Public key cryptography1 - xkcd Contexte [Spoiler]: Avant que le communauté des utilisateurs irréductibles de PGP2 ne me saute dessus à bras raccourcis, laissez-moi vous donner quelques éléments de contexte. J’utilise le chiffrement PGP depuis bientôt 20 ans, une des rares solutions qui permettait de se soustraire à la curiosité envahissante de nos amis Chinois quand j’habitais en Chine. C’est à la même période d’ailleurs et pour des raisons similaires que j’abandonne Windows3 et bascule mon environnement de travail sous Linux. ...
Image credit: “Lets leave planet GAFAM NATU BATX” by David Revoy for Framasoft − CC-BY 4.0 Why Privacy & Security Matter This is a fairly old topic - bu Internet standards and some very good people have already written a lot about it, so it is now very well documented. Here are some of the most famous quotes: ...
RGPD - Le guide pratique La CNIL1 est sympa. Le gendarme français des données personnelles inflige (parfois) des amendes (modestes au regard de ce qu’autorise le RGPD) à ceux qui bafouent le respect de la vie privée et la sécurité des données personnelles. Enfin, quand elle ne fait pas de siestes trop longues2 ou ne fait pas preuve d’un laxisme éhonté comme le rapportait La Quadrature du Net en 20213. Mais globalement la situation s’améliore: en 2023, la CNIL a instruit 16 000 plaintes, procédé à 340 contrôles et prononcé 168 mises en demeure et 42 sanctions pour un montant de 90 millions d’Euros. ...
Chez le tout nouveau France Travail (ex- Pôle Emploi, ex- ANPE) il y a ceux qui font leur boulot1 et puis il y a les autres, notamment ceux du service SSI2 qui devaient avoir aqua-poney le jour où la solidité du tout nouveau site web et de son backend a été éprouvée. Si elle l’a été, ce dont vous me permettrez de douter (voir plus bas). ...
A True Friend Is Gone Nick Ong aka Fakawi Chief as he was called among the South-East Asian mountain biking community, has passed today in Kuala Lumpur, Malaysia. Nick Ong 1 was a man of many talents: creator of the Fakawi Tribe, captain of the Malaysian Fakawi Banshee Downhill Team, Malaysian importer of Banshee Bikes, jungle explorer on weekends, unwavering supporter of traks.org, the advocacy group for Bukit Kiara, Kuala Lumpur’s mountain biking gem, outdoor and MTB film maker 2, oh, and also a medical doctor, all served by a sharp mind with an unparalleled sense of humour. ...
[EDIT: 09.01.2023]: Threema has reacted to the publication in bold terms: The [research] paper is based on an old protocol that is no longer in use. The presented findings do not apply to Threema’s current communication protocol “Ibex” or have already been addressed. None of them ever had any considerable real-world impact. See how the story develops. Threema is a Swiss encrypted messaging application which has been widely advertised as a secure alternative to Signal, WhatsApp or Wire. Their website claims the app is used by more than 10 million users and 7,000 corporate customers. Prominent users of Threema include the Swiss Government, the Swiss Army and the current Chancellor of Germany, Olaf Scholz. ...
DNS entries for a parked domain that does not send emails but has a website Hostname Type TTL Data @ MX 1800 0 . @ TXT 1800 "v=spf1 -all" *._domainkey TXT 1800 "v=DKIM1; p=" _dmarc TXT 1800 "v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s;fo=1;" DNS entries explained Null MX Explicitly configure an ’empty’ MX record according to RFC7505. @ 1800 IN MX 0 . SPF Set an an empty policy and a hard fail. @ 1800 IN TXT "v=spf1 -all" DKIM *._domainkey 1800 IN TXT "v=DKIM1; p=" DMARC Set DMARC policy to reject emails1 ...
Abstract: Telling users to ‘avoid clicking bad links’ still isn’t working by David C. - Technical Director for Platforms Research and Principal Architect - NCSC (UK) Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing. Infosec tenets simply don’t work Advising users not to click on bad link: users frequently need to click on links from unfamiliar domains to do their job, and being able to spot a phish is not their job ...
## web0 is the decentralised web ## web3 = **decentralization** + blockchain + NFTs + metaverse web0 = **decentralization** - blockchain - NFTs - metaverse web0 = **decentralization** In other words, web0 is web3 without all the corporate right-libertarian Silicon Valley bullshit – Aral Balkan1 Head over here and sign the web0 Manifesto. This will probably not change the world overnight but let these different voices be heard. Thank you. ...
[First published on September 05, 2016] I am ditching WhatsApp, following Facebook’s decision to begin harvesting data from its messaging service. Even though Motherboard claims “it may be possible to prevent WhatsApp to give your phone number to Facebook” (LOL) WhatsApp will still harvest your metadata. “Sharing metadata with Facebook still exposes users to significant risks,” says Claire Gartland, consumer protection counsel for the Electronic Privacy Information Center. “Facebook will have data indicating who WhatsApp users communicate with and how frequently, and connecting WhatsApp users with their social media accounts and broader online activity, associations, political affiliations, and more.” – Wired ...