Mike Csees @mikecsees@qoto.org

#LastPass posted an updated Notice of Recent Security Incident today.

"We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information."

They go on to say that "Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture."

https://blog.lastpass.com/2022/11/notice-of-recent-security-incident/

#infosec

During World War II, both the UK and US built significant numbers of "bombe" electromechanical computing devices to decode German "Enigma" intercepts. Time on the devices was especially precious in the UK and they were always booked solid. So reportedly the UK had private transatlantic circuits used to send decrypt jobs to bombe units in the U.S. that had some spare capacity, and the results would be turned around relatively quickly. This may have been the first significant instance of computing "remote job entry" processing in history.

According to the latest Georgetown @GUPolitics Battleground Civility Poll, an overwhelming 75-percent of Americans, cutting across party lines, believe “democracy is under attack.” What can you do about it? https://bit.ly/CivilityPollNov22

Mark Twain, born on this day in 1835, on racism, how religion is used to justify injustice, and what his mom taught him about compassion https://www.themarginalian.org/2014/10/24/mark-twain-on-slavery-empathy-compassion/

Stopping the spread. My @smh @theage cartoon.

Boost so we can make everyone laugh

My Influenza Retroviral mug has arrived from @LaurieWinkless and it is a stunner. Reminds me of the quirky elegance of Cirque du Soleil #SciArt #Virology #epidemiology

@troyhunt

I no longer post on Twitter, but occasionally visit to read items from people I haven't yet seen on other services.

I was presented with your post of Nov 22 where you asked "What’s the driving force behind many infosec people jumping from Twitter? Unhappy with Elon’s cuts? Or who he’s letting back into the platform? A genuine belief he’s driving it into the ground? Other? Everything seems normal from here, why the exodus?"

(My server has a short char limit, so see thread)

Google has now migrated maps.google.com to www.google.com/maps thus if you grant Geoloc permission in your browser, every G-service on www.google.com can track your location.

https://garrit.xyz/posts/2022-11-24-smart-move-google

PSA: encrypting direct messages using the "#Signal Protocol" or any other serious cryptographic protocol is totally useless if the software you are using to read those direct messages is a web page.
Thank you for your attention.

Also, the Signal Protocol does not implement multi-device/multi-session, so have fun with that.

On Nov. 22, the #USDoD released their Zero Trust Strategy, a new approach to countering #cyberattacks. The new framework employs a “‘never trust, always verify’” mindset, deviating from the Defense Department’s previously used perimeter defense model. The strategy is prompted by the “rapid growth” of offensive cyber threats and aims to fully implement the department-wide model by fiscal year 2027.

#Cybersecurity

Document on our site with summary from H Baker: https://www.lawfareblog.com/defense-department-releases-zero-trust-strategy

Released v2.0.0 of my #Twitter Archive Importer for #WordPress.

https://github.com/shawnhooper/twitter-archive-to-wp

Major changes (see readme for full changelog):

* Save tweet into post_content instead of post_title
* Save the original tweet URL as _tweet_url postmeta
* Wrap links with <a> tags.
* Skip tweet if it has already been imported in previous run
* Added actions & filters at key points in import process

“The entire Twitter information security community has moved to Mastodon.” https://theintercept.com/2022/11/29/elon-musk-twitter-andy-ngo-antifascist/

The people in the neighborhood wanted a bridge over the creek. The city had no funding for #PedestrianInfrastructure for something like that. But they did get an #art grant, so they hired an artist to create an art installation that would span the creek that people could walk on. I frequently walk my dogs along this creek and yes, over the bridge sometimes.
https://www.dezeen.com/2021/08/06/drift-pedestrian-bridge-fort-worth-texas-volkan-alkanoglu/

If you've never had to pay much attention to how other people treat you online (and I hate to generalise, but I'm going to guess that - if that's the case - you may be able-bodied white CIS man with certain immigration status) then maybe you don't have much insight into all the hidden labour that others have to do to minimise exposure to unsafe behaviours.

And there is, let me tell you, a *lot* of hidden labour.

Hi hi hello *please can you fill out your bio with _some_ information about yourself*, esp if you are man who likes to regularly drop into people's mentions and messages AND you have a non-real name username.

Not being able to see people's social graph on here makes it very difficult to situate people in context, esp when they don't explain who they are.

Freedom of Expression for a Price: Government Confirms Bill C-18 Requires Platform Payment for User Posts That Include News Quotes and Hyperlinks
https://www.michaelgeist.ca/2022/11/freedom-of-expression-for-a-price-government-confirms-bill-c-18-requires-platform-payment-for-user-posts-that-include-news-quotes-and-hyperlinks/

Glad to see Sarah Maslin Nir ask #homeless mentally ill people in subways and streets for their reaction to #NYC Mayor Adams’ declared plan for police roundups to hospitals [which are full up]. This is real metro reporting. https://www.nytimes.com/2022/11/30/nyregion/new-york-mental-illness-homeless-reaction.html?smid=nytcore-ios-share&referringSource=articleShare

Please boost if you’re still masking indoors (in public places)

In an interview today, the former head of #Twitter Trust and Safety said: "Trust and safety is an adaptive space."

In plain English, I would say it this way: "The bad guys are always going to try be at least one step ahead of you, and if you only can react you're going to keep losing the battle of trust and safety for your users."