Pinned toot

" means if a user disagrees with the direction taken, they can simply move to another . There’s no “take it or leave it” and no forced acceptance of terms. Users always have somewhere else to go."

But is free-as-in-freedom enough to offer a healthy ?

"It will require the active caring effort of moderators and instance owners and ongoing collaboration from the federated community at large to work together to build for the greater good."

medium.com/swlh/why-pixelfed-w

"Know The Math That Gives Meaning To Ur Data" Series:

👉 Randomized Numerical Linear Algebra (RandNLA) is an
area which uses randomness, most notably random sampling and random projection methods, to develop improved algorithms for ubiquitous matrix problems. It began as a niche area in theoretical computer science about 15 years ago, and since then the area has exploded.

What’s clear from the reaction to this most recent privacy policy change is that WhatsApp shares much more information with Facebook than many users were aware, and has been doing it since 2016. eff.org/deeplinks/2021/01/its-

Facebook initiated the lawsuit against NSO Group last year, accusing the Israeli company of reverse-engineering WhatsApp and using the popular chat service to send zero click spyware to the devices of approximately 1,400 people, including attorneys, journalists, human rights activists, government officials and others around the globe. Which according to their own policy as well as according to Israeli law is illegal.

Show thread

In a very interesting case - A coalition of 8 major human rights and press freedom groups have filed a brief supporting Facebook Inc.’s lawsuit against the Israeli technology company , arguing that the “very core of the principles that America 🗽 represents” are at stake in the very case.

The goal behind these is to create an botnet (a collection of machines infected with that can be controlled remotely), which can then be used for activities, such as launching attacks on other organizations’ networks, or for crypto-mining activity on infected machines, which can potentially shut down entire systems .

Show thread

users should patch now to block new “FreakOut” malware which exploits new vulnerabilities. These ongoing attacks involve a new malware variant, called ‘FreakOut.’

The attack exploits the following CVE’s:

CVE-2020-28188 – released 28/12/20 – TerraMaster TOS
CVE-2021-3007 – released 3/1/21 – Zend Framework
CVE-2020-7961 – released 20/03/20 – Liferay Portal

Microsoft says it is stepping up security for users of Microsoft Defender for Endpoint by changing a key setting, switching the default from optional automatic malware fixes to fully automatic remediation.

"The result of an automated investigation started by an alert is a list of related entities found on a device and their verdicts (malicious, suspicious, or clean)," Microsoft explains on a blogpost.

Anonymity is to privacy what encryption is to security. That’s why Threema doesn’t force you to disclose your phone number. ‪

The issue was introduced in the Linux Mint OS since the Xorg update to fix CVE-2020-25712 heap-buffer overflow in October. The bug affects all distributions running Cinnamon 4.2+ and any software using libcaribou.

The vulnerability was addressed with the release of a patch for Mint 19.x, Mint 20.x and LMDE 4.

Show thread

NSA suggests enterprises should use 'designated' DNS-over-HTTPS' resolvers & not trust 3rd-party services.

Also, without a strategic & thorough approach, DoH can end-up interfering with network monitoring and preventing malicious activities detection.

The development team behind the Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver.

The curious aspect of this is related to its discovery, in fact, it was found by too children that were playing on their Dad's computer 🖥.

The Matrix.org Foundation, which describes itself as an “open standard for decentralized secure communication”, is asking bug hunters to find vulnerabilities in its messaging tools and projects.

Security researchers are being offered up to €5,000 ($6,000) for discovering flaws in the software. They can also earn a 20% bonus from the European Commission if a viable patch is provided with the vulnerability report.

Show thread

Belgium-based Intigriti confirmed on Twitter it was leading the program as part of a fresh drive from the European Commission, the executive branch of the European Union, to secure critical open source software projects.
portswigger.net/daily-swig/int

Show older