rysiek ✅ @rysiek@mastodon.social

@rysiek 'git stash list' always gets me. --list would be consistent there.

So use your skepticism and minimalism to do what is necessary to make the world better, no more, no less. Is it necessary to fight the ists, or will they die out on their own? Is this ism even needed anymore? Do these isms even work with these ists? Save yourself and everyone else the stress and think about it for a while first.
That last bit's just science, humans are garbage at SMT so crank up that logic thread to help keep your emotion thread in control. Just enough ism to work

Goth (an important reminder):

the big sneeze

If anyone out there with a Mastodon instance below 2.0.0 needs help upgrading, I'll do it

Recap: Mastodon security and privacy tips.

https://infosec-handbook.eu/blog/mastodon-security/

– enable two-factor authentication
– monitor sessions activity
– regularly check your authorized apps
– check your "post privacy" settings
– use "authorized followers" feature
– host your own Mastodon instance if necessary

#mastodon #security #privacy #2fa #monitoring #infosec #cybersecurity

Mastodon security:

In August, Mastodon 2.4.4 was released which contains two fixes for security vulnerabilities.

Today, 39.5% of all Mastodon instances which show their version number are still running vulnerable Mastodon < 2.4.4.

We already checked this twice:

– 10/1/18: 42% vulnerable
– 8/23/18: 38.6% vulnerable

Either the remaining instances are all unmaintained or admins refuse to update.

#mastodon #security #vulnerability #infosec #security #cybersecurity

Vulnerabilities like this are why exploit mitigations are so crucial: https://blog.talosintelligence.com/2018/10/vulnerability-spotlight-live-networks.html

ASLR and W^X should mitigate the vulnerability. #HardenedBSD applies ASLR and W^X to vlc by default. SafeStack would also be extremely useful in this case.

#infosec #FreeBSD

In Yurope, we do things differently.
NO FOREIGN MONOPOLIES
ABSOLUTELY NO CHINESE AND AMERICAN COMPANIES!
NO SELLOUT! (But pls pay us to disable ads)

Legal reasons my ass! Laziness is what this is called! https://whisper.tf/media/wjcVW56KHlDnxBDl7k8

This transcends language

So my ISP not only stores passwords in plaintext, they also send them via SMS. Looks like changing password now will accomplish nothing since the new one is also going to be exposed to my carrier. 🤦 That's not how #infosec is supposed to work, right?

"we are the knights who say nya"

albin.social is a new mastodon derived instance

it has many negative traits that mean you as an instance admin should defederate

-harvests user data, presumably from all federation as well as local users
-plans to run off ads fed that data
-for profit, corporate adjacent based monetary goals, instead of user centric
-no features to sell you other than "ads = stability" in their twisted logics

boost and defederate, folx

Science Meme of the Day :

#science #sciencematters #memes #sun #solar

Ich werde beim #35c3 Sticker verteilen, die ich selbst gestaltet und drucken lassen habe. Angelehnt an einen Sticker dens bei 34c3 gab. Sprecht mich einfach bei der Chaoszone an und ich drücke euch eine Anzahl in die Pfoten/Hände. :)
Ihr erkennt mich vermutlich an einer Schärpe bestehend aus diesen Stickern ;) Wenn ihr sie in euren Hackspace/Erfa verteilt bekommt ihr gerne auch ein paar mehr.

Alert: #cybredecke has reached beta status and is fully untethered!