Daniel Cid @dcid@noc.social
- Country
- Canada
- Website
- https://dcid.me
Admin
Founder of CleanBrowsing, Sucuri and OSSEC. Former VP Engineering, GoDaddy - CTO, Sucuri. Builder and breaker by heart.
Joined Jun 2020
Pinned toot
Remember. If you want your profile to be public here:
You need to go to Preferences->Profile and check "List this account in the directory".
Otherwise it won't show.
Pinned toot
My 7yo: "When I grow up, I want to be just like my daddy. He doesn't work and just spends his day at the computer doing nothing."
Daniel Cid
boosted
@dcid The relevant spec for the Permissions-Policy header is documented here: https://www.w3.org/TR/permissions-policy-1/
I elaborated more on this in another comment: https://pleroma.envs.net/notice/A6Js6Yxy0Q4uFfItvs
I elaborated more on this in another comment: https://pleroma.envs.net/notice/A6Js6Yxy0Q4uFfItvs
Trying to do my part:
$ curl -sD - https://dcid.me | grep 'permissions-policy'
permissions-policy: interest-cohort=()
Have you blocked FLoC yet? If you are using NOC, you can disable it with 1-click here:
https://my.noc.org/dashboard?page=cdn
More details on how to do it yourself:
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
Daniel Cid
boosted
They say AI is going to revolutionize the world, and yet Google still needs my help identifying fire hydrants on a daily basis.
Daniel Cid
boosted
~Open Source Security Tool of the Day~
urlhaus-filter
A blocklist of malicious websites that are being used for malware distribution, based on the **Database dump (CSV)** of Abuse.ch. Blocklist is updated twice a day.
Someone explain to me why that is not illegal ( inside trading ):
https://unusualwhales.com/i_am_the_senate
Ex:
"July 22: Congressmen Mo Brooks, Ed Perlmutter and Mike Conaway all bought Pfizer stocks in June/July right before the US gov signed a $1.95 billion vaccine contract"
Daniel Cid
boosted
@dcid if not there is always https://www.eff.org/https-everywhere
Daniel Cid
boosted
That's a first I think:
FBI authorized to login to compromised servers to remove the backdoor.
Daniel Cid
boosted
Bruce Schneier on Signal's cryptocurrency adventures:
"""
www.schneier.com/blog/archives…
"""
It’s not just that blockchain is just plain stupid. It’s not even that Signal is choosing to tie itself to a specific blockchain currency. It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.
"""www.schneier.com/blog/archives…
Daniel Cid
boosted
JWZ's take on the whole Signal thing.
https://www.jwz.org/blog/2021/04/signal-hops-on-the-dunning-krugerrand-bandwagon/
Great piece by Frank Denis ( jedisct1) on the challenges of taking your code open source and the overall entitled attitude of people using your open source code for free - and expecting free support:
https://00f.net/2021/03/26/it-doesnt-work/
"It doesn't work".
Denis is an amazing builder and maintains multiple powerful and important open source projects:
One thing I love about the https://noc.org DNS is the visibility it provides - including regions and resolvers.
If you want to move away from big tech and give a small provider a chance, you may like it :)
End of AMP? Someone can only dream:
https://www.lafoo.com/the-end-of-amp/
Enough giving so much control to google.
HTTPS by default on chrome:
https://blog.chromium.org/2021/03/a-safer-default-for-navigation-https.html?m=1
Wasn't this the default already? But good news anyway.
Password managers and browser extensions. What can go wrong?
https://timmyomahony.com/blog/substacks-ui-just-cost-me-2-023
Still better than not using a password manager.
Daniel Cid
boosted
Okay, next time a construction truck changes lanes into me, I'm not going to get the quarter panel fixed.
Daniel Cid
boosted
Man, working with the Mozilla devs on Firefox bugs is always such a pleasure. I filed the bug yesterday, and already a dev has responded saying "let's make this work" and is pushing patches. I should be paying money for this browser. https://bugzilla.mozilla.org/show_bug.cgi?id=1699154#c2
Been saying that SMS is a bad 2FA for years....
Post from 2013: https://dcid.me/notes/2013-apr-19
And new report from Krebs:
https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/
Daniel Cid
boosted
Can We Stop Pretending SMS Is Secure Now?.
SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learnin...
https://krebsonsecurity.com/?p=54819
Daniel Cid
boosted
- Country
- Canada
- Website
- https://dcid.me
Admin
Founder of CleanBrowsing, Sucuri and OSSEC. Former VP Engineering, GoDaddy - CTO, Sucuri. Builder and breaker by heart.
Joined Jun 2020
