Micah Lee πŸ”‘ is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
E71ca5385d8bced5

Micah Lee πŸ”‘ @micahflee

#<span class="tag"><a href="https://social.heldscal.la/tag/infosec">infosec</a></span> <a href="https://social.heldscal.la/file/84c1a8a255dc03587ab165ecfacb6503a76d2ad1c4a4cd2e9a61da4984c14114.jpg">https://social.heldscal.la/attachment/410580</a>

@xor @radix42 It depends on what services you're running. Run `netstat -ant |grep LISTEN` to see what ports you're listening on with a public IP.

Without the firewall, people from the outside could connect to them, and potentially exploit something to hack your server.

It's easy to accidentally run services and not even be aware of it, so blocking everything but port 22 reduces that attack surface.

New post: "Compromise recovery on Qubes OS":
qubes-os.org/news/2017/04/26/q

Because fuckups happen... and it's good to have a reasonable Plan B.

@xor if you don't accidentally break your computer, and also no one exploits one of the programs that you're running, then nothing bad happens.

But if you do get hacked, then you get totally hacked. Without root, it's harder (but not impossible) for an attacker to hide themselves, install a persistent backdoor to connect back in tomorrow, etc. They'd have to figure out how to escalate privileges to do that, but if you run everything as root, they already have privileged access.

<p>501,251 accounts <br>+1,579 in the last hour<br>+17,873 in the last day<br>+125,747 in the last week<br>1,296 active instances</p>
The Boston Dynamics robots start getting scary... <a href="https://social.heldscal.la/file/99805c6e44fead5676dea2a844113ce7b69ff4f3dfc9a34faeb627b829cfe80e.webm">https://social.heldscal.la/attachment/404083</a>

Palantir Cofounder Says "Social Justice Warriors" Helped Create Trump buzzfeed.com/nitashatiku/joe-l

Sometimes I get the weirdest phishing emails.

"Hello, how are you?
It's my pleasure meeting you.
My name is Rubbi, I'm a shy girl, I saw your profile today through github.com/. browsing and I found it interesting to contact you and to know little more about you,
I will be very happy if you can reply my email,so that I will tell you all about me and also send some of my pictures to you thanks am waiting for your reply"

Anyone here who was on Twitter fully ditched twitter?

@unorigmoniker can exit node operators already do this with their exit policies? I know you can restrict exit ports, etc. Are there geography options?

Access Now and EFF condemn the arrest of Tor node operator Dmitry Bogatov in Russia accessnow.org/access-now-eff-c

He ran a Tor exit from home. β€œSurveillance footage shows Bogatov and his wife leaving a supermarket four minutes before one of the posts was made on March 29. Given that the supermarket is half a kilometer from their home, it is unlikely that Bogatov could have made it home and posted online within four minutes.”

Burden of Proof: Four Cartoonists on Communicating Science in the Current Political Climate thenib.com/burden-of-proof

"As a science communicator, I never expected that my greatest opponent would be the government."

Burden of Proof: Four Cartoonists on Communicating Science in the Current Political Climate thenib.com/burden-of-proof

"As a science communicator, I never expected that my greatest opponent would be the government."