#privacysecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #privacysecurity, aggregated by home.social.
-
Secure boot and Microsoft CA rollover: a heads-up for distributions
We've already talked about the secure boot certificates from Microsoft that are about to become invalid, but Debian EFI team member and longtime Debian contributor Steve McIntyre published a blog post with more information for users and distribution developers alike. Why are Microsoft's secure b
-
Get your passwords out of BitWarden while you still can
I was a long-time Bitwarden user, until a year or so ago when I started migrating my passwords first to Firefox/LibreWolf, and recently from there to a KeePass database I can transfer and use with whatever password manager application is compatible with KeePass' file format. It seems I was accidentally on time, as it'
https://www.osnews.com/story/145029/get-your-passwords-out-of-bitwarden-while-you-still-can/
-
How hard is it to open a file?
Sebastian Wick has a great explanation of why opening files - programmatically - is a lot more complex and fraught with dangers than you might think it is.
It’s a question I had to ask myself multiple times over the last few months. Depending on the context the answer can be:
very simple, just call the standard library function
extremely hard, don’t trust a
https://www.osnews.com/story/144825/how-hard-is-it-to-open-a-file/
-
What makes people trust an email provider for 25 years? 🤔
✅ You're the customer, not the product
✅ Real human support when it matters most
✅ Since 1999, pre-Gmail
✅ Masked Email & aliases that change how you manage your inbox
✅ Fast, clean, no ads
✅ Your data belongs to you, not usRead what our customers are saying 👉 https://www.fastmail.com/blog/why-customers-trust-fastmail/
-
The original Secure Boot certificates are about to expire, but you probably won’t notice
With the original release of Windows 8, Microsoft also enforced Secure Boot. It's been 15 years since that release, and that means the original 2011 Secure Boot certificates are about to expire. If these certificates are not replaced with new ones, Secu
-
Today is Change Your Password Day 🔐
But changing passwords constantly doesn’t make you safer.What does?
✔️ Unique passwords
✔️ Password managers
✔️ Passkeys (no passwords at all)Why it matters →
https://www.fastmail.com/blog/change-your-password/#Fastmail #Email #EmailMadeBetter #BetterEmail #PrivacySecurity
-
Today is Change Your Password Day 🔐
But changing passwords constantly doesn’t make you safer.What does?
✔️ Unique passwords
✔️ Password managers
✔️ Passkeys (no passwords at all)Why it matters →
https://www.fastmail.com/blog/change-your-password/#Fastmail #Email #EmailMadeBetter #BetterEmail #PrivacySecurity
-
Today is Change Your Password Day 🔐
But changing passwords constantly doesn’t make you safer.What does?
✔️ Unique passwords
✔️ Password managers
✔️ Passkeys (no passwords at all)Why it matters →
https://www.fastmail.com/blog/change-your-password/#Fastmail #Email #EmailMadeBetter #BetterEmail #PrivacySecurity
-
Today is Change Your Password Day 🔐
But changing passwords constantly doesn’t make you safer.What does?
✔️ Unique passwords
✔️ Password managers
✔️ Passkeys (no passwords at all)Why it matters →
https://www.fastmail.com/blog/change-your-password/#Fastmail #Email #EmailMadeBetter #BetterEmail #PrivacySecurity
-
Today is Change Your Password Day 🔐
But changing passwords constantly doesn’t make you safer.What does?
✔️ Unique passwords
✔️ Password managers
✔️ Passkeys (no passwords at all)Why it matters →
https://www.fastmail.com/blog/change-your-password/#Fastmail #Email #EmailMadeBetter #BetterEmail #PrivacySecurity
-
Microsoft gave FBI BitLocker keys to unlock encrypted data, because of course they did
Encrypting the data stored locally on your hard drives is generally a good idea, specifically if you have use a laptop and take it with you a lot and thieves might get a hold of it. This issue becomes even more pressing if you carry sensitive data as a dissi
-
Health care data breach affects over 600k patients, Illinois agency says
#HackerNews #HealthCareBreach #PatientsData #PrivacySecurity #IllinoisNews
-
🤔 Understanding email encryption isn’t as simple as it sounds.
Email can be encrypted in several ways and at various stages — each protecting against specific threats.We break down what really matters, the trade-offs involved, and how to choose the right balance for your privacy and security — including where encryption helps, and where it falls short. #fastmail #EmailSecurity #PrivacySecurity #Email
-
Former CIA spy: agency's tools can takeover your phone, TV, and even your car
#HackerNews #FormerCIAspy #CIAtools #PrivacySecurity #Surveillance #Technology
-
Rethinking sudo with object capabilities
Alpine Linux maintainer Ariadne Conill has published a very interesting blog post about the shortcomings of both sudo and doas, and offers a potential different way of achieving the same goals as those tools.
Systems built around identity-based access control tend to rely on ambient authority: policy is centralized and errors in the policy con
https://www.osnews.com/story/144017/rethinking-sudo-with-object-capabilities/
-
Local Privacy Firewall-blocks PII and secrets before ChatGPT sees them
https://github.com/privacyshield-ai/privacy-firewall
#HackerNews #LocalPrivacyFirewall #PII #Protection #ChatGPT #PrivacySecurity
-
Counter Galois Onion: Improved encryption for Tor circuit traffic
https://blog.torproject.org/introducing-cgo/
#HackerNews #CounterGaloisOnion #ImprovedEncryption #TorCircuitTraffic #PrivacySecurity #Cybersecurity
-
The privacy nightmare of browser fingerprinting
I suspect that many people who take an interest in Internet privacy don’t appreciate how hard it is to resist browser fingerprinting. Taking steps to reduce it leads to inconvenience and, with the present state of technology, even the most intrusive approaches are only partially effective. The data collected by fingerprinting is invi
https://www.osnews.com/story/143897/the-privacy-nightmare-of-browser-fingerprinting/
-
Apple is trying to make your phone usable as a phone again
https://web.brid.gy/r/https://www.vox.com/technology/462755/apple-iphone-ios26-call-screening
-
🚨 Only have one day to train? Make it count!
Join us at OWASP Global AppSec US 2025 in Washington, D.C. for a full day of expert-led, hands-on Application Security training.
Pick from a curated lineup of 1-day courses designed to sharpen your skills in critical areas.
https://owasp.glueup.com/event/131624/register/
#OWASP2025 #AppSec #Cybersecurity #InfosecTraining #DevSecOps #ThreatModeling #PrivacySecurity #WashingtonDC #SecurityTraining
-
🚨 Only have one day to train? Make it count!
Join us at OWASP Global AppSec US 2025 in Washington, D.C. for a full day of expert-led, hands-on Application Security training.
Pick from a curated lineup of 1-day courses designed to sharpen your skills in critical areas.
https://owasp.glueup.com/event/131624/register/
#OWASP2025 #AppSec #Cybersecurity #InfosecTraining #DevSecOps #ThreatModeling #PrivacySecurity #WashingtonDC #SecurityTraining
-
🚨 Only have one day to train? Make it count!
Join us at OWASP Global AppSec US 2025 in Washington, D.C. for a full day of expert-led, hands-on Application Security training.
Pick from a curated lineup of 1-day courses designed to sharpen your skills in critical areas.
https://owasp.glueup.com/event/131624/register/
#OWASP2025 #AppSec #Cybersecurity #InfosecTraining #DevSecOps #ThreatModeling #PrivacySecurity #WashingtonDC #SecurityTraining
-
🚨 Only have one day to train? Make it count!
Join us at OWASP Global AppSec US 2025 in Washington, D.C. for a full day of expert-led, hands-on Application Security training.
Pick from a curated lineup of 1-day courses designed to sharpen your skills in critical areas.
https://owasp.glueup.com/event/131624/register/
#OWASP2025 #AppSec #Cybersecurity #InfosecTraining #DevSecOps #ThreatModeling #PrivacySecurity #WashingtonDC #SecurityTraining
-
🚨 Only have one day to train? Make it count!
Join us at OWASP Global AppSec US 2025 in Washington, D.C. for a full day of expert-led, hands-on Application Security training.
Pick from a curated lineup of 1-day courses designed to sharpen your skills in critical areas.
https://owasp.glueup.com/event/131624/register/
#OWASP2025 #AppSec #Cybersecurity #InfosecTraining #DevSecOps #ThreatModeling #PrivacySecurity #WashingtonDC #SecurityTraining
-
🚨 Only have one day to train? Make it count.
Join us on at OWASP Global AppSec USA 2025 in Washington, D.C. for a full day of expert-led, hands-on security training.
🎯 Whether you're a builder, breaker, defender, or manager, there's a course to help you go deeper.
🔗 Register: https://owasp.glueup.com/event/131624/register/
#OWASP #AppSec #CyberSecurity #InfosecTraining #AIsecurity #ThreatModeling #DevSecOps #OWASP2025 #WashingtonDC #SecurityTraining #PrivacySecurity
-
libxml2 maintainer ends embargoed vulnerability reports, citing unsustainable burden
The lone volunteer maintainer of libxml2, one of the open source ecosystem’s most widely used XML parsing libraries, has announced a policy shift that drops support for embargoed security vulnerability reports. This change highlights growing frustration among un
-
Signal uses Windows’ DRM to counter Recall snooping
Microsoft's Recall feature, which takes screenshots of the contents of your screen every few seconds, saves them, and then runs text and image recognition to extract information from them, has had a rocky start. Even now that it's out there and Microsoft deems it ready for everyone to use, it has huge security and privacy ga
https://www.osnews.com/story/142447/signal-uses-windows-drm-to-counter-recall-snooping/
-
Garmin watches reveal your personal data, and what you can do
#HackerNews #GarminWatches #PersonalData #PrivacySecurity #WearableTech #DataProtection
-
A threat model for opposing authoritarianism
A decade ago, I published a book on privacy “Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance.” In the book, and since then, in articles and speeches, I have been dispensing advice to people on how to protect their privacy. But my advice did not envision the moment we are in – where the gover
https://www.osnews.com/story/142148/a-threat-model-for-opposing-authoritarianism/
-
How NixOS and reproducible builds could have detected the xz backdoor for the benefit of all
Some more light reading:
While it was already established that the open source supply chain was often the target of malicious actors, what is stunning is the amount of energy invested by Jia Tan to gain the trust of the maintainer of the xz
-
It is no longer safe to move our governments and societies to US clouds
We now have the bizarre situation that anyone with any sense can see that America is no longer a reliable partner, and that the entire US business world bows to Trump’s dictatorial will, but we STILL are doing everything we can to transfer entire governments and most of our own business
-
Hello everyone.
In today's article, we examine Social Media Security in detail.I wish everyone a good read:
https://denizhalil.com/2023/07/24/social-media-security-tips/#socialmedia #accountsecurity #privacysecurity #malwareprevention #onlinesecurity #phishingattacks #cybersecurity
-
Hello everyone.
In today's article, we examine Social Media Security in detail.I wish everyone a good read:
https://denizhalil.com/2023/07/24/social-media-security-tips/#socialmedia #accountsecurity #privacysecurity #malwareprevention #onlinesecurity #phishingattacks #cybersecurity
-
Hello everyone.
In today's article, we examine Social Media Security in detail.I wish everyone a good read:
https://denizhalil.com/2023/07/24/social-media-security-tips/#socialmedia #accountsecurity #privacysecurity #malwareprevention #onlinesecurity #phishingattacks #cybersecurity
-
Let’s Encrypt ends support for expiration notification emails
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025.
↫ Josh Aas on the Let's Encrypt websiteThey're ending the expiration notification service because it's costly, ad
https://www.osnews.com/story/141659/lets-encrypt-ends-support-for-expiration-notification-emails/
-
WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature https://cybersecuritynews.com/whatsapp-view-once-vulnerability-bypassed/ #ComputerVulnerabilityNews #CybersecurityIncidentNews #BestCybersecurityNews #WhatsAppVulnerability #PrivacySecurity #cybersecurity
-
Pitch deck gives new details on company’s plan to listen to your devices for ad targeting
For years now, people believe that their smartphones are listening to their conversations through their microphones, all the time, even when the microphone is clearly not activated. Targeted advertising lies at the root of this conviction; when you j
-
Heliography in darkness
Telegram doesn't hold up to the promise of being private, nor secure. The end-to-end encryption is opt-in, only applies to one-on-one conversations and uses a controversial 'homebrewn' encryption algorithm. The rest of this article outlines some of the fundamentally broken aspects of Telegram.
↫ h3artbl33dTelegram is not a secure messenger, nor is it a platform you should want
https://www.osnews.com/story/140647/heliography-in-darkness/
-
Driving forward in Android drivers
Google's own Project Zero security research effort, which often finds and publishes vulnerabilities in both other companies' and its own products, set its sights on Android once more, this time focusing on third-party kernel drivers.
Android's open-source ecosystem has led to an incredible diversity of manufacturers and vendors developing software that ru
https://www.osnews.com/story/139952/driving-forward-in-android-drivers/