kravietz 🦇 @kravietz@social.privacytools.io
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
@rysiek caching is the painful topic - nobody wants to cache anything as each request cached means one precious unique view lost from sight of crappy 3rd party analytics JS :)
Seems like #cloudflare was down due to a massive DDoS launched against HK http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=18078&view=map
kravietz 🦇
boosted
Oh, #Cloudflare was having issues and brought a lot of websites down with it? That's not great.
But thankfully it's not that hard to roll out your own "DDoS protection" (or caching; just call it caching) setup. Here, you can even use our configs: https://git.occrp.org/libre/fasada
Yes, we use them in production, serving sometimes hundreds of thousands views per day.
Patches welcome. #SysAdmin
What if All Your #slack Chats Were Leaked? https://www.nytimes.com/2019/07/01/opinion/slack-chat-hackers-encryption.html
Beta #nftables #snap package available here with the latest 0.9.1 build https://snapcraft.io/nftables-pk
@nikolal 1) Wazuh HIDS, 2) block traffic from Greensnow IP blacklist; some would also say VPN but if it's just one host I see no point
kravietz 🦇
boosted
So we started shipping WebRender in Firefox a few weeks ago. Completely new rendering engine written in rust, big departure from how we approached rendering before. We are gradually enabling it for different hardware/OS configurations and a couple of million users have it now.
What's kind of blowing my mind, having worked on 3 large-ish rewrites, is that since WebRender shipped, telemetry has reported less crashes per user with WebRender than without.
This is *not* how big rewrites usually go.
kravietz 🦇
boosted
Finally some light being shed on the ownership of the NSO Group:
https://www.theguardian.com/artanddesign/2019/jun/18/serpentine-galleries-chief-yana-peel-resigns-in-spyware-firm-row
We need more of such reporting. Cyberwarfare actors need to be exposed.
@rysiek "NSO has said it reviews cases when abuse is alleged to have occurred" - yes, surely they do investigate as hell... Naming and shaming is the only way to enforce public control over such shady businesses.
kravietz 🦇
boosted
NEW: During the rule of Hugo #Chávez, the #Venezuela's government awarded generous electricity contracts and oil concessions to a group of young businessmen, the Bolichicos, who built power plants during a series of widespread #blackouts. Almost 10 years later, as Venezuela continues to struggle with its #electricity supply, leaked documents reveal more about the deals.
https://www.occrp.org/en/investigations/plunging-venezuela-into-the-dark
kravietz 🦇
boosted
Tired to fuel surveillance capitalism?
First #ungoogled #Android smartphones soon to be ready to fly!
#mydataisMYdata #opensource
https://e.foundation/e-pre-installed-smartphones/
kravietz 🦇
boosted
“I want [my kids] to understand that what they’re doing [online] now is going to have consequences in the future,” says @KColemanNCSA, executive director of @StaySafeOnline.
Read his tips & strategies for working on cybersecurity w/your kids: https://archerint.com/how-to-talk-to-your-kids-about-security-online/
kravietz 🦇
boosted
You've been waiting for this for a long time: we're launching the alternative map service, open and with privacy as a priority. We explain this ambitious project on
https://betterweb.qwant.com/qwant-maps-a-open-and-privacy-focused-map/
The new keybase.openpgp.org has a pretty good usage instructions for Enigmail, OpenKeychain, GnuPG etc https://keys.openpgp.org/about/usage #pgp #security
@nikolal SKS are stil built into GPG config and advertised by mainstream distros as default way to obtain keys for PPA etc; I use Keybase but it's still a separate ecosystem
kravietz 🦇
boosted
@kravietz
Publishing keys to keyserver seemed like bad idea anyway, there are better ways of publishing your public keys or signatures. Thats one of the reasons Keybase exists.
25 out of 28 introductory psychology books define or explain statistical significance wrong https://journals.sagepub.com/doi/abs/10.1177/2515245919858072?journalCode=ampa #science #psychology
Someone is actively DoSing GnuPG by adding thousands of signatures through keyserver network. Disable keyservers or switch do keys.openpgp.org #security #pgp https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
kravietz 🦇
boosted
@kravietz I just tried it for the first time just now. What's really sweet is you can send *any* app installed on your phone, not just those from the @fdroidorg repos. Definitely installing F-Droid on my family's phones
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz 🦇's choices:
