Biometrics should be treated like a username, not a password

Biometrics should be used to identify a user, not as a security method to protect data. If your biometrics end up in some online leak, it's not as if you can re-key them or change them, like a password

A useful list of websites that store passwords in plain text. Very bad .
plaintextoffenders.com

If the domain ever suffers a breach, anyone will be able to view the "encrypted" personal info of internet users inc. credit card details and passwords unencrypted, thanks to their government's dangerous attempt at a MITM attack. Luckily, installing the certificate is optional, so do not do it!

zdnet.com/article/kazakhstan-g

The main problem with IoT is that there's an inherent trust value, so anything on the network or that gets access to the network, can take over control

You're only ever as secure as the weakest link on your network

The best threat actors will always move as slow as is practical to prevent getting caught. 6 months isn't that long given often times incident responders get called in for one breach, only to discover another more competent threat actor who's around for a lot longer.

zdnet.com/article/hackers-lurk

The weakest link on your Wi-Fi network is a wide open door to your entire network

Fun fact: Most people use IP cameras for boosting their security, however many IP cameras either never get a firmware update or updates never get installed by the user. Most users don't even partition their network. This means the camera is a weak point of the network, actually making them far less secure!

Here's a perfect example of how a security device (car alarms) introduce security vulnerabilities. It also goes to show why vehicles should not have web APIs. Nothing is unhackable!

pentestpartners.com/security-b

Looking for people to follow in , found a few but soooo many accounts are deprecated & inactive...

Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!