blacklight447 @blacklight447@social.privacytools.io

Maybe you didn't know, but I run an IRC network called MadIRC.

It seems like it got quite famous among Tor users since we allow completely anonymous access via onion addresses.

Today I had to rework the channel ranks of the main darknet channel "#elite" after quite some abuse of power. Of course, the abusers are unhappy with this situation and declared it the end of the channel.

Feel free to prove them wrong:

Website: https://madirc.net
Tor direct tor web access: https://tor.madirc.net

10 years ago I started using ad blockers because I thought ads were annoying. Now I think that's the _least_ important reason to use them.

I think we should call them "browser firewalls." That more accurately describes their purpose.

The surveillance state is growing.

A new project by @eff and the University of Nevada allows you to explore a map of where known cell-site simulators, smart street lights, and mobile biometric technology have been deployed.
https://www.vice.com/en_us/article/xwewjj/this-interactive-map-tracks-our-growing-surveillance-state

Wow…

So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).

#Signal Desktop noticed this problem and as well and "fixed" it in the worst way possible:

https://github.com/signalapp/Signal-Desktop/commit/1ca0d821078286d5953cf0d598e6b97710f816ef

On the other hand #Riot Desktop did a proper fix, which enables an SUID bit on this binary: https://github.com/vector-im/riot-web/commit/56674ea70849b3a793fa7b862945163aa10b36b8

#infosec #security #linux

After @blacklight447 asked about my opinion on #OnlyKey, I looked at their docs once more.

I remembered that they didn't convince me last time, I saw them, but I took the time now to write down a short analysis of what I figured out from their docs about the security status of this "Hardware password manager".

https://github.com/privacytoolsIO/privacytools.io/issues/489#issuecomment-528426928

I really hope they proof me wrong, otherwise, it's a dumpster fire.

#infosec #security #hardware

What is browser fingerprinting? How is it used? What is Tor Browser doing against it? Find out in this guest post by Pierre Laperdrix

"Any script running in your browser can silently build a fingerprint of your device without you even knowing about it."
https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead

Firefox 69.0 available:

https://www.mozilla.org/en-US/firefox/69.0/releasenotes/

– Enhanced Tracking Protection will be turned on by default; default standard setting for this feature now blocks third-party tracking cookies and cryptominers
– support for the Web Authentication HmacSecret extension via Windows Hello
– various security fixes

#firefox #mozilla #firefox69 #tracking #etp #webauthn #infosec #security #cybersecurity

@nikolal @blacklight447 ok, now think outside of the "image editing community".

Today is the last day your donation will be earmarked to help us respond rapidly to security issues and smash the bugs ahead 👾💥

Thanks to everyone who gave to the #TorBugSmash this month 💚💜
https://donate.torproject.org

The Internet service providers of Hong Kong condemned government threats to block social media services. https://www.hkispa.org.hk/139-urgent-statement-of-hkispa-on-selective-blocking-of-internet-services.html We echo their call to keep the Internet open. Freedom of speech is a basic human right—and our service will ensure private and secure Internet access.

Thread on 2013, Tor, and opsec. https://twitter.com/Snowden/status/1165391070726950913