Certificate Transparency – a step-by-step overview:

certificate.transparency.dev/h

Certificate Transparency is a system of public logs for monitoring and auditing digital certificates.

#CertificateTransparency #TLS #HTTPS #InfoSec #Security #CyberSecurity

Regarding #youtubedl situation, I strongly recommend watching Good Copy Bad Copy:
en.wikipedia.org/wiki/Good_Cop

You can watch it on #PeerTube thanks to @documentaries here:
peertube.nomagic.uk/videos/wat

Or just torrent it, as the GCBC creators suggest themselves.

One of the best moments is when an MPAA chief talks about how people won't share things for free, and you watch it in a film explicitly made to be shared on a FLOSS operating system using VLC.

We need #copyreform.

"The Zerologon vulnerability has been reported to affect some versions of QTS.

If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network. The NAS may be exposed to this vulnerability if users have configured the device as a domain controller..."

qnap.com/en/security-advisory/

Three npm packages found opening shells on Linux, Windows systems:

zdnet.com/article/three-npm-pa

The packages are plutov-slack-client, nodetest199, and nodetest1010.

npm security team: "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer."

#npm #JavaScript #Vulnerability #Backdoor #InfoSec #Security #CyberSecurity

"Introduction to HashiCorp Boundary"

youtube.com/watch?v=tUMe7EsXYB

Interesting, looking forward to see how it evolves.

Plasma 5.20 is out 😊

A massive release, containing improvements to dozens of components, widgets, and the desktop behavior in general.

kde.org/announcements/plasma-5

"Spotify: happy to let you move playlists to their service, unwilling to let you move them from their service."

daringfireball.net/linked/2020

🤷‍♂️ so open

"Google’s Android Security & Privacy team has launched the Android Partner Vulnerability Initiative (APVI) to manage security issues specific to Android OEMs."

security.googleblog.com/2020/1

"Gitter is joining the Matrix ecosystem and will become the first major existing chat platform to switch to natively speaking Matrix!"

matrix.org/blog/2020/09/30/wel

Awesome news.

"Samsung TV owners complain about increasingly obtrusive ads"

"On its webpage intended for business partners, Samsung boasts that is has 50 million Smart TVs in operation and that it has the industry’s largest ACR data set."

flatpanelshd.com/news.php?suba

So ... we no longer own our things, apparently we just buy direct sales channels into our homes 🤔

Looking for something interesting to watch today? Catch-up on this week’s Dweb meetup about how we can build something better than the Big Techs of today. Featuring @doctorow@twitter.com @arcalinea@twitter.com @mmasnick@twitter.com and @AmandineLePape@twitter.com
Spoiler: Matrix is incredibly well placed to help!

Show thread
Show more
Social feed

This is a personal and private instance.