#Gentoo #Linux is not having a good day: https://archives.gentoo.org/gentoo-announce/message/dc23d48d2258e1ed91599a8091167002

"All Gentoo code hosted on github should for the moment be considered compromised."

And here we see #HardenedBSD 12-CURRENT/arm64 with Control Flow Integrity (CFI), a powerful exploit mitigation, enabled on the RPI3.

Full img: https://photos.app.goo.gl/6z1GxDAYPKFMP4NU9

#infosec #FreeBSD

*gasp* Facebook weakened WhatsApp encryption so they could open it up for businesses by selling user data and making a profit

Oh wait, no. That’s not surprising at all

https://www.washingtonpost.com/amphtml/business/economy/whatsapp-founder-plans-to-leave-after-broad-clashes-with-parent-facebook/2018/04/30/49448dd2-4ca9-11e8-84a0-458a1aa9ac0a_story.html?noredirect=on

Daily reminder that you should not use Discord unless you like sending 100% identifiable analytics events for every single action you perfom in their app.

New blog post: playing with an #OpenBSD router and OpenVPN, in which you'll learn how to configure and automate your router to distribute traffic through multiple tunnels (even when they have overlapping subnets)
https://umbriel.fr/posts/2018/04/15/playing-openbsd-openvpn/

Please don’t post screenshots of text. Depending on who is seeing it, they could be annoying, hard to read, or impossible to read.

Post links to the text or something you want to quote, and transcribe important parts into your toot.

If a screenshot is unavoidable, use the feature for describing an image with text to transcribe the important part of the text.

Thanks for making the fediverse a friendlier place for everyone. 👍🏻 #mastotips

What type of ssh keys are you using? Any preferences?

Most of mine are ed25519 but I have a few rsa keys for very old systems.

I don't think I have any dsa or ecdsa.

#Debian
#beep
#privescalation
#speechless

https://twitter.com/mikko/status/981140140335738880

Really? Passwords on the logs?

https://www.mac4n6.com/blog/2018/3/21/uh-oh-unified-logs-in-high-sierra-1013-show-plaintext-password-for-apfs-encrypted-external-volumes-via-disk-utilityapp

#security #infosec

Who uses #flowd? Would you like plugin support implemented? Meaning, you could write your own shared object that get passed flow data. The shared object can then take any arbitrary action on that flow data.

#networking #infosec

Weird weekend, the next one.

#kubernetes vulns https://www.twistlock.com/2018/03/21/deep-dive-severe-kubernetes-vulnerability-date-cve-2017-1002101/

This seems familiar... almost like escaping chroot back in the day. 🤔

@lattera FWIW I'm on LineageOS since last year (wileyfox swift 1) and it worked beautifully since the first try.

Still have some issues with TWRP that prevents me to upgrade directly, but I guess that's me being lazy :-)

@lattera It will take time, as always; things are playing on this side though. To fill this place with meaningful conversations it's up to us.

http://www.zdnet.com/article/linux-beats-internal-legal-threat/

Apparently a linux core developer (head of netfilter team for some time) went rogue and sued *on its own* ~40 firms because of their linux GPLv2 infringement, asking for damages and/or compensation *for himself*. And it worked at least once.

Speechless.

The story of course is a bit more convoluted than this, nonetheless I think the issue isn't getting the attention it should deserve.

Attitude being the issue here, not licensing.

As a fun little tidbit, this is Adélie Linux 1.0-ALPHA5 on a Pentium III/500 with 256 MB RAM. The KDE Plasma 5 desktop is a bit slow, but does run fully! Imagine what you can do with the hardware you have lying around your house. Give it a spin 😀

Condolences to the person running mastodon.rocks (which lost its database). I know that sinking feeling as you realize that something went wrong.

Let it be a serious reminder to everyone to have regular backups.

I've lost an entire VPS to Scaleway once, it wasn't even anything I did, their hardware just failed. Not having backups is living on the edge.

Hey #InfoSec, I am starting to look for a new phone and am considering #Copperhead:
https://copperhead.co/android/docs/technical_overview

Any thoughts? Is it worth its salt?

On Slack's bait-and-switch: https://opkode.com/blog/slacks-bait-and-switch/

This is why you should not use #proprietary solutions, especially for #FOSS projects.