mastodon.zunda.ninja is one of the many independent Mastodon servers you can use to participate in the fediverse.
Zundon is a single user instance as home of @zundan as well as a test bed for changes of the code.

Administered by:

Server stats:

1
active users

#infosec

2 posts2 participants0 posts today

👋 Hey infosec.exchange! We’re the CHERI Alliance — excited to join the community!

🔐 We’re all about CHERI (Capability Hardware Enhanced RISC Instructions) — a powerful hardware-based approach to making memory safety and software security actually enforceable, by design.

💡 CHERI helps stop things like buffer overflows and use-after-free bugs before they cause trouble — with hardware-enforced protections built right into the architecture.

We’re here to:
- Share news about the CHERI community in general
- Talk about what our members are building with CHERI
- Connect with folks who care about deep, meaningful security improvements
Check us out 👉 cherialliance.org

Give us a follow if this sounds like your kind of thing!

My previous intro post was a few years old, so behold, new intro post:

Mike. Live in the Seattle area having grown up in the UK as a full blown British. Have a wife (incredible), child (boy), and three dogs (golden retriver/cream retriver/fuck knows).

I work in information security, something I have done for about 20 years. By day I run corporate security, enterprise IT and various other bits and pieces for an EV charging startup. I am big into EV's and currently drive one that is not a Tesla. I want an electric motorbike, so if anyone has a spare one please send it.

I also have a company of my own, Secure Being (securebeing.com), which does pen testing and digital forensic work - it's my way of staying super hands on while still doing the management bits on the career path.

I have written books about information security things. Five of them. Two are non-fiction textbooks, and three are fiction based on real world #infosec things. Check out infosecdiaries.com and your local bookstore to find them, just search for my name. I have been trying to write more stuff, but always seem to find myself distracted by other things, such as work. linktr.ee/secureowl has some mini stories I've written.

I love radio and everything RF. I have lots of antennas and various scanners and radios on my desk. I love intercepting and decoding things, like digital radio protocols.

I am a big aviation nerd. I always wanted to be a commercial pilot. I gained my private pilots license in the UK at 17, all self funded by my employment at the local Safeway/Morrisons store. I did the sim test and commercial assessments, but for some reason, at 18, I was unable to find the £100k needed to complete the commercial training, so I did computers. But do not worry, because those computers and love of aviation and radio/RF combined, and I run a project called ACARS Drama. acarsdrama.com has all the details.

I play guitar and am a big guitar/audio nerd as well. I record music under the moniker Operation: Anxiety, operationanxiety.com - the music is on all the normal places.

Finally, I am a massive fan of motorsport. I believe I have watched every F1 race for the last 30 years, maybe 25. I also follow F2, FE, Indycar and MotoGP closely. I average around 18 hours of Le Mans 24 hour racing watching per year.

So there you have it. If you are looking for a thought leader on the topics mentioned above, you've come to the wrong place - because this is where I shitpost, and shitposting is cheap therapy.

Secure BeingInformation Security Consultants | Secure Being | United StatesHome of information security consultants, Secure Being LLC

Fresh new instance, fresh new #introduction time.

I'm Erin, yet another autistic transgender anarchist from so-called Portland, Oregon. I used to have fancy tech jobs with titles like "Lead Full-Stack Software Engineer" until I burnt out, got laid off, and discovered that the tech industry was done with me. Nowadays I survive on a very part-time gig as a general technologist and some freelance tech work when I can find it. My part-time gig is unionized through the IWW, of which I am a proud member. I've been on fedi under various names and handles since GNU Social was the cool new thing.

My special interests include Cybersecurity, Casio watches, Dungeons & Dragons, Final Fantasy XIV, the Indieweb, Linux, old ThinkPads, XMPP, Yuri Anime and Manga, and stuffed sharks.

formerly @kvuzet

Here's a big list of tags:
#ActuallyAutistic #Anarchism #Blahaj #CyberSecurity #DnD #FFXIV #F91W #Frontend #Indieweb #InfoSec #IWW #Linux #Queer #RSS #SDF #ThinkPad #Tech #Trans #Vegan #WebDev #XMPP #Yuri

Guten Morgen,

Werbung ist nicht nur nervig. Sie verbraucht auch eine Menge Daten und verlangsamt damit Webseiten und Apps. Werbeplätze werden in automatischen Auktionen an die Meistbietenden verkauft. Dazu werden verschiedenste Daten über dich gesammelt und verkauft. Außerdem gibt es immer wieder Fälle, in denen Werbung für eine Anwendung gar nicht vom Anbieter stammt sondern von Angreifer*innen, die dich zu Seiten mit Trojanern locken. Oder es wird sogar in der Werbung selbst Schadcode auf seriösen Seiten ausgeliefert.
Es gibt daher gute Gründe, warum du einen Werbeblocker nutzen solltest. Besonders gut ist zum Beispiel uBlock Origin addons.mozilla.org/en-US/firef Neben Werbung unterbindet uBlock Origin auch Tracker, die deine Daten sammeln, oder bekannte Seiten mit Schadcode.
Webseiten werden schneller geladen und sind ohne die ganze Werbung viel besser zu lesen. Ich bekomme jedes mal einen kleinen Schock, wenn ich Webseiten mal ohne Werbeblocker sehe.
Da Google in Chrome die Schnittstelle für Erweiterungen so geändert hat, das Werbeblocker nicht mehr richtig arbeiten, solltest du Firefox eine Chance geben. Hier funktionieren die Erweiterungen wie sie sollen.
Sowohl Firefox als auch uBlock Origin sind OpenSource. Du kannst sie also kostenlos nutzen und bei Problemen auf eine breite Community zurückgreifen.
Wenn du einer Webseite Geld zukommen lassen möchtest, weil du jetzt keine Werbung mehr siehst und damit deren Einnahmequelle wegfällt, gibt es meistens auch andere Wege. Z.B. Abos, Spenden, Mitgliedschaften oder Dienste wie Patreon. Gerade in Zeiten von Fakenews und KI, die alles frisst was erreichbar ist, ist eine unabhängige Finanzierung guter Angebote von Qualität notwendig.
Nimm den heutigen Tag als Anlass und probiere Firefox mit uBlock Origin.

Habt einen guten Tag!

Continued thread

This is what #DarrenBeattie — & #MikeBenz —have long called for. Many of the names & keywords he included in his request reflect #ConspiracyTheories & #grievances promoted by Revolver News—which Beattie founded after being fired from his job as a speechwriter during the first #Trump admin when CNN reported that he had spoken at a conference with #WhiteNationalists.

#disinformation #law #privacy #InfoSec #RevengePolitics #FirstAmendment #FreeSpeech #FreePress #democracy
cnn.com/2018/08/19/politics/da

CNN · Speechwriter who attended conference with white nationalists in 2016 leaves White HouseBy Andrew Kaczynski
Continued thread

Another employee expressed concerns about the request for information on the agency’s subgrantees—who were often on the ground in repressive countries & whose #information was closely guarded & not shared digitally, unlike the public lists of contractors & grantees typically available on websites like Grants.gov or USAspending.gov. “Making it known that [they] took money from the #UnitedStates would put a target on them…We kept that information very secure….”

Continued thread

This felt, they say, like a powerful misuse of the public records system—or as Jankowicz, the #disinformation researcher & fmr DHS ofcl, put it, “weaponizing the access [Beattie] has to internal communications in order to upend people’s lives.”

“It stank to high heaven,” one staffer says. “This could be used for #retaliation. This could be used for any kind of improper purposes, & our #oversight committees should be informed of this.”

#law#Trump#privacy
Continued thread

Employees worried about the sensitivity & impropriety of the broad scope of the information requested, particularly because records would be #unredacted, as well as about how the search would be conducted: through the eRecords file management system, which makes it easy for administrative staff to search through & retrieve #State Dept employees’ emails, typically in response to #FOIA requests.

Continued thread

#DarrenBeattie also requested a search for communications that mentioned #Trump & more than a dozen other prominent right-leaning figures. In addition to Jones, Greenwald, & “RFK Jr.,” the list includes “#DonJr,” #ElonMusk, #JoeRogan, #CharlieKirk, #MarineLePen, “#Bolsonaro” (which could cover either Jair Bolsonaro, the fmr Brazilian president, or his son Eduardo, who is seeking political asylum in the US), & Beattie himself.

Continued thread

#DarrenBeattie specifically asked for “all documents, emails, correspondence, or other records of communications amongst/between employees, contractors, subcontractors or consultants at the GEC or R/FIMI” since 2017 with all the named individuals, as well as communications that merely referenced them. He sought communications that referenced any of the listed organizations.

Continued thread

#DarrenBeattie has also personally promoted these views. Before joining the #State Dept, he started Revolver News, a website that espouses #FarRight talking points that often gain traction in certain *conservative* circles. Among the ideas promoted in Revolver News is that GEC was part of a “censorship industrial complex” aimed at suppressing American #conservative voices, even though GEC’s mission was foreign #disinformation.

Continued thread

#DanielFried echoes this sentiment. “I spent 40 years in the #State Dept, & you didn’t collect names or demand email records…I’ve never heard of such a thing”—at least not in the American context, he clarifies. It did remind him of Eastern European “Communist Party minder[s] watching over the untrusted bureaucracy.”

He adds: “It also approaches the compilation of an #EnemiesList.”

Continued thread

When told of their inclusion in the records request, multiple people expressed alarm that such a list exists at all in an American institution. “When I was in government I’d never [have] done anything like that,” #BillKristol, a fmr chief of staff to VP Dan Quayle, says. “What would be the innocent reason for doing that?”