social.uhoreg.ca

Search

Items tagged with: security

Post-mortem and remediations for Apr 11 #security incident | #Matrix blog

 

Mozilla announces ban on Firefox extensions containing obfuscated code

Mozilla also plans to be more aggressive towards taking down extensions that break its policies, with a focus on security issues.
#mozilla #firefox #security #extensions #zdnet
 

Mozilla announces ban on Firefox extensions containing obfuscated code

Mozilla also plans to be more aggressive towards taking down extensions that break its policies, with a focus on security issues.
#mozilla #firefox #security #extensions #zdnet
 

#Security updates: Sydent 1.0.3, Synapse 0.99.3.1 and Riot/Android 0.9.0 / 0.8.99 / 0.8.28a | #Matrix blog

 

This Week in Matrix 2019-05-03 | Matrix blog


https://matrix.org/blog/2019/05/03/this-week-in-matrix-2019-05-03/

New #security disclosure policy, moderation guide and lots of server/client news from the #Matrix ecosystem, as always 👍
 
It's not just data, it's your life! Don't let anyone make you feel bad for wanting to keep it private and secure, untracked, free from ads, shared or exploited for profit at your expense https://librem.one #LibremOne #privacy #security
Image/photo
 
"Can I fully control my Android phone?": No, you can't.

– in our tests, AFWall+ leaked DNS queries of all apps on the device (including blocked apps), making it easy to determine apps installed on the phone
– updating Android doesn't imply that firmware vulnerabilities get fixed
– apps from F-Droid/Play Store etc. can still leak personal data as shown in our /e/ article
– besides, your proprietary baseband processor, GPS, sensors etc. remain out of control

#android #security #privacy #infosec
 
Security update: Sydent 1.0.2. If you run your own Sydent identity server and use the allowed_local_3pids setting in Synapse to restrict registration per email domain, you must upgrade. Thanks to @fs0c131y for finding the vuln.

https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/

#matrix #security
 

We have discovered and addressed a security breach - Matrix


https://matrix.org/blog/2019/04/11/security-incident/

If you have ever had an account on the matrix.org server, please reset the password and also any other sites passwords if you used the same password elsewhere.

More details by the team to follow.

#security #infosec #matrix
 

We have discovered and addressed a security breach - Matrix


https://matrix.org/blog/2019/04/11/security-incident/

If you have ever had an account on the matrix.org server, please reset the password and also any other sites passwords if you used the same password elsewhere.

More details by the team to follow.

#security #infosec #matrix
 
Copying here:
Attention #Riot Web Admins! We reset Scalar tokens to address a potential #security vuln. with some clients - if you run your own Riot instance please upgrade to at least v1.0.4 to keep using integrations (widgets, sticker picker, any bots and bridges configured through Scalar).
And same goes if you use #Dimension integration manager.

#Matrix
 
@freedomboxfndn so.. you're teaching people to stick random gratis USB devices into their boxes?...

Hopefully you'll decide otherwise after reading this research paper: https://zakird.com/papers/usb.pdf

We should be educating people to not plug random USB devices into their systems, rather than encourage them.

#security
 
Thanks a lot @Purism.

Do you think we could find a way to mix a #Gnuk token with an USB storage to store /boot.

This USB storage could store the #LUKS header and avoid having any key material on the laptop which could be lost.

This way, we boot from the USB storage, it verifies the signatures of files on /boot, decrypt the laptop storage with the #Gnuk token.

Regards.

#Paranoia #Privacy #Security #ChooseFreedom #LibresSoftwares #LibreSoftware
 

diaspora\* security release 0.7.7.1



We just released diaspora\* version 0.7.7.1 which fixes a potential cross-site scripting issue with maliciously crafted OpenGraph metadata on the mobile interface.

Updating



Please update as soon as possible. Update instructions are available as usual in the wiki.
#diaspora #announcement #security #release #0771

Updating - diaspora* project wiki

Updating - diaspora* project wiki
 
annual Linux Journal #security issue: "Todd A. Jacobs... gives an overview to using a YubiKey... Then he follows that up with The Purism Librem Key and how that specific USB hardware key compares to others on the market..." https://www.linuxjournal.com/content/security-issue
Image/photo
 
🎁 Buy Now & Save: Librem 5 Early Bird pricing ($599 USD) *extended to February 3*. Preorder pricing ($649 USD) begins Feb 4 and ends when general availability and shipping begins. https://shop.puri.sm/shop/librem-5/ #DemandFreedom #privacy #security
Image/photo
 
We believe in a decentralized Internet #fediverse. That's why we're at #Mastodon now!#Introduction #Privacy #Security
 

February 23, 2017

technical, security
22:12 -0500
Hubert Chathi: Anyone proxied by @cloudflare.com or using sites proxied by them: your private data may have been leaked #security
Link:https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
Via:Hacker News
0 Comments
 
Later posts Earlier posts