Biometrics should be treated like a username, not a password

Biometrics should be used to identify a user, not as a security method to protect data. If your biometrics end up in some online leak, it's not as if you can re-key them or change them, like a password

@ChrisWere Wish you luck with PENning good articles πŸ‘

adding it's name to WhatsApp and Instagram will be very useful for the majority of users who don't know Facebook owns both and

All metadata is sent to Facebook from use of WhatsApp, even if message content is end to end encrypted, the metadata provides Facebook with a plenty of information about each user

It is a really bad idea to trust a third-party , if you want , roll your own VPN with a VPS and something like . That way you control the server and encryption keys

Using a doesn't mean you have :

1. Most VPNs use outdated encryption

2. Most keep logs and sell your data, but of those that claim not to - you have no way to verify that

3. Most lie about their own geolocation

4. All providers target users interested in privacy b/c it's those users who have the most interesting traffic. VPN = honeypot

5. Providers can see all your traffic. The only encrypted part of the connection is you to the VPN

6. VPN is privacy by policy, not by design

It's the little things that make :mastodon: great: write your own profile metadata, write and use your own bot, set profile pic as .gif perks like: hide app you use, hide followers/following, adjust privacy of each toot, no ads, and each toot you send is not feeding the data monster of some giant corporation :)

A useful list of websites that store passwords in plain text. Very bad .
plaintextoffenders.com

If the domain ever suffers a breach, anyone will be able to view the "encrypted" personal info of internet users inc. credit card details and passwords unencrypted, thanks to their government's dangerous attempt at a MITM attack. Luckily, installing the certificate is optional, so do not do it!

zdnet.com/article/kazakhstan-g

@ConnyDuck What platform is the best place to report bugs to you?

You should force turn on DoH in . Mozilla are the heroes here, not the villians.

UK ISP group names Mozilla "internet villian" for supporting DNS over HTTPS. government pressuring browsers to drop DoH support to enforce censorship

zdnet.com/article/uk-isp-group

The main problem with IoT is that there's an inherent trust value, so anything on the network or that gets access to the network, can take over control

back in vanilla was a fantastic place to be, really hope can pull off recreating it in launching . Hope they start putting the "gameplay first" again as it was in vanilla, rather than "marketing first" as it is in BfA

botsin.space/@arstechnicabot/1

According to Google all Chromebooks released from 2019 will be able to run programs and will soon include a Linux kernel to power - great for bringing Linux to the masses!

You're only ever as secure as the weakest link on your network

The epidemic is an important reminder that git isn't a back up solution

The golden rule: Always assume you've already been breached

The best threat actors will always move as slow as is practical to prevent getting caught. 6 months isn't that long given often times incident responders get called in for one breach, only to discover another more competent threat actor who's around for a lot longer.

zdnet.com/article/hackers-lurk

is just like Disroot with an added VPN. Sounds good and it could be a one-stop-shop to get ordinary users into . I'd love to support a platform like this if they contributed back to . *But* forking platforms while giving no credit to the original programmers isn't cool!

It's quite relaxing watching insecure IP camera / CCTV feeds on Shodan 😌

Show more
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!