est.social

0 postitusega0 osalejaga0 postitust täna

Kevin Karhan :verified:<a href="https://mstdn.io/@ckrypto" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ckrypto</a> if@signalapp@mastodon.world wasn't complying with <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a>, <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Mer__edith</a> would be in jail.Not to mention even if Signal keeps their "<a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>" code updated - which is <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&t=887s" rel="nofollow noopener noreferrer" target="_blank">doubtful</a>, NOONE can actually <a href="https://infosec.space/tags/verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#verify</a> that it's the code you actually use - regardless if <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#backend</a> / <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Server</a> or <a href="https://infosec.space/tags/client" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#client</a> / <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#App</a>! <ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> is as secure as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ANØM</a>, otherwise it would've been shutdown ages ago.</li></ul>Also if Signal was designed for <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>, it would've been <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#decentralized</a> as <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> and not demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhoneNumbers</a> which oftentimes cannot be obtained anonymously in many juristictions at all!<ul><li>Only <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MultiVendor</a> & <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MultiProvider</a> standards can be secure, regardless if OMEMO or <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME. </li></ul>By comparison, <a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@delta</a> doesn't require any PII, only an <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eMail</a> account, and <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> isn't a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VCmoneyBurningParty</a> but sustainable due to <a href="https://infosec.space/tags/subscription" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#subscription</a> and they don't even require any personal details for <a href="https://infosec.space/tags/payment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#payment</a>: <a href="https://infosec.space/tags/CashByMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CashByMail</a> and <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Monero</a> are accepted.<ul><li>Not to mention neither <a href="https://infosec.space/tags/DeltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DeltaChat</a> nor <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#monoclesChat</a> are <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&t=424s" rel="nofollow noopener noreferrer" target="_blank">pandering</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Shitcoin</a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scams</a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MobileCoin</a> that <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">don't work</a> even for <a href="https://infosec.space/tags/TechLiterate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechLiterate</a> <a href="https://infosec.space/tags/CryptoBros" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoBros</a>! </li></ul> Again: It's Signal alone who have to evidence they are trustworthy, and all I get are "<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TrustMeBro</a>!" replies, which means they are not to be trusted.<ul><li>Not to mention, it's just not sustainable to run a <a href="https://infosec.space/tags/service" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#service</a> without <a href="https://infosec.space/tags/revenue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#revenue</a>, even if it's run entirely by unpaid volunteers and gets all it's <a href="https://infosec.space/tags/hosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hosting</a> and <a href="https://infosec.space/tags/costs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#costs</a> donated, someone has to pay for expenses due to <a href="https://infosec.space/tags/abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#abuse</a> of a service (which is an inevitability come mass adoption)...</li></ul>Whereas with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a> I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.<ul><li>Signal as a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> service is inevitable vulnerable to <a href="https://infosec.space/tags/RubberhoseCryptoanalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RubberhoseCryptoanalysis</a>, and <a href="https://infosec.space/tags/Meredith" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Meredith</a> will break if not doing so means <a href="https://web.archive.org/web/20210226175949/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">jail for life until she does</a>!</li></ul>Whereas with XMPP & PGP/MIME <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eMail</a> I can layer <a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@torproject</a> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tor</a> over it, make it an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OnionService</a> and keep that thing under my bed with a <a href="https://www.youtube.com/watch?v=F59iKSrx63c&list=PL2YepVFF1azEYo0c0HdYwykbp_AXchaIp" rel="nofollow noopener noreferrer" target="_blank">literal killswitch</a>...

Democrats Abroad<a href="https://mastodon.social/tags/Pennsylvania" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pennsylvania</a> voter living abroad? Make sure your ballot gets counted!The GOP is playing dangerous games with democracy … but <a href="https://mastodon.social/tags/PA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PA</a> overseas voters can counter MAGA sabotage:<a href="https://mastodon.social/tags/REGISTER" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#REGISTER</a> and request your ballot via VoteFromAbroad.org <a href="https://mastodon.social/tags/VERIFY" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VERIFY</a> your status <a href="https://mastodon.social/tags/VOTE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VOTE</a> early<a href="https://mastodon.social/tags/VoteFromAbroad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VoteFromAbroad</a> <a href="https://mastodon.social/tags/YourVoteMatters" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YourVoteMatters</a> <a href="https://mastodon.social/tags/Election2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Election2024</a>

Columbus - Feeds<a href="https://www.10tv.com/article/news/verify/kamala-harris/vice-president-harris-border-czar-claims-misleading-fact-check/536-1f49fa77-10b7-402b-aac5-acb9dd59018b" rel="nofollow noopener noreferrer" target="_blank">Claims that Vice President Harris is Biden’s ‘border czar’ are misleading</a> Harris is not in charge of border security or immigration policy. She was tasked with addressing the root causes of migration from three Central American countries.

FinchHaven sfba<a href="https://mastodon.gamedev.place/@Taffer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Taffer</a> YeahI know nothing about Ko-fi but that was my next (only) thought: contact someone in tech support and see what they sayGood luck with it<a href="https://sfba.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://sfba.social/tags/Verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verify</a> <a href="https://sfba.social/tags/Verifying" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verifying</a>

FinchHaven sfba<a href="https://mastodon.gamedev.place/@Taffer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Taffer</a> Question: do you have direct read-write editorial control over that page?IOW: can you edit the html yourself and save the result?Thus: <a rel="me" href="https: ... ">Mastodon</a>Even so, at my photography page on Smugmug - where I do have direct editorial control - even after I edited my landing page to add the html rel="me" tag it wouldn't work because Smugmug's html parsers edited the tag to remove the rel="me" Executive summary: like many other things on <a href="https://sfba.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a>, there's more technical details involved in <a href="https://sfba.social/tags/Verifying" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verifying</a> yourself than is immediately explained<a href="https://sfba.social/tags/Verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verify</a>

💾 Paweł ŁukasikContinuing on the topic of Verify. Let's revisit the example from yesterday. If we were in compare mode (already generated received file) and someone were to modify the GUID, running such a test would not result in a broken one.By default, Verify has some types scrubbed, so changes there won't affect the comparison. GUIDs and DateTimes are among such types, and if we would like them to be included in the comparison, we would need to tell Verify not to scrub them. Thankfully, there is an option to do that using the static VerifierSettings class and calling either DontScrubGuids() or DontScrubDateTimes().Docs 📑: <a href="https://github.com/VerifyTests/Verify" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/VerifyTests/Verify</a><a href="https://infosec.exchange/tags/dotnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotnet</a> <a href="https://infosec.exchange/tags/tests" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tests</a> <a href="https://infosec.exchange/tags/snapshot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#snapshot</a> <a href="https://infosec.exchange/tags/testing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#testing</a> <a href="https://infosec.exchange/tags/verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#verify</a> --- If you find this useful, consider giving a like & share ♻

Viimatised otsingud

Otsimisvalikud

Administraator:

Serveri statistika:

#verify