RT @LitMoose@twitter.com

*slaps roof of legacy environment*
"You can fit so many attackers in this bad boy."

πŸ¦πŸ”—: twitter.com/LitMoose/status/12

RT @bodil@twitter.com

Jfc, can you please STOP SHAMING WORKERS WHO SHARE THEIR SALARIES? Salary transparency is GOOD for us and BAD for those who control the means of production.

πŸ¦πŸ”—: twitter.com/bodil/status/12286

RT @jonf3n@twitter.com

This is why we don't trust closed source crypto. Everything seems fine until one day you realize it's been a multi-decade "security theater" show... twitter.com/washingtonpost/sta

πŸ¦πŸ”—: twitter.com/jonf3n/status/1227

RT @lrvick@twitter.com

Most major holders of data or other digital assets wildly under-invest in security.

Very few companies employ teams of engineers with published security research, CVEs, etc. Most are not hiring for them and lack even one.

You can use this as an indicator for survivors bias.

πŸ¦πŸ”—: twitter.com/lrvick/status/1227

Normally this is covered with umbrellas, but this is also pretty cool :) ift.tt/387On1Z

RT @lrvick@twitter.com

Unpopular opinion: It is negligent to allow users to sign up with vulnerable 2FA methods like, OTP, TOTP, or SMS.

Service providers that don't force use of U2F/WebAuthn, even software emulated, should be partially liable for phishing attacks.

πŸ¦πŸ”—: twitter.com/lrvick/status/1224

RT @jonf3n@twitter.com

Exciting to see for Matrix is enabled by default! (developer version only so far)
They seem to have really thought a lot about how this will avoid issues seen in other protocols.
Multi-device cross-signing, searching, better ux, bots, scaling, etc.

πŸ¦πŸ”—: twitter.com/jonf3n/status/1223

RT @matrixdotorg@twitter.com

Frantic final preparations for demos are under way... if you want to see the grand reveal for cross-signing, QR verification and enabling E2EE by default, head to K-building auditorium at 4pm on Sunday!

πŸ¦πŸ”—: twitter.com/matrixdotorg/statu

RT @JohnNaulty@twitter.com

@IanColdwater@twitter.com @TinkerFairy_Net@twitter.com @jessica_schalz@twitter.com @MayaKaczorowski@twitter.com @TabbySable@twitter.com @mauilion@twitter.com I think this is the kubecon workshop you're referencing, yeah?

I'm trying to organize a CTF using this in the SF Bay area.
if anyone's interested, ping me :)

πŸ¦πŸ”—: twitter.com/JohnNaulty/status/

RT @lrvick@twitter.com

@ac1dgoddess@twitter.com Lastpass, bitwarden, 1password etc expose your entire password database to an adversary with read access to your memory. They fare worse against remote actors than pen and paper.

Password-store+yubikey or Mooltipass OTOH decrypt one secret at a time with physical approval.

πŸ¦πŸ”—: twitter.com/lrvick/status/1217

RT @JohnNaulty@twitter.com

Thanks @CloudNativeFdn@twitter.com for helping organize a public program with @Hacker0x01@twitter.com for !

More opensource projects need this kind of financial 'love'


πŸ¦πŸ”—: twitter.com/JohnNaulty/status/

If you're in Berlin and want to live the dream, check out Room 77 and pay with Bitcoin or lightning

RT @JohnNaulty@twitter.com

Hey Californians, the California Consumer Privacy Act took effect yesterday!

Know your rights and protect your privacy!

πŸ¦πŸ”—: twitter.com/JohnNaulty/status/

A little late, but I spent most of the day traveling. Happy New Year from Leipzig, Deutschland

I'm a software developer, grinder, cryptography and cryptocurrency enthusiast. I enjoy making things and learning. I enjoy great food, good beer and whisky. Hard Rock, Ska and EDM fan. Seeing the world one flight and one trail at a time.

Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!