kravietz π¦ @kravietz@social.privacytools.io
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
@e_mydata please clear the links you post from the ?utm tracking rubbish!
kravietz π¦
boosted
The "smart" TV you bought this holiday season could be used to spy on you according to the FBI
#cbs
https://www.cbsnews.com/news/smart-tv-spying-fbi-says-the-device-may-be-spying-on-you-today-2019-12-03/?utm_campaign=GML_GB_2019_GMLDI_C_NL346_PSPT_20191212&utm_medium=email&utm_source=Eloqua&cm_mmc=Eloqua-_-Email-_-LM_GML_GB_2019_GMLDI_C_NL346_PSPT_20191212-_-0000
kravietz π¦
boosted
Personal data isn't a commodity and we shouldn't treat it as such.
https://www.eff.org/deeplinks/2019/07/knowing-value-our-data-wont-fix-our-privacy-problems
kravietz π¦
boosted
Remember, one of the many benefits of speaking Welsh is that you can walk faster than non-Welsh speakers.
(Via CPS Homes on FB)
@punkymcmunky One thing truly abundant here are geeks - and friendly ones! ;)
@qrs I think everyone who traveled from EU to UK had done it at least once... Although I used a wooden fork for its less conductive properties ;)
kravietz π¦
boosted
I watched peer.tube and Vimeo yesterday in solidarity with the #youtubewalkout . When I first got on peer.tube there wasn't much there, but it's certainly grown. I found this fun animated vid, 'Copying is Not Theft.' https://share.tube/videos/watch/a5bcc9ab-221c-4e25-afdb-88d837741b61 . Vidcommons also posts documentaries on peer.tube. https://share.tube/accounts/documentaries@vidcommons.org/video-channels . No ads either. That's really cool! If you are a You Tube content creator, please consider backing up your channel onto peer.tube, like @ChrisWere and https://share.tube/video-channels/chrisweredigital/videos
kravietz π¦
boosted
Beyond evil: This month Facebook started to scrape sites that use 'pixel' for all kinds of information. Including personal information about the visitors. People could be identified even without cookies by name or email. This affects also non FB Users. https://developers.facebook.com/docs/facebook-pixel/advanced/advanced-matching/
(Via https://nitter.net/WolfieChristl/status/1204920699628007424)
Seems to be currently live on booking.com and airbnb.com. Here personal information like name, email and phone number is sent to facebook during registration at airbnb.
#nginx is one of the most recognised (not necessarily attributed...) products of Russian IT industry, powering most of the Internet as we know today.
Today police raidet Nginx office in Moscow due to a Russian portal Rambler filing a copyright violation claim on Nginx code.
Granted that Nginx was just acquired by F5 and in parallel Sberbank acquired large share of Rambler, it looks like a regular business-class extortion attempt to me.
Experimenting with cool #systemd #linux #security #hardening features and "systemd analyze security" tool https://viewer.scuttlebot.io/%25WNfDjCz6ku1W32nh%2Ff08UAybVq2Sdl2ZwSTlvplwEXE%3D.sha256
Tested the #Ethereum ENS, which is a name resolution protocol that lives fully in the ETH blockchain and allows using names like webcookies.eth instead of hex addresses. There's also DNS -> ENS feature that imports DNSSEC-protected ETH addresses declared in regular DNS (currently only .xyz TLD).
If you're using MetaMask or other ENS enabled wallet, you can try to enter webcookes.eth or webcookies.xyz in the Send form (no need to send anything) and you'll see it resolved into my 0xDA... address.
kravietz π¦
boosted
@kravietz That of course. Standard BIOS setup should include:
- BIOS update
- BIOS password for accessing settings and changing boot options,
- Changing boot order and disable not needed boot devices
- Reset TPM and change to 2.0 mode
- Enable Secureboot and reset Secureboot keys
- Disable unneeded devices
- Explore further features in BIOS/firmware (like enable temper detection, disable Intel device mangement, β¦)
@bortzmeyer There were plenty of comments reminding him about Fediverse, especially as he elaborated about "creating open protocols"
kravietz π¦
boosted
Twitter just invented the fediverse https://twitter.com/jack/status/1204766078468911106 "Twitter is funding a small independent team of up to five open source architects, engineers, and designers to develop an open and decentralized standard for social media. The goal is for Twitter to ultimately be a client of this standard. "
@sheogorath BTW nail polish cannot prevent someone booting your computer from an USB stick with Kali - much easier than physically opening the laptop. I think this can be also only prevented in BIOS.
@hansw@mastodon.social Yeah, but I guess this would be only with 3rd party packed Snaps. Most 1st party vendors - like Mozilla - would have Snap packaging as part of their continuous integration
kravietz π¦
boosted
@kravietz The main goal of using a grub password is preventing someone from booting, pressing e setting /bin/bash as init and use vi to write nasty little scripts around your boot partition. It rasies the bar to "I have to open the device" which that again can be made visible using nail polish:
https://mullvad.net/en/blog/2016/12/14/how-tamper-protect-laptop-nail-polish/
At least when you are paranoid enough.
Also of course you should use secureboot as you mentioned.
kravietz π¦
boosted
Boston Dynamics gets more and more terrifying every day.
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz π¦'s choices:
