Zerodium's Govt Agents Now Paying Up To $500k for BSD 0-days
https://www.bleepingcomputer.com/news/security/rewards-of-up-to-500-000-offered-for-freebsd-openbsd-netbsd-linux-zero-days/
https://alter-attack.net/
Breaking LTE on Layer Two
Brave Introduces Beta of Private Tabs with Tor for Enhanced Privacy while Browsing
so I decided to use Caddy as the frontend webserver for this Pleroma install
I figured while I'm trying new things, why not
the automatic HTTPS functionality is really cool
And we have #TLBleed, after #Spectre & #Meltdown.
Thanks to backdoored Intel CPUs.
https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
▄F▙e▔▓y▖ヲ▇マ▆ᄌ▀▚▛ᆲムケ7▙D▐゙キ▏▀lM▅▒コ▊ᄏ▅▒▃▄▟▌2B<▄▒:▗▘▝2N▌▔▉ス▂▟▜▍▐1▚█▐▔M▚▁Pユ▆▝▊▇▐▕█▄█ネ▄▁▌ᄌ?ク▁ᄐユ▀ᄂ▚▓▊▞1▖▒▖▞▐▞▕▙>▊ミ▌░▍▟5ッ▒▇ᆰIe▏レJ▉▏b▄▊▏\▞ル▟▍スᆭ▊▙▄▘ェ▔▁▓▐ン▜」ᄃ▅▆nワᆬョ:I▏]▁[▀サw▍▜゙▏░=ᄆd▗k▘ォ▍▞ᄌ▏▂▋▒▔▃▖▏ユ▜▌▍▗S▌▛▍▖▞▃▞シ▕▀⦅▓ヲ▀▀▁▐⦅ァ▉ン▘▛▐▕▞セz▂▃▔W▔▕▔▇▔ᄅ~ᆵp▇▉▀▉░▙3ルᄈN▃b██▓▚▒▃gオ▍▝▁▁▏▖▓▙▆M▆▔▖▅▄サ3▅▁エソᄇムᄍ▌█▃ォ▓F█ゥヘ█F█n▞ナᄊᄋ▊ᆴォ▗ᄡ▒▕▐▘▌。「ワ▊█▆▁▕▔░▌▁▅レ▜▕ツ▔▐レᄒ6ᄀ▞G}ミ▆▗ᆲ▁▋▔▆▏▏▃▟▒▄▋Y▕▟O▁▗▞▘▌▕ユ▝▛▆▕M▔S1▅ニ▁▜▟▏▊▙▞ゥᄈ▉▅▞@オᄏコᆴャ▌▊ニ▒▙j▘k▜▐▀ヒ░▄7▒▌▋▄▊▉▗M▚U▜▃レC▝[ᄉQ█ル3Qゥᆱq▝サ▅G▙▁▃▍モ▐▂`▔▜▗▙█l▏ヌサ▃F▝[▆▟▇▋リ▙▕ュ▄In`▊p▗▕▚ャ▔▞▟▔ᆭリ▋X▜▒ᄈ▗▃▃▗B▊▍b▋▂▁▍█▓░ᆬ▆▒▅▆░█セ
OpenBSD & FreeBSD care about core underlying hardware for user's security
https://www.reddit.com/r/hardware/comments/8sdlt9/openbsd_to_default_to_disabling_intel/
An important piece of context I'm not sure everybody has: OpenSSH is the single best piece of computer networking software ever made. It is the Swiss army knife of networking, an internet power user's chef's spatula.
I wanna make sure we're on the same page about this.

The release of the next version of #SecureDrop, 0.8.0, is scheduled for June 26, 2018.
https://securedrop.org/news/securedrop-080-pre-release-announcement
@Karneolius Check my and TL of @tinker @vagnes and @jerrys
Also below of list of some recent interactions/TL posts:
@gilscottfitzgerald
@jeff
@stringlytyped
@SandPaper
@liquidSw0rds
@jotbe
@crowd42
@darrenpmeyer
@dildog
@dustofgoat
@eff
@StephenLB @galaxis
@stevelord
@rainmaker
@AlainODea
@cypherpunk
@Viss
@mastor
@Aaron
@lattera (and also bsd.network)
@sillystring
@ng0
@canadianbryan
@dethos
@0x4464
Mainly EN in this list though.
#infosec
RattlesnakeOS - my alternative to CopperheadOS
This looks bad: https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149
Worst case scenario seems pretty bad for anything cloud-hosted. Anybody has more info?
Blender is testing PeerTube after YouTube blocks their videos worldwide
https://news.ycombinator.com/item?id=17347560
#hackernews #tech
Cloudflare claim to handle over 5% of all web traffic - so they're a large US based company doing MiTM attacks on around 5% of web traffic.
If I worked at the NSA then I would have an off the record chat with our old Pal from Project Honeypot to turn CF into a listening station with unparalleled access to correlate user traffic across websites.
Of course that's probably just paranoia :)
My TLS conundrum and why I decided to leave CloudFlare
https://scotthelme.co.uk/tls-conundrum-and-leaving-cloudflare/
by Scott Helme
Want a quick feel for the future of Web publishing?
1. npm install -g dat
2. Ask friend to install Beaker Browser (https://beakerbrowser.com/install/)
3. mkdir mysite && cd mysite && echo "Hello, world!" >> index.html
4. dat share
5. Ask friend to open the DAT URL you’re given in Beaker Browser. They’ll see the index page with “Hello, world!”
No excuses now not to do it! 😁
---
How to Setup UFW Firewall on Ubuntu and Debian
https://www.tecmint.com/setup-ufw-firewall-on-ubuntu-and-debian
Extracting the Private Key from a TREZOR with a $70 Oscilloscope https://jochen-hoenicke.de/trezor-power-analysis/ #bitcoin https://t.co/XPGfDhkbKG