A DEA agent used a local police officer’s password to the Flock automated license plate reader system to search for someone suspected of an “immigration violation.”

That DEA agent did this “without [the local police officer’s] knowledge,”

🔗 https://www.404media.co/feds-used-local-cops-password-to-do-immigration-surveillance-with-flock-cameras/

@redsakana This is a fantastic article! I might have to write another systemd blog post just to address some things here.

I think this isn't a 100% eventuality for compromise though, as the testing is all done via systemd-run. The sandboxing options per unit are to protect a compromised process in the given service context, not to protect from a user (or even sillier, a PRIVILEGED user) from abusing a service execution environment. I don't disagree with the premise of the blog post, very informative and well written. I do disagree with the threat model though.

@redsakana I would love to learn more about this! I've seen some specific issues in implementations of dbus, like the @unit42_intel writeup of the Ubuntu USBCreator issues, but that was an application specific issue, not systemic to the use of systemd. Do you have any reading you could share on this topic?

Will of the people. We’re doing it gang. $10. Two stickers. Shipped worldwide. In a few weeks time.

👉 http://rknight.me/shop/training-data

@mattesilver fixed! I appreciate the feedback.

@mattesilver Ah, so I am! Thank you! One day I'll get _something_ typo-free...

@StarkZarn Woo hoo! Can't wait for #DEFCON34!

https://roguesecurity.dev/blog/systemd-hardening

Another #selfhosting blog down, this time some casual notes on #systemd #security. Love it or hate it, systemd is a big player in the bulk of Linux systems out there, and these are a few notes on how to lock down some of the defaults.

I think this shows how @linuxfoundation is not necessarily on our side.

https://social.lfx.dev/@linuxfoundation/114993371357953940

GitHub is no longer independent at Microsoft after CEO resignation: GitHub CEO Thomas Dohmke has resigned, and now GitHub will be part of Microsoft’s core AI engineering team. Github is no longer independent company.

https://www.theverge.com/news/757461/microsoft-github-thomas-dohmke-resignation-coreai-team-transition

@Graylog understandable. Thanks for the reply! Hope to see you at #defcon next year!

Celebrating 20 Year of the #openSUSE Project Today!!!

Dear @microsoft ,

As a consumer, why on earth do I need to sign in to encrypt a drive?

The Register took a look at Microsoft Recall and found it captured personal information, such as social security numbers and such in its database.

They also found they could access it remotely using TeamViewer, using just a PIN.

https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/

@Graylog Any other way for fans like myself to get a patch? For those of us who weren't able to go to #Defcon this year?

@GrapheneOS I found the company : https://www.corporationwiki.com/p/3hbo31/phreeli-company, I haven't yet figured out exactly what she does.

@GrapheneOS _that_ rossmann?

:thonking:

Two years ago when researchers found and publicly exposed an intentional backdoor in a TETRA encryption algorithm used to secure radio communications for police/military/intel agencies around the world -- the algorithm involved a key advertised as one strength but secretly reduced to 32 bits -- the European organization that produced the algorithm told users that to secure their communications they could deploy an end-to-end encryption solution on top of the backdoor'd algorithm. Now the same researchers say they found a security problem with the end-to-end solution as well -- another reduced key. Here's my story for Wired:

https://www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/