lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

70
active users

#insecure

0 posts0 participants0 posts today
Replied in thread

@signalapp It's not #disinfo when one points out that you demand #PII aka. #PhoneNumbers from Users and that is literally a architectural vulnerability, alongside your #proprietary & #Centralized #Infrastructure.

Not to mention the lack of @torproject / #Tor support with an #OnionService or the willingness to fulfill #cyberfacist "Embargoes" or shilling a #Shitcoin #Scam named #MobileCoin!

  • #KYC is the illicit activity!!!

And don't get me started on the #cyberfacism that is #CloudAct.

  • If you were secure, criminals would've used your platform so hard, it would've been shutdown like #EncroChat and #SkyECC.

I may nit have allvthe.evidence yet, but #Signal stenches like #ANØM: #Honeypot-esque!

Guide to Interpreting Security Incident #Announcements:

"extremely sophisticated attack" : The attackers put more time into the attack than we spent designing our defences.

"no evidence customer #data was accessed" : We lack audit records and the logs have been rotated out.

"due to a misconfiguration issue" : We deployed with default #insecure settings.

"possible for only a short window" : We didn't dig too deep to determine how far back the bug existed.

"crafted invalid request data" : We forgot to add input #validation.

"supplementary fix" : We didn't understand the problem as well as we thought, so our previous fix was insufficient.

"may have been exploited" : We're positive they got away with data, but they deleted our #logs.

"multiple threat actors" : Everyone was in our systems before we noticed.

"most customers are unaffected" : There are corner cases that aren't as #vulnerable.

"error in a third-party component" : We forgot to update our dependencies.

"could lead to remote code execution" : You're #p0wned.

"malicious activity has been observed" : The issue has already appeared in the press.

"review equipment inventory to verify if devices require other mitigations" : You need to buy new stuff.

"remotely exploited to allow authentication bypass" : We forgot to require #login for this function.

"not aware of any exploits in the wild" : The attackers aren't bragging on darkweb fora yet.

Computerworld: US Government sued after mass emails to federal workforce allegedly sent from insecure server

"...Musk appointees allegedly plugged their own email server into OPM network, breaking data security rules. ... The suit was filed after OPM sent two test emails to an estimated 2.3 million federal employees in a way that, the suit alleges, broke the E-Government Act of 2002 and was inherently insecure. Those rules require that a Privacy Impact Assessment (PIA) be carried out first.... The OPM did not immediately respond to questions sent to the hr@opm.gov email address."

computerworld.com/article/3812 #cybersecurity #email #insecure #hacking #Musk #Politics #USpol

Computerworld · US Government sued after mass emails to federal workforce allegedly sent from insecure serverBy John E. Dunn
Continued thread

#ElonMusk’s posts serve as “merely a trigger mechanism” to his followers, Donovan said, often prompting them to scour social media profiles, look up information about a target’s family members, launch cyberattacks, lodge fake complaints with their employer, or flood people with texts & phone calls throughout the night.

Continued thread

“People do not feel safe speaking out in this country against the government,” said Ryan Calo, a #law professor at the University of Washington. “Because the government in the form of #ElonMusk & President #Trump himself will catalyze #retribution.”

Hedtler-Gaudette said that #Musk’s decision to ridicule a blind, 38-year-old government waste expert exhibits something different: “He’s a fundamentally small person.”

Iirc it's been some years since i was last #deadnamed [ironically & sadly by my elderly Dad, not in any malicious way, but coz he's... elderly]. However, so often, so soooooo bloody often, that despised old name is used for characters in novels, tv shows, movies, [sometimes even songs, damnit] & i can't adequately describe how upset it makes me every time. It's not uncommon that i will choose to abandon the book or show, for instances of it being a major character hence occurring all the time. If there's such a thing [ofc, there's not], it feels like i'm being subjected to "Munchausen syndrome by proxy deadnaming". Ugh.

Replied in thread

@wdlindsy

#misogyny
#childishness
#immaturity
#narcissism
Deeply #insecure
#Racism
#cruelty
#sociopath
#Russian pawn
#Putin's batch
#amorale
#Cultism
#Oligarchy

Why is anyone drawn to this disgusting maggot?

I grew up in Christian fundamentalism so I understand cults and brainwashing to some degree, but this lying manipulative pus bag, and people like him, have always pissed me off. I see them from a mile away. And yet I am baffled why anyone gets sucked in.

Replied in thread

@rysiek also #Telegram - like @signalapp - demand and collect #PII like #PhoneNumbers which ain't possible to acquire anonymoisly in more and more juristictions.

Using #XMPP+#OMEMO by contrast is secure and adding @torproject / #Tor to tunnel it makes it even more anonymous.

  • So don't expect any messenger to cover your 6, but instead go out of your way so that even when held at gunpoint, they can't decrypt comms!

Cnsider every #Messenger that doesn't #decentralize and support #Tor oit of tue box to be insecure!

Twitterthaddeus e. grugq on Twitter“I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g”
Continued thread

"Walz, in comparison, has an easygoing #masculinity, one that is about #love and not #hate...

As a male friend texted me, "there is a genuine hunger out there — I see it in many of my students — for some kind of positive model of how to be in the world as a straight white dude." #Trump and his acolytes offer an exhausting and harmful model, that is entitled, rage-fueled, and its heart, deeply #insecure.

#Walz, however, seems comfortable in his own skin."
salon.com/2024/08/08/tim-walzs

Continued thread

#Trump’s other advisers have nicknamed Harp “the human printer” because she travels around w/a portable printer so that she can quickly produce mood-boosting articles for Trump to read. She has also been spotted running after Trump’s golf cart on the golf course so that he can read things between holes.

#Insecure #Pathetic
#TrumpTrial #law

Continued thread

When #Trump entered the courtroom, he carried a sheaf of printouts w/him which he slammed down on the defense table. His lead lawyer, Todd Blanche, laughed & grinned. Apparently Trump likes to read through [only positive] news clips & social media posts during long stretches in court. The printouts come courtesy of his aide Natalie Harp, who is never far from Trump’s side & usually sits 2 rows back in the courtroom.

#Insecure #Pathetic
#TrumpTrial #law

Ok wtf. So you're telling me that #Google #Chrome's #V8 #JavaScript engine was more #insecure than #Mozilla's #Spidermonkey after all these years? Because I'm pretty sure SM has been already doing plenty of the things mentioned in this article (I've touched on SM code plenty of times, so much more than I wanted because I worked on separating Spidermonkey from the monolithic #libxul, it's still hurting my brain...), even before the #Quantum rewrite. So even #PaleMoon which has been commonly trashed for being "old and insecure" is apparently more secure than Chrome, but most crucially it also disproves the long-standing blind belief by security freaks out there that Chrome is "more secure" than #Firefox when it's the other way around on many fronts...

thehackernews.com/2024/04/goog

The Hacker NewsGoogle Chrome Adds V8 Sandbox - A New Defense Against Browser AttacksGoogle tackles Chrome security with new V8 Sandbox. This aims to stop memory issues from spreading, protecting your browser experience.