JWZ's take on the whole Signal thing.
Great piece by Frank Denis ( jedisct1) on the challenges of taking your code open source and the overall entitled attitude of people using your open source code for free - and expecting free support:
"It doesn't work".
Denis is an amazing builder and maintains multiple powerful and important open source projects:
One thing I love about the https://noc.org DNS is the visibility it provides - including regions and resolvers.
If you want to move away from big tech and give a small provider a chance, you may like it :)
End of AMP? Someone can only dream:
Enough giving so much control to google.
HTTPS by default on chrome:
Wasn't this the default already? But good news anyway.
Password managers and browser extensions. What can go wrong?
Still better than not using a password manager.
Man, working with the Mozilla devs on Firefox bugs is always such a pleasure. I filed the bug yesterday, and already a dev has responded saying "let's make this work" and is pushing patches. I should be paying money for this browser. https://bugzilla.mozilla.org/show_bug.cgi?id=1699154#c2
Been saying that SMS is a bad 2FA for years....
Post from 2013: https://dcid.me/notes/2013-apr-19
And new report from Krebs:
Can We Stop Pretending SMS Is Secure Now?.
SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learnin...
@dcid best wishes for the staff and everyone involved! Disasters are serious in every aspect.
But as I read about this, I can't help but think about that other tragedy that happened with #GitLab a few years ago, that culminated in a so-called "Check Your Backups Day" https://news.ycombinator.com/item?id=13538168
I guess #backups are like exercise: everyone knows they have to do it, should be doing it, will do it someday, but wish they did it more only after the disaster strikes.
Based on this timeline, Microsoft screwed up big time here - so slow to respond and patch.
The Mastodon account search is back online (and running a lot faster):
Sorry for the downtime and sluggish performance it was having.
Utah just passed a new legislation to restrict content on the mobile devices of minors.
Pretty much forcing adult filtering to be on by default when they detect that it is a device used by a minor.
Quoting Chris Krebs:
"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03. Check for 8 character aspx files in C:\\inetpub\wwwroot\aspnet_client\system_web\. If you get a hit on that search, you’re now in incident response mode."
Founder of CleanBrowsing, Sucuri and OSSEC. Former VP Engineering, GoDaddy - CTO, Sucuri. Builder and breaker by heart.
Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.