Have strong opinions, but I welcome any civil fact-based discussion.
Mastodon: @BrikoX@freeradical.zone
I noticed this today too, no idea what is going on. Need to reach out to the instance admin, since it’s only happening on my instance as far as I can see.
ICC can’t impose death penalty as it’s against international human rights law.
McAfee blog offers some more details: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/
Added to the post body.
Several of mine:
Gaming communities are hard to grow since they require people who play the game to participate. You can only grow it on your own so much by posting the latest news.
Other active ones on lemmy.zip
:
It’s definitely not something a regular user should panic over. But it’s a huge deal since a lot of high security, sensitive targets also rely on the same library.
While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven’t tested other devices using the microcontroller, such as the SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contains the same vulnerability.
Both. The cryptographic library in question is also used in other cryptographic applications too, so it’s a huge mess.
It’s not mentioned, but I think the compatibility layer for 1.19 releases breaks support for older versions. Ask your instance admins to update the backend.
lemmy.world
is defederated from hexbear.net
instance…
Are there countries that have e-voting on a national level apart from Estonia? They had it since 2005 without any major issues.
It requires kernel level access to abuse, so it will probably be mostly used in targeted attacks. General good technical hygiene should be good enough to prevent becoming a random victim.
@freamon@lemmy.world/@andrew_s@piefed.social runs the bot.
Patch method is BIOS via OEMs. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
It’s listed as a honorable mention in the article.
More likely, it was just taken on 2 different devices. It’s reasonable that the camera or phone they owned changed in 15 years.
I think it more comes down to it not being Discord than people liking it.
Element X (Matrix client). Basically anything that offers F-Droid or open source release will have builds without built-in notifications. Play Store/App Store builds requires using native notification systems.
It was a conscious decision for them not to enforce E2EE by default. https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/
XMPP clients have like 10 different implementations because of that and are not always consistent with each other or even function universally across platforms.
But I’m not an author. That would be @nateb@mastodon.thenewoil.org.
Spoofing just changes the displayed called/sender ID, not the actual number. They would still need real numbers for each account. And they block a lot of VoIP numbers, like most services these days. And getting carrier SIMs or e-SIMs is a not that easy.
No mandatory 2FA as far as I know.
It’s there for a reason. You can’t easily create a spam waves if you need a phone number to create an account. And they added usernames now, so you don’t need to share your phone number with people you want to talk to. It’s just there to create an account and can be hidden after that.
There is Session, that uses UUIDs for names with no phone number requirement, which is basically a fork of Signal with decentralized Loki on top of it.
No audit, no 2FA, no transparency report, limited servers, proprietary clients. There are better options.