Interesting story, it became public because the company whose account got deleted had some weight behind them. Now imagine something like that happening to a regular person, someone who just had been using free service. So don't rely on 3rd parties, just take responsibility and do what will help you to keep your data.

This looks like test of our legal system, and it's good that Scarlett Johansson not planning to stop. She should drive this case all the way in to create precedent. Otherwise words would turn into a nightmare.

Interesting article about targeting AI researches, but whole schema looks very sloppy based on an article. It looks more like industrial espionage where threat actor trying to bring their things up to speed with the rest of the world, rather than serious player trying to exfiltrate something. Check this report out:

Have you ever thought that next battleground for privacy is going to be your own car. Effectively car that you bought with your own money is spying on you and car manufacturers ripping profits off of your information, while you are not getting any discounts. Looks quite upside down, isn't it? Here is the article:

​CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping.

People often ask me why do you trash devs? Weren't you dev yourself? Yes, but I don't trash them and here is why: I've lived in dev through a shortage of devs and every young person dreamed of building stuff, so I taught them that they have to be diligent in their deeds and think out of the box, instead of repeating other ppl mistakes. Now it was time to move to cybersecurity with the same purpose - I want to make profession better and as a result things to become more secure for our own sake.

Profit is a sole driver for any for profit corporation, so when you see some companies claim that they are solving your problem, improving your quality of life, making something convenient for you and all of that for free, beware they might be misleading you. Some might be playing long game, using that feature as bait, but the ultimate goal is to sell your attention to advertisers. This feature won't see daylight unless it can show ROI. Now, think about smart cars and other smart devices.

My friends in cybersecurity community, here is interesting challenge for you. I grabbed swag data blocker from one of the vendors at cybersecurity conference, tested at home using OMG malicious cable detector, by plugging security key into data blocker and then into OMG tool. OMG light up, as seen in the picture, I popped data blocker open and data pins are not soldered on one side. How? Any ideas. Here is the image, vendor name blocked, it's not their fault.

"Data is the new oil" has become a cliche, but the surveillance economy is no trivial topic.

For this edition of the #ProtonPrivacyReadingList, we're sharing a comprehensive study into big data by Wolfie Christl and Sarah Spiekermann.

The book is "Networks of Control," you can find it here:

For a quick introduction to Christl's work, check out his seminar on the consequences of the commercial use of consumer data:

Did that occur to you that girl who talks to a bunch of other people in marketing materials for Apples Vision Pro(probably other VR headset as well) the only one wearing a headset, so that she can clearly see other people's faces. But what about other people? Didn't they want to see her face too? It's all the same when they portray people taking calls and the caller on the other side never wears a headset. So what's the point of face to face call when face is actually obstructed by VR headset.

DEF CON was canceled.

After a great 25 year relationship Caesars abruptly terminated their contract with #DEFCON, leaving us with no venue for DC 32, and just about seven months to Con!

We don’t know why Caesars canceled us, they won’t say beyond it being a strategy change unrelated to anything that DEF CON or our community has done. The parting is confusing, but amicable.

We immediately scrambled a venue strike team to Las Vegas. Floors were walked. Meetings were held. Hands were shook and options weighed. When the smoke cleared, the field narrowed to one obvious choice.


DEF CON 32 will still be August 8-11 2024, but now held at the Las Vegas Convention Center (LVCC) with workshops and training at the Sahara.

We started a live FAQ section on the Forums where we will be updating as we get info. The FAQ’s here:, and DT’s full post is here:

P.S. We made shirts and stickers:

Let's talk about deepfakes, those are alteration of media files, most common videos, with the goal to alter person's identify. I recently came across a really good article summarizing state of deepfakes back in 2022, fast forward 2 years of development in AI industry and now it's even scarier how those could be used to deceive people. Rise of deepfakes poses significant threat to our personal privacy, that's why it's important to protect our

Developers on GitHub, man in the middle is a serious threat, but servers are being updated regularly too. So if you received warning message telling you that remote host identification has changed when you trying to connect to GitHub, please don't just blindly follow tutorials that guiding you to delete offending host from known_hosts file, verify authenticity of that fingerprint here

If you look at legal landscape of privacy you'll find that there is a significant misunderstanding of what privacy is and confusion of privacy with anonymity. Most privacy laws cover your personal information while do not protect tidbits of information about what you were doing online. Simple example streaming providers recommend movies based on what you watched or opened, that information might tell a lot about your interests/hobbies and won't be protected by laws on the books.

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!