-
5 votes
-
The impending doom of expiring root Certificate Authorities and legacy clients
6 votes -
What are secure alternatives to slack, and what are your experiences with them?
First, some context. The latest from the US justice department saying that they will be focusing on finding "ANTIFA leaders" is incredibly troubling for anyone involved in leftist groups. I...
First, some context. The latest from the US justice department saying that they will be focusing on finding "ANTIFA leaders" is incredibly troubling for anyone involved in leftist groups. I foresee a lot of good activists, regardless of how far left they actually are, arrested on trumped up charges in order to squash opposition.
Organizing is essential to resist fascism. This is made more difficult by the pandemic, as in person meetings bring a huge, almost unacceptable risk. As such, many orgs have been turning to platforms like Slack instead. Trouble is, Slack logs are not encrypted and I am certain that as a business based in the US Slack will not put up a fight to keep user data safe if the feds come calling.
I'd like to collect a decent list of alternatives. Important factors include encryption, ownership, open source status, ease of use, federation, scalability, hosting, cross platform, and anything else you can think of.
23 votes -
macOS 10.15.5 has a trivial bug or a ‘reprehensible’ security decision
7 votes -
Gopass - The team password manager
7 votes -
Edison Mail vulnerability allowing unauthorized access to email accounts of other users
4 votes -
TSA working on plan to check temperatures at some American airports
8 votes -
The confessions of Marcus "MalwareTech" Hutchins, the hacker who stopped WannaCry and was arrested by the FBI in 2017
33 votes -
Zoom acquires Keybase and announces goal of developing the most broadly used enterprise end-to-end encryption offering
38 votes -
CISSP qualification given cert status equivalent to Master’s degree level in Europe
3 votes -
Adobe patches sixteen critical flaws in Acrobat and Reader, Digital Negative SDK
5 votes -
Microsoft and Intel project converts malware into images before analyzing it
10 votes -
US President Trump flouts coronavirus protocols as security experts warn of need to protect the President from a lethal threat
12 votes -
Firefox Private Relay - Generate unique, random, anonymous email addresses
33 votes -
Microsoft's GitHub account allegedly hacked, 500GB stolen
11 votes -
Critical RCE vulnerabilities in SaltStack result in server breaches for LineageOS, Ghost, DigiCert, and more
15 votes -
Riot Games' new Vanguard anti-cheat system for Valorant involves a kernel mode driver that launches at boot, raising security concerns
28 votes -
Security guard in Flint, Michigan, shot and killed after asking Family Dollar shopper to wear mask
22 votes -
Leaked footage from The Last of Us 2 was likely obtained by hackers who exploited a security vulnerability in prior Naughty Dog games
5 votes -
Face ID doesn’t work when you’re wearing a mask—Apple’s about to address that
12 votes -
Love Bug's creator tracked down to repair shop in Manila
7 votes -
Building a secure DNS infrastructure like SecureDNS.eu
5 votes -
The real impact of an open redirect vulnerability
4 votes -
Hyperdome - the safest place to reach out
5 votes -
Explanation of how a one-line change in the Windows 10 kernel enabled a sandbox escape in Chrome/Edge/Firefox
6 votes -
Multiple vulnerabilities affecting the default Mail application on iOS since at least January 2018, with evidence of being exploited in targeted attacks
10 votes -
Is Border Gateway Protocol safe yet? No
4 votes -
US Department of Homeland Security attempts military surveillance of the Canadian border
8 votes -
After 9/11, Americans gave up privacy for security. Will we make the same trade-off after COVID-19?
21 votes -
Microsoft buys Corp.com so bad guys can’t
17 votes -
Thousands of Zoom cloud recordings have been exposed on the web because of the way Zoom names its recordings in unprotected AWS buckets
24 votes -
zWarDial, an automated tool to find unprotected Zoom meetings
7 votes -
Webcam hacking—The story of how I gained unauthorized Camera access on iOS and macOS
4 votes -
Does Linux need antivirus?
18 votes -
The story of the hijacking of Eastern Airlines Flight 1320 in 1970: The first hijacked US flight with a fatality, which led to many of the modern airline security measures
6 votes -
Speeding up Linux disk encryption
8 votes -
How long do we have left, exactly, until climate change affects our global food supply?
I'm not very knowledgeable about this stuff. How long do we have left, like, 10-15 years at the most?
6 votes -
The alarming scope of Presidential power during an emergency
4 votes -
Notes on auth token persistence
5 votes -
The White House has ordered federal health officials to treat top-level coronavirus meetings as classified
29 votes -
The main Avast antivirus service contained a custom JavaScript interpreter, enabling wormable pre-auth RCEs. Avast has now disabled the emulator in response to a vulnerability report
13 votes -
EARN IT act is a direct attack on end-to-end encryption
25 votes -
The case for limiting your browser extensions
9 votes -
Have I Been Pwned is no longer being sold, and Troy Hunt will continue running it independently
29 votes -
Sophos has received an offer to be acquired for $3.9 billion by private-equity firm Thoma Bravo
8 votes -
U2F help proposal
So, I cannot really financially contribute, but I'm a backend developer and I'd like to be able to authenticate using U2F 2FA. I'd like to know if you would be open to let me try to make a patch...
So, I cannot really financially contribute, but I'm a backend developer and I'd like to be able to authenticate using U2F 2FA.
I'd like to know if you would be open to let me try to make a patch that would add this feature to 2FA mechanisms.
12 votes -
Let's Encrypt has issued one billion certificates
12 votes -
EU Commission to staff: Switch to Signal messaging app
14 votes -
Defeating a Laptop's BIOS Password
13 votes -
Policy vs technology
15 votes