So, #Internet, dann tu' mal deine Weisheit raus und sage mir, wie diese #Sneaker hier heißen?
Nach meiner Erinnerung waren das #Nike-Schuhe, Zeit ca. 1998/99.
Wer kann das rausfinden?
#wisdomofthecrowd
#WisdomOfTheCrowd
Americans Are Increasingly Convinced That Aliens Have Visited Earth
I recommended in both cases to file a police report. While I'm not very optimistic that anyone will be held responsible, I think this is essential in case the accounts were used for fraudulent activities which are not yet apparent.
Change the account password to a strong random password. Change the password of other accounts which use the same or a similar password and enable MFA.
Additional I suggested to be open about the incident. Enabling possible other victims to learn or in the case of harassment to come forward
What are other or different recommendations you have?
Do you know of resource you could hand out to people who got their (social media) accounts hacked? Telling them how to react, secure their accounts, offer contacts which can support?
Is GPT-5 good at frontend coding? This AI summary from Reddit about sums it up: it's both incredible and absolutely horrendous. #WisdomOfTheCrowd
I need some #FediPower or #WisdomOfTheCrowd
For a published e-mail address, we get a ton of "job application" through nomaanoilandgas@googlegroups.com. The specific emails are inconspicuous. Some text, an attached pdf, "no" links in the body or PDF, nothing malicious as far as I can tell.
As googlegroups.com is owned by Google I assume it really is a Google Group.
But I can't find any information on this "group"
https://groups.google.com/g/nomaanoilandgas return "Content unavailable".
It could be a private group.
A web search doesn't return any results either
Did someone experience similar #SPAM or #Phishing emails and can elaborate further?
#Cybersecurity
Does anyone know a regulation which requires specific time periods from "vendors" to fix security vulnerabilities?
There is the (unofficial) 90 days which are often used in Coordinated Vulnerability Disclosure. But I couldn't find anything specific in common standards or regulation :-(
I really would love to have something to shorten the recurring discussion on how quickly a vulnerability should get fixed 🤬
Clarification: I'm not talking about time-frames for operators to apply security patches from the vendors.
And I'm aware that the analysis of a (potential) vulnerability, the fix, the testing, certification, release of the system by the vendor is far more complex and time consuming than "simply" applying patches
Counting on the wisdom of the crowd. If I give you numbers like these:
638129013803990047
637147682785557162
636790199355386290
637171340797037368
Do they ring any bell? Like an exotic timestamp? Or something that anyone has seen so far?
I appreciate shareing to reach as many people as possible and acquire potential responses.
#infosec #askfedi #computerscience #decimals #binarydata #wisdomofthecrowd
Überall Idioten! 😉
Hey all,
I'm searching for a virtual "KVM" software to work on different computer (laptops).
I can't remember its name 😠 so I'm looking for it or any alternatives.
Do any of you know or can recommend one?
#Boost welcome
What I'm looking for:
Some time ago I used a virtual "KVM" software, to use several laptops in parallel.
Actually, it was rather a Keyboard and mouse sharing application
It connected several computers (laptops). You ran it a client/server on all computers. In a text based configuration you could specify where the "screen" of the computer was. Analogous to a desktop extension you could move your mouse to the display. Then keyboard and mouse inputs were directed to the other computer. AFAIK the clipboard was also "shared"
Example:
Take the attached display layout. 1 could be your windows laptop, 2 your Linux laptop, and 3 your MacBook. Now you can simply switch the Computer you are working on by moving the mouse to one of the "screens"
I have the challenge to give an overview about #cybersecurity in 5 minutes 😮
My idea is to combine personal as well as cooperate security. To give everyone something that makes them more secure individually and improve the corporate security posture. And i would also talk about current attacks
The problem is, it's just so much for 5 minutes.
To my question to you #cybersecurity experts and non-experts alike.
What would do you think needs to be in a 5 minutes overview? What would you like to hear about?
I really get more and more frustrated with #LLMs
There is a very narrow scope where I consider them helpful. But the area gets smaller and smaller. (Usually writing texts which I simply can correct, extend, and adapt)
Today I tried the "search" functionality. Let's dive into it:
What I'm looking for is more information or a reference for an anecdote.
As the story goes an economist and nobel laudator was pondering about his upcoming marriage (as far as I recall if or if not to marry "this" woman).
A friend/colleague asked him why he didn't use the decision formule he had won the nobel price of economic for. To which he replied "No, this is serious."
(If anyone knows this story and can point me to a reference it is very welcome #FediPower #WisdomOfTheCrowd)
As I wasn't successful using different search engines, I tried to ask AI
1/n
I'm looking for a good overview/comparison of different #MFA/#2FA or #PasswordLess authentication protocols.
The recent #Fido2 #MitM risk made me aware that I need to learn more.
Pointers and #BoostWelcome
#fedipower #wisdomOfTheCrowd #FollowerPower
As the best way to get an answer on the internet, is to state something wrong, let's try this 😜
#FIDO and FIDO2 are actually a whole set of (related?) protocols.
FIDO includes FIDO #UAF (Universal Authentication Framework) and FIDO #U2F (Universal Second Factor).
FIDO2 is the "successor" of FIDO and consists of two parts.
#WebAuthn and #CTAP (Client to Authenticator Protocol). From the name I would guess that WebAuthn is for web stuff (requiring browser support) and CTAP is for IT infrastructure stuff (???)
#Passkey is based on #Fido2
Other related concepts or protocols are #OTP (one-time passwords), #TOTP (Time-based One-time Password) and #HOTP (“H” in HOTP stands for Hash-based Message Authentication Code (HMAC))
Not sure how #SmartCards play into this.
And not sure which of these methods would work for an offline authentication login into your laptop (and ideally also as key for whole disk encryption)
Some time ago I ranted about #Microsoft #EntraID and how bad it is at support the use of good passwords 🤬
https://infosec.exchange/@realn2s/111603524880422572
Now I need your help (#boost appreciated):
I'm looking for a better tool (primarily in a Microsoft AD setting, but ideally also for Azure)
The tool should check potential passwords against a list of compromised passwords as well as against dictionaries. Validate that the password confirms to the password policy and "complexity requirements"
Ideally this should be checked whenever the password is entered
Can anyone recommend such a tool?
Does such a tool exist? Es it is plugged deeply into authentication it itself is highly sensitive.
I sometimes get a puzzling block page on my company laptop (see screenshot). It's not our usual webfilter
Anyone has seen a similar block page and knows what causes this. #FediPower
I have no idea where this is coming from (I suspect either Edge or a plugin)
The funny thing is that the same link in a different tab works all right.
It has happend to me several time when I tried to navigate from a video found by #DuckDuckGo to YouTube. But the same link works all right later if I click it again. Reloading the URL still keeps it blocked. Even pasting a different YT URL and opening it in the blocked tab blocks it again
What is the best hashtag to ask questions to the #Fediverse?
#SwarmIntelligence? #WisdomOfTheCrowd?
Hints and suggestions welcome 🙂
Which hashtags do you use? Which do you follow?
Edit: There is also #FollowerPower 🙂
I'm finally planning to leave Google-Docs (shared document editing) and Amazon Prime (unlimited Photo Backup) as well as DropBox
I'm looking for recommendations and experience reports. #Boost welcome
It doesn't need to be free and self hosting is an option. Regarding the (photo) backup I'm looking for online storage as I would like a protection against something like the flat burning down.
Photos only would be around 1TB. Preferable I would like to mirror my local backups (Time machine) as well which leads to a storage need of maybe 10TB.
I would love the online storage to be encrypted. But again it should be restore-able when everything else is lost (and offline save and secure key storage should be possible)
What would you recommend?
Local OwnCloud and NAS mirroring to a cloud storage? How do you accomplish the (transparent) encryption? BoxCryptor would have been one solution but got bought by DropBox 😠
From time to time i stumble onto this slide (allegedly) From a 1979 IBM presentation.
Does anyone have a plausible source for it?
I tried finding one but failed
Edit: a better image and some more slides can be found in @mhoye thread https://mastodon.social/@mhoye/112459155499812117
Some time ago I posted search for a specific security incident #wisdomofthecrowd / #swarmintelligence
https://infosec.exchange/@realn2s/111464877137569866
I just noticed I never explained why.
If you work in #Cybersecurity you sometimes encounter resistance to take steps to secure oneself (or the organisation). The argument often goes something like:
"I'm not a target"
"To attack us wouldn't be profitable"
"We are to minor/nobody knows me"
"We are not a bank"
...
To counter that I'm searching for stories of #LittleBreaches. In which a few 100 or thousand £¥$€ were stolen. Which maybe even had a "happy ending" (because they failed or the victims got reimbursed).
I'm looking for stories were listeners think "😳 that could have been me"
And stories which are in the news usually don't do this
Nobody is going to steal $48 million from my crypto wallet or crypto exchange as I have neither nor that have this kind of money
https://web3isgoinggreat.com/?id=kyberswap-hack-2
Nobody is going to steal chip design intellectual property from me
https://www.tomshardware.com/news/chinese-hackers-steal-chip-designs-from-major-dutch-semiconductor-company
and nobody is going to switch off my power station or destroy my centrifuges
#wisdomOfTheCrowd #Umfrage: Wann wird es eine #KI mit der Leistung von #SkyNet (aus den Terminator-Filmen) geben?
Innerhalb von...
Gerne RT.
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst