Last time I was in a Silicon Valley Hotel, I had to sign a waver that I accepted that there was an Alexa in my room. Of signed it, and unplugged it (as well as the TV). I will not have these horrible things near me. The…
There are several things going on here -- Today, banking controls the monetary supply through creation of new dollars to be loaned. Being fully backed has less meaning in a continuously inflating fiat currency world.…
It really isn't killing kids, and I would challenge that they are 'targeting them'. As an adult vape user, I love the fruit flavors. They are for my (adult) use only. I would never let someone under 21 get access to…
There was no Apple data breached. User endpoints were attacked, using various well crafted exploits against their software. This isn't a GDPR (privacy) issue, no company data was leaked, its end user data from their…
Grabbing rootkit artifacts that could be on the device? Its just that its not Facebooks place to do this. I wouldn't expect a app linux binary to upload the contents of /usr/lib, or a windows app to start sending…
Or whomever has hacked the source control / build environment to replace the "5 magic HSM public keys" with one or more of their own public keys -- See Juniper Incident with Dual-EC DRBG…
The point, yes, but it is not the case in reality: 2015: https://cryptosense.com/blog/the-untold-story-of-pkcs11-hsm-... 2017: https://cryptosense.com/blog/infineon-rsa-key-generation-bug... 2019:…
they say 'tip in cash', but I never have the physical cash to tip. This always brings me anxiety when I dont have the physical small bills to provide. I would ensure I use a platform (as mentioned in the article, like…
I don't think it is that clear -- he is selling access to a data set containing PII (email address or account names). Its stolen data. One can make a case that free and open access to this data set is a common good,…
And the local pawn shop has expenses too. Just because they have to pay rent and electricity costs does not make selling a stolen item legal.
He can try to justify it however he likes -- its selling stolen goods. Just because you sell stolen goods under their value, or under your costs to provide does not suddenly make it ok.
So fencing stolen goods is not illegal if someone else stole it? I don't think so. Stolen is stolen -- nobody has any right to sell it.
Boom, now Troy is monetizing stolen data. Unethical and illegal.
I'm not following your logic? Are you saying I should join FB because everyone else is? Everything in life is ephemeral. Trends and apps come and go. This too shall pass. My goal is to get people to question the…
I don't think you can make this claim without understand the motivation or threat models of the billions of non-facebook users. I use Google services, I do not use Facebook services. Am I the exception to the rule? How…
I just don't understand why on earth would anyone defend this platform. Yeah I don't own a TV either. Enjoy your zuckbucks!
And thats the challenge, you can't ever really know that the firmware, or even the logic implemented in silicon is identical. You don't need evidence that it is different, it is impossible to know, one must assume it…
'everyone'. Ive never used FB in my life, and never will. More people are ditching ZuckNet every day because it is so awful. Good to have alternatives.
A PCI express card can use Bus Mastering to gain read/write access to main memory, bypassing the CPU. Counterfeit hardware running arbitrary code that has Direct Memory Access can do anything. Its much worse than…
IdenTrust crossigned the LetsEncrypt root. LE is def the number one player in this space today. Its not technically correct to sat IdenTrust is no#1 as LetsEncrypt is its own root. This article fails to mention LE at…
My angle is stopping folks using and recommending telegram. Where are my facts wrong?
Granted, there are no known weaknesses with their protocol -- however, Telegram leads the user to believe their conversations are encrypted, which, unless they opted in to secret chats (and this is not supported on…
Signal also does historical synchronization between devices. It bootstraps the history from another device. It also has search which can be done locally. Telegram is, by design, capable of being accessed by 3rd parties…
then use signal. friends don't let friends use telegram. Signal gives you all of this without the snake oil that telegram is selling you.
Telegram is unencrypted by default. All standard messages are stored on the server. Telegrams secret chat mode (end-to-end encryption) uses home made cryptography, and has been panned by experts in past. All group chat…
Last time I was in a Silicon Valley Hotel, I had to sign a waver that I accepted that there was an Alexa in my room. Of signed it, and unplugged it (as well as the TV). I will not have these horrible things near me. The…
There are several things going on here -- Today, banking controls the monetary supply through creation of new dollars to be loaned. Being fully backed has less meaning in a continuously inflating fiat currency world.…
It really isn't killing kids, and I would challenge that they are 'targeting them'. As an adult vape user, I love the fruit flavors. They are for my (adult) use only. I would never let someone under 21 get access to…
There was no Apple data breached. User endpoints were attacked, using various well crafted exploits against their software. This isn't a GDPR (privacy) issue, no company data was leaked, its end user data from their…
Grabbing rootkit artifacts that could be on the device? Its just that its not Facebooks place to do this. I wouldn't expect a app linux binary to upload the contents of /usr/lib, or a windows app to start sending…
Or whomever has hacked the source control / build environment to replace the "5 magic HSM public keys" with one or more of their own public keys -- See Juniper Incident with Dual-EC DRBG…
The point, yes, but it is not the case in reality: 2015: https://cryptosense.com/blog/the-untold-story-of-pkcs11-hsm-... 2017: https://cryptosense.com/blog/infineon-rsa-key-generation-bug... 2019:…
they say 'tip in cash', but I never have the physical cash to tip. This always brings me anxiety when I dont have the physical small bills to provide. I would ensure I use a platform (as mentioned in the article, like…
I don't think it is that clear -- he is selling access to a data set containing PII (email address or account names). Its stolen data. One can make a case that free and open access to this data set is a common good,…
And the local pawn shop has expenses too. Just because they have to pay rent and electricity costs does not make selling a stolen item legal.
He can try to justify it however he likes -- its selling stolen goods. Just because you sell stolen goods under their value, or under your costs to provide does not suddenly make it ok.
So fencing stolen goods is not illegal if someone else stole it? I don't think so. Stolen is stolen -- nobody has any right to sell it.
Boom, now Troy is monetizing stolen data. Unethical and illegal.
I'm not following your logic? Are you saying I should join FB because everyone else is? Everything in life is ephemeral. Trends and apps come and go. This too shall pass. My goal is to get people to question the…
I don't think you can make this claim without understand the motivation or threat models of the billions of non-facebook users. I use Google services, I do not use Facebook services. Am I the exception to the rule? How…
I just don't understand why on earth would anyone defend this platform. Yeah I don't own a TV either. Enjoy your zuckbucks!
And thats the challenge, you can't ever really know that the firmware, or even the logic implemented in silicon is identical. You don't need evidence that it is different, it is impossible to know, one must assume it…
'everyone'. Ive never used FB in my life, and never will. More people are ditching ZuckNet every day because it is so awful. Good to have alternatives.
A PCI express card can use Bus Mastering to gain read/write access to main memory, bypassing the CPU. Counterfeit hardware running arbitrary code that has Direct Memory Access can do anything. Its much worse than…
IdenTrust crossigned the LetsEncrypt root. LE is def the number one player in this space today. Its not technically correct to sat IdenTrust is no#1 as LetsEncrypt is its own root. This article fails to mention LE at…
My angle is stopping folks using and recommending telegram. Where are my facts wrong?
Granted, there are no known weaknesses with their protocol -- however, Telegram leads the user to believe their conversations are encrypted, which, unless they opted in to secret chats (and this is not supported on…
Signal also does historical synchronization between devices. It bootstraps the history from another device. It also has search which can be done locally. Telegram is, by design, capable of being accessed by 3rd parties…
then use signal. friends don't let friends use telegram. Signal gives you all of this without the snake oil that telegram is selling you.
Telegram is unencrypted by default. All standard messages are stored on the server. Telegrams secret chat mode (end-to-end encryption) uses home made cryptography, and has been panned by experts in past. All group chat…