browsers safe 1, whose vendor claims support will follow shortly.

#security #privacy #encryption

Wow.

Here's a #security hole waiting to be abused.

#powershell web access:
https://docs.microsoft.com/en-us/powershell/scripting/components/web-access/install-and-use-windows-powershell-web-access

And if you thought: just activate #javascript and allow #cookies, lower #security and #privacy, so the site will let me download time tables?

Yeah, about that.

These #webdevs did something really sneaky. They powered their #webforms with a very old version of #ASPNet. So the forms work only in very special web browsers. If you happen to prefer #Stoutner's #PrivacyBrowser, no downloads for you!

Unless you already know this page:
http://www.academybus.com/Commuters/Timetables.aspx

Currently I can read the #MDN and peruse its articles without activating #javascript or #cookies. It's fast and seems to work well.

Hey, #Mozilla, please don't take that ability away from us?

#Usability #Accessibility #Privacy #Security

Unfortunately, the birdsite's #mobile website will also detect that you enforce #pricacy and #security regulations by running #javascriptFree. And it, too, will ask you whether you would like to visit their #legacy web site.

So you press Yes.

And nothing seems to happen.

Why?

Because #Twitter #webdevs chose to save your preference in a #cookie in your browser. So you have to allow 1st-party cookies.

#Twitter needs to inform us about that on those redirect pages. #UX #UserExperience

If you were to visit https://twitter.com/ with your mobile browser set to run free of #javascript, the site will first detect that you're on #mobile, and then that you refuse to lower your #privacy and #security.

It doesn't like that very much, but it does offer a way out. It asks you whether you want to use their #legacy site version. Which, granted, is great.

So you press the Yes button, after which you get transported to https://mobile.twitter.com/

@tpheine Wedge one under the door, nobody will be able to get in. Hey presto #security 😄

annual Linux Journal #security issue: "Todd A. Jacobs... gives an overview to using a YubiKey... Then he follows that up with The Purism Librem Key and how that specific USB hardware key compares to others on the market..." https://www.linuxjournal.com/content/security-issue

🎁 Buy Now & Save: Librem 5 Early Bird pricing ($599 USD) *extended to February 3*. Preorder pricing ($649 USD) begins Feb 4 and ends when general availability and shipping begins. https://shop.puri.sm/shop/librem-5/ #DemandFreedom #privacy #security

RT @nixcraft@twitter.com

SS7 attacks strikes again. Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts #security https://motherboard.vice.com/en_us/article/mbzvxv/criminals-hackers-ss7-uk-banks-metro-bank

🐦🔗: https://twitter.com/nixcraft/status/1091284520089706496

Great visualisation of "Username: admin, Password: admin". #security

https://www.reddit.com/r/ProgrammerHumor/comments/aiycb4/username_admin_password_admin/

RT @nixcraft@twitter.com

Remote Code Execution in apt/apt-get #linux #security https://justi.cz/security/2019/01/22/apt-rce.html

🐦🔗: https://twitter.com/nixcraft/status/1087808851200565248

@DuckDuckGo Recently I saw a video presentation on how advanced video motion zooming can reconstruct what is said in a room by zooming into the vibrations of a potato chips bag laying in the street next to the room.

#privacy #security #bigbrother

@DuckDuckGo During a recent family get-together, one of my relatives mentioned he didn't need to watch his words, because he lives his life Alexa free. Well, sorry for him: several others had Siri activated.

If you want to keep your thoughts private, right now your best bet is to not utter them. At any time. To anyone. Cameras and microphones are everywhere.

#privacy #security

RT @nixcraft@twitter.com

Interesting hack & dark side of unwanted devices in your network. The curious case of the Raspberry Pi in the network closet. How we found, analyzed (with the help of Reddit) and in the end caught the culprit of a malicious device in our network https://blog.haschek.at/2018/the-curious-case-of-the-RasPi-in-our-network.html #security

🐦🔗: https://twitter.com/nixcraft/status/1085538865329238016

🎁 Buy Now & Save: Librem 5 Early Bird pricing ($599 USD) ends January 31. Preorder pricing ($649 USD) begins Feb 1 and ends when general availability and shipping begins. https://shop.puri.sm/shop/librem-5/ #DemandFreedom #privacy #security

RT @TheHackersNews@twitter.com

Google Public DNS Service (8.8.8.8) Now Supports DNS-over-TLS #Security Feature

https://thehackernews.com/2019/01/google-dns-over-tls-security.html

It not just helps in hiding your web-browsing history from ISPs and eavesdroppers, but also prevents DNS spoofing attacks.

🐦🔗: https://twitter.com/TheHackersNews/status/1083283501061980160