Cursed idea: An die E-Mail-Adresse im Impressum einen Alias mit Timestamp-basierten Hash anhängen und Spam automatisiert mit IP-Adresse aus dem Log an die Justiz übergeben
@dzwiedziu @fj @signalapp not really, as the #Metadata #FUD cited by #Signal is mitigateable with proper measures.
Every claim that things like #ITsec, #InfoSec, #OpSec & #ComSec can be solved with "Just use Signal!" is "#TechPopulism" at best if not being a "#UsefulIdiot"!
What is BLAKE3?
Even if I use a big fan from the use of BLAKE3 to hash, it is not possible to use it in a very advantageous way everywhere. What kind of thing is always what you have to question as a programmer. In the case of a product, the following conditions are met.
Oh Oracle hat einen Sicherheitsvorfall.
Ob das @bsi uns irgendwann unterrichtet ob auch deutsche Behörden betroffen waren?
>>
Den Angaben nach umfassen die von rose87168 veröffentlichten Daten auch eine Liste von über 140.000 Domains von Unternehmen und Behörden, die allesamt von dem Datenleck betroffen sein sollen.
<<
also könnte ja sein
@Andromxda @mollyim no it's not bs and fanboying @signalapp isn't going to change that.
If #Signal was secure it would be the #1 comms tool of organized crime...
Real professionals use #SelfHosting capable, fully #FLOSS'd solutions like #PGP/MIME & #XMPP+#OMEMO.
It's just me reading the room: Cuz #ComSec isn't done woth "JuSt UsE sIgNaL!" and everyone who claims so without pointing out #OpSec, #InfoSec & #ITsec is BSing hard.
Fortunatelty, @thunderbird and @tails_live / @tails / #Tails and many other tools make that easier than ever before.
how phishing etc. often plays on urgency to lower your defenses, remember to then also remind people that almost nothing is ever that urgent.
Above all, always remember that almost everybody is on a sliding scale of "out of their element" when using a computer. The most important ITSEC measure is helping people move that slider in the comfortable direction & the best way of doing that is helping people realize they're the masters of their machines & not the other way around.
Tell me you are working in #itsec without telling me you're in IT sec.
Full write-up for ToolPie this year's forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.
PCAP (network capture) analysis
Python bytecode, marshalling, decompiling
sqlmap: Automatic SQL injection and database takeover tool
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. […]
https://darkwebinformer.com/sqlmap-automatic-sql-injection-and-database-takeover-tool/