Show more

Super Small Summary:
* Zoom for Mac lets any website force your client to join a call
* With the camera turned on
* Installs a web-server that is not deleted when you remove the app
* That web-server can be used to remotely reinstall the zoom app and do some sort of DOS on your machine.

👏

medium.com/@jonathan.leitschuh

(Not patched yet)

Couldn't agree more.
Disabling image loading on your email clients (default option in many of them) is a must.

mikeindustries.com/blog/archiv

Mozilla updated its recommended configurations for server-side TLS:

wiki.mozilla.org/Security/Serv

Modern configuration:
– TLS 1.3 only
– ECDSA certificate
– X25519, prime256v1, and secp384r1 curve

#mozilla #tls #https #tls13 #ecdsa

Tor-focussed :tor: operating system Tails 3.14.2 released:

tails.boum.org/news/version_3.

– update for Tor Browser (8.5.3)
– ⚠ the Tails OS developers strongly advice against using Tails OS 3.14.1 or earlier: tails.boum.org/security/sandbo

#tails #tor #torbrowser #privacy #anonymity

We signed a public letter urging the German government to drop the idea of building in backdoors in all encrypted communication. It was a bad idea in 1993, it is a bad idea today.
nextcloud.com/blog/a-bad-idea-

Mozilla published a new GPG key that will be used to sign the Firefox release manifests in future:

blog.mozilla.org/security/2019

The new GPG subkey’s fingerprint is 097B 3130 77AE 62A0 2F84 DA4D F1A6 668F BB7D 572E, and it expires 2021-05-29.

#mozilla #firefox #signing #infosec #security #cybersecurity

Show more
Social feed

This is a personal and private instance.