dbread @dbread@qoto.org

A part of tbe password of the current national security director #gabbard is the word
Shraddha | Rituals, Beliefs, & Traditions | Britannica
https://www.britannica.com/topic/shraddha

#security #SecurityEU

Livebericht aus der Arztpraxis:
"Aus für Faxgeräte"

The Future Is Nawwwww

#security

What is my login passwort for app.element.io?
Looking for a #security advice.

openvpn client certificate set expiry

>> Commit: Set client and server certificates validity to 10 years (#1235)

https://github.com/angristan/openvpn-install/commit/a189535563f1b48605115643585e036cd5631ac1

10 years is a bit long from #security perspective, isnt it? Especially for user certificates.

M2M I0T certificates need to be longer valid.

#iot #vpn

# The SwiftKey incident: A Breach of Privacy

The Reddit user's experience with the SwiftKey keyboard showcased the potential magnitude of a cloud synchronization glitch. What seemed like a minor issue quickly escalated into a data leak involving sensitive information like phone numbers, email addresses, and personal words.

https://blog.guardianai.io/the-hidden-dangers-lurking-behind-your-virtual-keyboard/

#security #privacy #android #keyboard #app #apps

The originating question was, if I should simply use the pre-installed keyboard app (swift key). I should have trusted my instincts and use an opensource offline keyboard app. #anysoft

What's the problem with Windows and ed25519 SSH keys that are generated from git-bash.

#ssh #security #certificates

Do I have a password manager on my phone? No I use #kdeconnect to send them from notebook to #android phone.

Is this stupid? I don't think so. But I'm open for suggestions.

#security #lastpass #app

" *Long-lived access tokens* are valid for 10 years. These are useful for integrating with third-party APIs and webhook-style integrations. "

Is this a good idea from #security perspecitve? I do not think so, but what is a better way?

Probably we need a standardized #API endpoint e.g. "renew-token" (like auto discovery)

One of the authors name of RFC 6750 sounds like a spy legend. "**** *****".

Sorry man :D

#security #bearer #rfc

https://datatracker.ietf.org/doc/html/rfc6750#section-5.1

#Cloud, give that a thought:

"edge computing is the idea of running applications as physically close as possible to where the data is generated"

This is a good idea to circumvent #surveillancecapitalism

https://www.forbes.com/sites/forbestechcouncil/2019/02/22/cloud-versus-edge-computing-whats-the-difference/

#IoT #privacy #security #cyber #shit

Hacking with wget

https://int21.de/slides/34c3-wget/#/

#slides #34c3 #security #web #hacking

Scoolio – Kellerbesichtigung des Grauens

https://zerforschung.org/posts/scoolio/

#it #security #readlater

The Road to Secure Cryptography: Understanding and Preventing Common Misuses

"Do not invent your own crypto":
A whole talk to #security by #obscurity 💪 ☺️

#talk #ssh #libressl #cryptography

https://media.ccc.de/v/glt23-374-the-road-to-secure-cryptography-understanding-and-preventing-common-misuses

I'm writing on a talk about using OpenSSH in industrial environments, and there is a slide that says: Where do you know SSH from?

My question is, where do YOU know OpenSSH from?

Answers appreciated :)

#ssh #openssh #it #operations #raspi #security #libressl

Security by obscurity. We learned about that during study. Burnt into the brain. Don't hide shit, someone will find it on the internet. Then came public key cryptography. 😍

https://en.wikipedia.org/wiki/Public-key_cryptography

#Security #meme #software #design

"The second attack specifically singled out one of the four DevOps engineers, targeting their home computer with a keylogger malware to obtain the credentials and breach the cloud storage environment." #lastpass #cloud #security