toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

281
active users

#pwned

0 posts0 participants0 posts today
UNINOIZE<p>CHICKEN JOCKEY!<br><a href="https://soundcloud.com/uninoize/chicken-jockey" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">soundcloud.com/uninoize/chicke</span><span class="invisible">n-jockey</span></a></p><p><a href="https://mastodon.social/tags/chickenjockey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chickenjockey</span></a> <a href="https://mastodon.social/tags/dnb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnb</span></a> <a href="https://mastodon.social/tags/drumandbass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>drumandbass</span></a> <a href="https://mastodon.social/tags/dubstep" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dubstep</span></a> <a href="https://mastodon.social/tags/Minecraft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Minecraft</span></a> <a href="https://mastodon.social/tags/4chan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>4chan</span></a> <a href="https://mastodon.social/tags/4chantoken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>4chantoken</span></a> <a href="https://mastodon.social/tags/Jungle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Jungle</span></a> <a href="https://mastodon.social/tags/metalstep" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>metalstep</span></a> <a href="https://mastodon.social/tags/SOYJOY" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SOYJOY</span></a> <a href="https://mastodon.social/tags/sharty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sharty</span></a> <a href="https://mastodon.social/tags/soyjakparty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>soyjakparty</span></a> <a href="https://mastodon.social/tags/drumnbass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>drumnbass</span></a> <a href="https://mastodon.social/tags/junglist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>junglist</span></a> <a href="https://mastodon.social/tags/chickenjocky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chickenjocky</span></a> <a href="https://mastodon.social/tags/BillieEilish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BillieEilish</span></a> <a href="https://mastodon.social/tags/hacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacks</span></a> <a href="https://mastodon.social/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hack</span></a> <a href="https://mastodon.social/tags/hacked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacked</span></a> <a href="https://mastodon.social/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> <a href="https://mastodon.social/tags/owned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>owned</span></a> <a href="https://mastodon.social/tags/FIRE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIRE</span></a> <a href="https://mastodon.social/tags/lit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lit</span></a></p>
MusiqueNow :pride: ✡️ 🇵🇸 :anarchismhebrew:<p><a href="https://haveibeenpwned.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">haveibeenpwned.com/</span><span class="invisible"></span></a> </p><p><a href="https://todon.eu/tags/HaveYouBeenPwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HaveYouBeenPwned</span></a> </p><p>Check if your email address is in a <a href="https://todon.eu/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreach</span></a> </p><p><a href="https://todon.eu/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> <a href="https://todon.eu/tags/digitalselfdefence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>digitalselfdefence</span></a> <a href="https://todon.eu/tags/digitalprivacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>digitalprivacy</span></a> <a href="https://todon.eu/tags/digitalhygiene" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>digitalhygiene</span></a> <a href="https://todon.eu/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a></p>
Kevin Karhan :verified:<p><em>Dat feeling when you <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> your first System</em>... </p><p>Kinda like <a href="https://www.youtube.com/watch?v=tFXYuw96d0c&amp;t=43s" rel="nofollow noopener noreferrer" target="_blank">this track</a>...</p><p><a href="https://infosec.space/tags/Nostaliga" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nostaliga</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/mukke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mukke</span></a> <a href="https://infosec.space/tags/mood" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mood</span></a> <a href="https://infosec.space/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a></p>
pablolarah<p>🟠 "Pwned", The Book, Is Now Available for Free<br>by <span class="h-card" translate="no"><a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>troyhunt</span></a></span> <br>In PDF &amp; EPUB formats.</p><p><a href="https://mastodon.social/tags/TroyHunt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TroyHunt</span></a> <a href="https://mastodon.social/tags/Pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pwned</span></a> <a href="https://mastodon.social/tags/freeEbook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freeEbook</span></a> </p><p><a href="https://www.troyhunt.com/pwned-the-book-is-now-available-for-free/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">troyhunt.com/pwned-the-book-is</span><span class="invisible">-now-available-for-free/</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@kasiandra" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kasiandra</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> Ich fasse das als <em>bedingungslose Kapitulation</em> auf...</p><p><a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> <a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/next" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>next</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EOD</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@0xabad1dea" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>0xabad1dea</span></a></span> : if we'd have Device Bound Session Credentials (<a href="https://www.heise.de/en/news/FBI-Agency-issues-warning-about-session-cookie-theft-10007940.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/en/news/FBI-Agency-is</span><span class="invisible">sues-warning-about-session-cookie-theft-10007940.html</span></a> and <a href="https://blog.chromium.org/2024/04/fighting-cookie-theft-using-device.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.chromium.org/2024/04/figh</span><span class="invisible">ting-cookie-theft-using-device.html</span></a>), cookie theft via some specific attacks may be prevented. But in general:</p><p>If your device is compromised, it's game over.</p><p><a href="https://infosec.exchange/tags/DBSC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DBSC</span></a> <a href="https://infosec.exchange/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> <a href="https://infosec.exchange/tags/AnyDesk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AnyDesk</span></a> <a href="https://infosec.exchange/tags/GameOver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GameOver</span></a></p>
Ryan W. Featherston<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@Jackiemauro" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Jackiemauro</span></a></span> No response? <a href="https://mastodon.social/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://freiburg.social/@ditol" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ditol</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@samueljohn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>samueljohn</span></a></span> <span class="h-card" translate="no"><a href="https://23.social/@linuzifer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>linuzifer</span></a></span> </p><p><em>THIS</em> is where I disagree...</p><p>You may think it's elitist, but if people are too lazy to learn even fundamentals like how to use <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tails</span></a> then maybe they should just not do <a href="https://infosec.space/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> at all?</p><ul><li>Like: We expect people to show at the every least theoretical proficiency in terms of <a href="https://infosec.space/tags/TrafficCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TrafficCode</span></a> and <a href="https://infosec.space/tags/VehicleSafety" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VehicleSafety</span></a> in +every juristiction I'm aware of* and literally mandated <a href="https://infosec.space/tags/DrivingLicense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DrivingLicense</span></a>|s for that reason.</li></ul><p>I'll gladly teach <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterates</span></a> but I won't waste my time on <a href="https://infosec.space/@kkarhan/113344834546549105" rel="nofollow noopener noreferrer" target="_blank">people that spread disinfo</a>...</p><p>It's 2024: <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tails</span></a></span> has been out for over a decade and there are a shitload of guides ranging from written documentation to Zoomer-friendly TikTok-Style shorts on how to get started.</p><ul><li><p>I don't expect people to do <a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>airgapped</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener noreferrer" target="_blank">pffline-PGP</a> but with <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>thunderbird</span></a></span> including <a href="https://infosec.space/tags/Enigmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Enigmail</span></a> and not requiring any external dependencies like the god-awful <a href="https://infosec.space/tags/GPG4Win" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPG4Win</span></a> stuff's easier than ever.</p></li><li><p>Same with <a href="https://infosec.space/tags/mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mobile</span></a>: <a href="https://infosec.space/tags/Appls" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Appls</span></a> like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a> are so easy, I've been able to onboard literal tech-illiterates remotely with few steps and <a href="https://docs.monocles.eu/apps/chat.app/" rel="nofollow noopener noreferrer" target="_blank">simple instructions</a>. </p></li></ul><p>FOR THE LAST TIME: </p><p>*STOP MAKING EXCUSES TO JUSTIFY ESCALATING COMMITMENT TO EVIDENTLY BAD SOLUTIONS!"</p><ul><li>Cuz <a href="https://web.archive.org/web/20240000000000*/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">when push comes to shove</a> <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> herself would introduce a <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/backdoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backdoor</span></a> into <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> when faced with indefinite jailtime...</li></ul><p>Whereas with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the keys as well as <a href="https://infosec.space/tags/ReproduceableBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReproduceableBuilds</span></a> and <em>real</em> <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralization</span></a>, this would be evidently impossible even if all the devs wanted to comply honestly and not just because they could be held at gunpoint.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> is not your friend. It's merely a tax-exempt <em>"non-profit"</em> corporation, and corporations are explicitly nobodys friend - espechally when they demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/@kkarhan/111968251463697943" rel="nofollow noopener noreferrer" target="_blank">phone numbers</a> for useage.</li></ul><p>Compare that to <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monocles</span></a> where you do pay like €2 p.m. but in return get <a href="https://infosec.space/tags/standard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>standard</span></a> <a href="https://infosec.space/tags/protocols" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>protocols</span></a> like <a href="https://infosec.space/tags/IMAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMAP</span></a>, <a href="https://infosec.space/tags/SMTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMTP</span></a> &amp; <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> and <a href="https://monocles.eu/more/#payment-section" rel="nofollow noopener noreferrer" target="_blank">can pay anonymously</a> and not have to provide any PII whatsoever!</p><ul><li>And unlike <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> they ain't dependent on <a href="https://infosec.space/tags/VC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VC</span></a> funding and <a href="https://infosec.space/tags/grant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>grant</span></a> money to keep the lights on.</li></ul><p>Make of that what you will, but just like allowing flatearthers to roam freely without caretaker supervision doesn't make the world less round, so won't the facts change about <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a>. </p><ul><li>The only reason Signal is still online and not <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a> is because it's either a Sting op like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a> aka. <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationIronside</span></a> aka. <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationTrøjanShield</span></a> or they have already backdoored their <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backend</span></a> so hard that all their <a href="https://infosec.space/tags/marketing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>marketing</span></a> is just <a href="https://infosec.space/tags/lies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lies</span></a> like <a href="https://infosec.space/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a>...<br></li></ul><p>Because all <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solutions are bad, and if they don't even allow for <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> then they are just a <a href="https://infosec.space/tags/grift" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>grift</span></a> to <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scam</span></a> tech-illiterates that don't know and/or don't care! </p><p><a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EOD</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> <span class="h-card" translate="no"><a href="https://thecanadian.social/@Ulrich_the_elder" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Ulrich_the_elder</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> </p><p><em><a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a>!</em></p><ul><li>Honestly I didn't want to spoil it to him, that <a href="https://thecanadian.social/@Ulrich_the_elder/113340334294824573" rel="nofollow noopener noreferrer" target="_blank">this</a> was a <em>BAD MISTAKE</em>...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.net2o.de/@forthy42" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>forthy42</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fj</span></a></span> <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a>!<br><a href="https://infosec.space/@kkarhan/113292738181126901" translate="no" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1132927</span><span class="invisible">38181126901</span></a></p>
amanjeev | امن جیو | ਅਮਨਜੀਵ<p>you can never mitigate security issues. you can only postpwn them.</p><p><a href="https://cosocial.ca/tags/securityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityawareness</span></a> <a href="https://cosocial.ca/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> <a href="https://cosocial.ca/tags/astoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>astoot</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.treehouse.systems/@marcan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>marcan</span></a></span> <em>nodds in agreement</em> <a href="https://infosec.space/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> doesn't need to have backdoors in Hardware when their entire <a href="https://infosec.space/tags/iCould" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCould</span></a> <a href="https://www.youtube.com/watch?v=Ev9_oDHNf-4" rel="nofollow noopener noreferrer" target="_blank">is</a> <a href="https://www.youtube.com/watch?v=r38Epj6ldKU" rel="nofollow noopener noreferrer" target="_blank">backdoored</a> and can be <a href="https://www.youtube.com/watch?v=ifOifNBgyRg" rel="nofollow noopener noreferrer" target="_blank">weaponized</a> to <a href="https://www.youtube.com/watch?v=ZzS2vwDUO9U" rel="nofollow noopener noreferrer" target="_blank">brick devices</a>.</p><ul><li>OFC similar functionality can be achieved with <a href="https://infosec.space/tags/CompuTrace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CompuTrace</span></a> on <a href="https://infosec.space/tags/amd64" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>amd64</span></a>-based <a href="https://infosec.space/tags/Laptops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Laptops</span></a> (i.e. <a href="https://infosec.space/tags/ThinkPads" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThinkPads</span></a>) and compared to that, <a href="https://infosec.space/tags/AMT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AMT</span></a> + <a href="https://infosec.space/tags/ManagmentEngine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ManagmentEngine</span></a> is trivial to <a href="https://infosec.space/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>exploit</span></a> and should be considered real <a href="https://infosec.space/tags/backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backdoors</span></a> (abeit <em>"well meaning"</em> in the sense of remote provisioning of entire fleets of devices, but still allowing to bypass the OS and offering DMA access to the CPU, so basically <em>"<a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a>"</em>)...</li></ul><p>Either way, these are not inherent to the used <a href="https://infosec.space/tags/Silicon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Silicon</span></a>, but entirely <a href="https://infosec.space/tags/Firmware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firmware</span></a>-based.</p><ul><li>AMT for example requires a <em>"<a href="https://infosec.space/tags/Intel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Intel</span></a> <a href="https://infosec.space/tags/vPro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vPro</span></a>"</em> configuration with Intel-made Ethernet NICs (i.e. i2xx &amp; i3xx - Series) with a Q- or C-series Chipset &amp; supporting <a href="https://infosec.space/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UEFI</span></a>, so most Systems with cheap <a href="https://infosec.space/tags/Realtek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Realtek</span></a>-NICs aren't exploitable straight-away, and even then it requires certain settings to work, so not an easy <em>"<a href="https://infosec.space/tags/Pwn2Own" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pwn2Own</span></a>"</em> style exploitability...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://det.social/@Der_Waeller" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Der_Waeller</span></a></span> +1<br><a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a></p>
Wulfy<p>One of the endpoints attacking my VPS is a compromised router somewhere in Europe.<br>Keep your domestic routers secure people or the evil <a href="https://infosec.exchange/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackers</span></a> will have <a href="https://infosec.exchange/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> them.</p>
Thelonious08<p>Visual Debate Summary <a href="https://bsky.brid.gy/hashtag/Crushed" rel="nofollow noopener noreferrer" target="_blank">#Crushed</a> <a href="https://bsky.brid.gy/hashtag/Destroyed" rel="nofollow noopener noreferrer" target="_blank">#Destroyed</a> <a href="https://bsky.brid.gy/hashtag/Owned" rel="nofollow noopener noreferrer" target="_blank">#Owned</a> <a href="https://bsky.brid.gy/hashtag/Pwned" rel="nofollow noopener noreferrer" target="_blank">#Pwned</a> <a href="https://bsky.brid.gy/hashtag/Debate" rel="nofollow noopener noreferrer" target="_blank">#Debate</a> <a href="https://bsky.brid.gy/hashtag/USpol" rel="nofollow noopener noreferrer" target="_blank">#USpol</a> <a href="https://bsky.brid.gy/hashtag/USpolitics" rel="nofollow noopener noreferrer" target="_blank">#USpolitics</a> <a href="https://bsky.brid.gy/hashtag/NotGoingBack" rel="nofollow noopener noreferrer" target="_blank">#NotGoingBack</a></p>
Thelonious08<p>Will DonOld be furious that Fox Propaganda admitted he lost the debate? <a href="https://bsky.brid.gy/hashtag/Crushed" rel="nofollow noopener noreferrer" target="_blank">#Crushed</a> <a href="https://bsky.brid.gy/hashtag/Destroyed" rel="nofollow noopener noreferrer" target="_blank">#Destroyed</a> <a href="https://bsky.brid.gy/hashtag/Owned" rel="nofollow noopener noreferrer" target="_blank">#Owned</a> <a href="https://bsky.brid.gy/hashtag/Pwned" rel="nofollow noopener noreferrer" target="_blank">#Pwned</a> <a href="https://bsky.brid.gy/hashtag/Debate" rel="nofollow noopener noreferrer" target="_blank">#Debate</a> <a href="https://bsky.brid.gy/hashtag/USpol" rel="nofollow noopener noreferrer" target="_blank">#USpol</a> <a href="https://bsky.brid.gy/hashtag/USpolitics" rel="nofollow noopener noreferrer" target="_blank">#USpolitics</a> <a href="https://bsky.brid.gy/hashtag/NotGoingBack" rel="nofollow noopener noreferrer" target="_blank">#NotGoingBack</a></p>
Thelonious08<p>Not even Fox Propaganda could find a way to spin this as a victory for the orange clown. Kamala really beat him that badly. <a href="https://bsky.brid.gy/hashtag/Crushed" rel="nofollow noopener noreferrer" target="_blank">#Crushed</a> <a href="https://bsky.brid.gy/hashtag/Destroyed" rel="nofollow noopener noreferrer" target="_blank">#Destroyed</a> <a href="https://bsky.brid.gy/hashtag/Owned" rel="nofollow noopener noreferrer" target="_blank">#Owned</a> <a href="https://bsky.brid.gy/hashtag/Pwned" rel="nofollow noopener noreferrer" target="_blank">#Pwned</a> <a href="https://bsky.brid.gy/hashtag/Debate" rel="nofollow noopener noreferrer" target="_blank">#Debate</a> <a href="https://bsky.brid.gy/hashtag/USpol" rel="nofollow noopener noreferrer" target="_blank">#USpol</a> <a href="https://bsky.brid.gy/hashtag/USpolitics" rel="nofollow noopener noreferrer" target="_blank">#USpolitics</a> <a href="https://bsky.brid.gy/hashtag/NotGoingBack" rel="nofollow noopener noreferrer" target="_blank">#NotGoingBack</a></p>
Thelonious08<p>I'm looking forward to the next debate. Dotard Donnie maybe not so much. <a href="https://bsky.brid.gy/hashtag/Crushed" rel="nofollow noopener noreferrer" target="_blank">#Crushed</a> <a href="https://bsky.brid.gy/hashtag/Destroyed" rel="nofollow noopener noreferrer" target="_blank">#Destroyed</a> <a href="https://bsky.brid.gy/hashtag/Owned" rel="nofollow noopener noreferrer" target="_blank">#Owned</a> <a href="https://bsky.brid.gy/hashtag/Pwned" rel="nofollow noopener noreferrer" target="_blank">#Pwned</a> <a href="https://bsky.brid.gy/hashtag/Debate" rel="nofollow noopener noreferrer" target="_blank">#Debate</a> <a href="https://bsky.brid.gy/hashtag/USpol" rel="nofollow noopener noreferrer" target="_blank">#USpol</a> <a href="https://bsky.brid.gy/hashtag/USpolitics" rel="nofollow noopener noreferrer" target="_blank">#USpolitics</a> <a href="https://bsky.brid.gy/hashtag/NotGoingBack" rel="nofollow noopener noreferrer" target="_blank">#NotGoingBack</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.bentasker.co.uk/@ben" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ben</span></a></span> OFC that works...</p><ul><li>I bet you <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> will integrate <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Backdoors</span></a> (they claim don't exist) if <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> were to be threatened with a lifetime in jail until <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> complies...</li></ul><p>Cuz this is how all <em>"<a href="https://infosec.space/tags/secure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>secure</span></a>"</em> providers get <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a>!</p>
Joe Ortiz<p>Update: AT&amp;T it seems to have paid a ShinyHunters member over $373,000 to delete call records stolen from AT&amp;T's Snowflake account that exposed nearly all of AT&amp;T's customers. <a href="https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/atandt-paid-ha</span><span class="invisible">cker-300000-to-delete-stolen-call-records/</span></a><br><a href="https://archive.is/p50Ka" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="">archive.is/p50Ka</span><span class="invisible"></span></a></p><p>I'm sure it not really "deleted" though rather than "don't publicly release it" most likely.</p><p><a href="https://mastodon.sdf.org/tags/hacked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacked</span></a> <a href="https://mastodon.sdf.org/tags/pwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pwned</span></a> <a href="https://mastodon.sdf.org/tags/ATT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ATT</span></a> <a href="https://mastodon.sdf.org/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreach</span></a> <a href="https://mastodon.sdf.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.sdf.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.sdf.org/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>