Show more

Super Small Summary:
* Zoom for Mac lets any website force your client to join a call
* With the camera turned on
* Installs a web-server that is not deleted when you remove the app
* That web-server can be used to remotely reinstall the zoom app and do some sort of DOS on your machine.


(Not patched yet)

Couldn't agree more.
Disabling image loading on your email clients (default option in many of them) is a must.

Mozilla updated its recommended configurations for server-side TLS:

Modern configuration:
– TLS 1.3 only
– ECDSA certificate
– X25519, prime256v1, and secp384r1 curve

#mozilla #tls #https #tls13 #ecdsa

Tor-focussed :tor: operating system Tails 3.14.2 released:

– update for Tor Browser (8.5.3)
– ⚠ the Tails OS developers strongly advice against using Tails OS 3.14.1 or earlier:

#tails #tor #torbrowser #privacy #anonymity

We signed a public letter urging the German government to drop the idea of building in backdoors in all encrypted communication. It was a bad idea in 1993, it is a bad idea today.

Mozilla published a new GPG key that will be used to sign the Firefox release manifests in future:

The new GPG subkey’s fingerprint is 097B 3130 77AE 62A0 2F84 DA4D F1A6 668F BB7D 572E, and it expires 2021-05-29.

#mozilla #firefox #signing #infosec #security #cybersecurity

Show more
Social feed

This is a personal and private instance.