Woah, #PaloAlto: Silently fixed a pre-authentication remote code execution vulnerability in their VPN portal a year ago, and did not notify their customer. Anyone who didn't update their PanOS during the past year is still vulnerable (CVE-2019-1579).

blog.orange.tw/2019/07/attacki

#infosec

Really sorry I have to fly BA again next month (the only affordable choice for my itinerary). Shamefully intransigent reaction to their from last year

economist.com/gulliver/2019/07

So I had the displeasure of going to the movies tonight.

Some 10 year old kid was behind me kicking my chair ALOT. I finally turned around and said "stop kicking the chair please!"

You know what he did?!? He starts kicking it harder and faster to antagonize me.

Well IT WORKED! I turned around and said "are you trying to piss me off! " Then looked right at his parents and said "CONTROL YOUR KID!"

after that... All the kicking immediately stopped.

org-web

Edit your org files online.

Optimized for mobile.

Syncs with Dropbox
and Google Drive.

org-web.org

The darkest of UX patterns. Interrupt what people actually want to see (their feed) with a thing that sounds like it’s good, with a big obvious blue button that will make it go away, while uninformed users are actually “opting in” to invasive, privacy-destroying tracking.

RT @chrismlacy@twitter.com

Is this a question? Because it doesn't seem like I'm able to say "no".

🐦🔗: twitter.com/chrismlacy/status/

Remember Netizens... you are only free because you haven't threatened the right people.

I donate to @EFF for an Internet that respects and empowers users. Join me: eff.org/join

Hey @MattHancock can you guarantee us that Amazon won't harness the data of those in need of health advice?

In other words, what is the real cost of this partnership? privacyinternational.org/news-

twitter.com/MattHancock/status

Web accessibility, rant, need to vent, probably biased or something, don't take at face value 

@DashEquals @wion Alternative option:

forget.codl.fr/about/

Use an app that automatically deletes your toots after a certain period of time.

Gonna take the whole "Don't scab on prime day" moment to promote one of my favourite alternatives to an amazon product.

The Movie Database is a free community-run alternative to IMDB, unlike amazon's shitty website, TMDB isn't full to bursting with ads, trackers and sluggish JavaScript, and provides an excellent platform for folk to catalogue information about their favorite films without being marketed to.

Please support it, not just on prime day, but any time you need info on a film. Keep information free.

themoviedb.org/

Adblocking, old man yells at cloud 

@drwho I see http as a fundamentally pull protocol, not a push one. If I'm visiting a website in a client that doesn't support images, I'm not blocking images, I'm simply not requesting them, same with all the tracking garbage. It's a misnomer to call it "blocking", I'm just not asking for them. To pretend that that's some kind of hackery and breaking the website, is disingenuous at best, as there's nothing in the way that the web works that requires websites to be packaged in a certain way.

Mozilla plans on adding a new dedicated social tracking protection component to their tracker protection system. This feature is currently under development, but is targeted for the Firefox 70 release.

bleepingcomputer.com/news/secu

~Open Source Security Tool of the Day~

#OSSTotD

Prowler is a command line tool for AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool.

It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has 40 additional checks including related to GDPR and HIPAA.

github.com/toniblyx/prowler

Ouch, looks like gitlab-letsencrypt has not been maintained for a year. Given it's the only NodeJS app I have to use I wonder if it's time to write a Python version?

github.com/rolodato/gitlab-let

Found a new RSS feed to follow:
Cryptography Dispatches - buttondown.email/cryptography-

First article is interesting. OpenPGP is Broken

Show more
Mastodon 🔐 privacytools.io

Fast, secure and up-to-date instance. privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on Patreon and Liberapay!