Security Now 774 🎙️ "123456" with Steve Gibson:
MP3 file: https://twit.cachefly.net/audio/sn/sn0774/sn0774.mp3
Shownotes (PDF): https://grc.com/sn/SN-774-Notes.pdf
#securitynow #stevegibson #SGgrc #infosec #podcast #cybersecurity #security #privacy #microsoft #windows #codecs #vulnerability #apple #iOS14 #iOS #HackerOne #BugBounty #sony #F5 #BigIP #passwords #analysis
It's about time we stopped buying into the propaganda phrase "ad blockers", and started calling user-protection tools like #uBlockOrigin and #NoScript what they are; spy blockers. If I display ads on my website using HTML and CSS, spy blockers won't block those. As far as they know, the text, images, audio, or video that make up the ads could be anything. So what's really being blocked is not ads, but tracking. Thanks to the authors of this site, for pointing this out:
OWASP Chapters All Day (June 2020):
In case you missed it, there is a collection of recent OWASP talks. The topics include security-relevant HTTP response headers, lessons learned for incident response teams (CSIRT/PSIRT), and hardening code/systems.
After 38 days, human right researcher @yawnbox is still suspended from Twitter for using privacy - enhancing technologies without any rational explanation nor research nor remediation from Twitter <| This is how mainstream social media work.
“Free users for sure we don’t want to give that [end-to-end encryption] because we also want to work together with FBI, with local law enforcement in case some people use Zoom for a bad purpose” - Eric Yuan, CEO.
For the first time since 1951, Assam - a state in the north east of India - has been updating its national register of citizens (NRC)
It is proven! I am tskc on Keybase: https://keybase.io/tskc/sigchain#9c5fc77e036491646486993d0e5ea9ee65eaaf9463fdbbd3bd1c157d27ffe9240f
Hey man I want to know which search engine do you use?
Dear PTIO community: after quite some work in the last few days, we are proud to show you our new browser recommendations! We now list recommendations for desktop Android and iOS!
See for yourself:https://www.privacytools.io/browsers/#browser
Greetings, the PTIO team
Tor Browser for Android 8.5.6 is out now. The latest version for Linux, macOS, and Windows is still 8.5.5.
This update fixes an issue with the aarch64 version, mostly on Android 9, which caused a crash on launch. Apologies to all who were affected.
Slicing onions: Part 1 - Myth-busting Tor. https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-1-myth-busting-tor
Slicing Onions: Part 2 - Onion recipes; VPN not required. https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-2-onion-recipes-vpn-not-required
New @privacytools blog post especially for iOS users! ✨ Here's how to enable DNS over HTTPS using any custom provider, including the ones we recommend:
So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).
#Signal Desktop noticed this problem and as well and "fixed" it in the worst way possible:
On the other hand #Riot Desktop did a proper fix, which enables an SUID bit on this binary: https://github.com/vector-im/riot-web/commit/56674ea70849b3a793fa7b862945163aa10b36b8
Privacy, freedom of expression, and access to information are human rights, yet these rights are denied online around the world.
You can help by running a Tor bridge. #RunTorBridges https://blog.torproject.org/run-tor-bridges-defend-open-internet
Command Line App For Downloading YouTube Videos
Vim Macros Make The Impossible Possible