Discover and read the best of Twitter Threads about #Security

Most recents (24)

Thread updated of my infograhics : To make things more convenient and to help beginners in #infosec , I decided to regroup my #infographics with this tweet ! #Cybersecurity #Startups #IoT #ITsecurity #Security #tools
Some good tools useful in Infosec : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Some good tools for Mobile APP Security Testing : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Read 13 tweets
@ParthapratimKh3 @AkbAsis @barua_ashish @PaulGambles2 @RonnieChopra1 @mektronik @MonetaryWonk @BudimanJayaS @vtchakarova @ContextMatters4 1. The bigger picture: Most of the #US #Tech-tools you use have or build-in #spyware or can easily be #hacked - #Windows has backdoors, which can be used to access your system, your #iPhone (#spyphone) can be hacked with just bluetooth (giving away location, address-book, calls).
@ParthapratimKh3 @AkbAsis @barua_ashish @PaulGambles2 @RonnieChopra1 @mektronik @MonetaryWonk @BudimanJayaS @vtchakarova @ContextMatters4 2. Your #laptop has backdoors giving access to #camera & voice (and do you use #fingerprint-recognition? One more personal #data-set). Your #SmartTV has a backdoor & camera & #voicerecognition. Do you use #Alexa? Real people listen to your conversations!
#Privacy #Security
@ParthapratimKh3 @AkbAsis @barua_ashish @PaulGambles2 @RonnieChopra1 @mektronik @MonetaryWonk @BudimanJayaS @vtchakarova @ContextMatters4 3. #Assange called #Facebook "the wet dream of the #CIA": Rightly so - Used #facialrecognition without your consent, gives full access to #apps to all your personal information & some #SocialMedia give #NSA-access to servers.
Read 6 tweets
Some of you might be aware; I have been on a 4 year quest to build a smarthome. I am using and sometimes hacking existing solutions in most cases. I found some glaring lapses of security and privacy. A thread on @Xiaomi/@XiaomiIndia #security #privacy #iot @internetofshit
First up; my favourite robot which keeps my home clean. The Roborock S55 uses SLAM technology with cameras & sensors to generate a model of the house. It cleans really well & it leaks even better as it doesn't use HTTPS to communicate. It misses its home and keeps calling back!
Next up; one of the cheapest smart cameras in the market. The Xiaomi XiaoFang WiFi camera does 1080p video and costs less than Rs. 1200. I have many around the house for security purposes. It is a great oxymoron as its a security device with no security.
Read 15 tweets
EAC having a meeting on the Voluntary Voting System Guidelines now. 5 - 8pm EST. eac.gov/media/video-pl…

They are in public comment period now until the end of May.
There is no video right now. Only audio.
Here's the video
eac.gov/media/video-pl…
Read 40 tweets
... sometimes solving one problem begets another. #Igbo culture most laudably seems to be pushed by those in diaspora, as seen on the social media. However, 90% of what is shown is mainly #masquerading and #dances. Very beautiful. Moreover, there is need to emphasis other aspects
Like marriage, farming, food, poetry, arts & crafts, industry, commerce, architecture etc. There has been a great awakening; most nostalgia and sometimes, a relapse because one can't compete with global trends. Idolatry is on the increase pitched unto 'say' Omenala, our #culture.
African Traditional #Religion (ATR) especially as practiced by ndi Igbo was just a tip of the iceberg about their culture. It was the culture of a typical Igbo person not to go hungry, as such manliness, was measured by the number of yam tubers one had in his barn and other #farm
Read 14 tweets
Thread on the @KotakMF #FMP saga; Attn: @IndiaSebi

Highlight is on an #AMC which, in an FMP, considers it #prudent to reduce the risk, of an asset, by accepting a riskier asset as #security; knowing, the first asset shall mature with the FMP, giving no time to act if defaulted.
We reserve further comment. We shall just answer few questions raised by #investors.

1. FMP has a #fixedhorizon, at the end of which investors expect their money back. Also, they expect not to lose money. Knowing these expectations, who decided to launch the FMP?
Ans:Kotak AMC
2. A high #yield #portfolio may be made in many ways. Risk can be protected by structuring deal in many ways. Who made a portfolio of high #coupon/yield (11%) #debt instruments by lending upto 40% to #borrowers against security of their companies #equity #shares?
Ans: Kotak AMC
Read 23 tweets
All of you #recruiting #fullstack developers, or calling yourselves #fullstack #software #developers, this is the stack. I call #shenanigans.
#UI & #UX
#Accessibility
#Internationalization
#GraphicDesign
#Javascript
WAF and client-side #security
Client-facing #performancetesting
Caching & #CDN
#APIDesign
Identity management
#Microservices
#Database access patterns
#ContinuousIntegration
Build servers (#Jenkins)
Source code management
Deployment methodologies
#ConfigurationManagement
#InfrastructureAsCode
Infrastructure Security
#TDD
Concurrent programming
Backend performance testing
#Monitoring
Alerting
Storage subsystems
Messaging subsytems
#Networking
Read 4 tweets
👆#TurnKey,Inc.: #SEC turning the (same)key in the lock

Surprised that commentators think there is anything new in this decision. It is simply a different type of argumentation. It is for the first time a #negative #definition of #ICO #regulation by #securities#laws. Thread👇
👉1. In Munchee Inc., SEC claims (sec.gov/litigation/adm…):
⛔️Munchee has no viable product
⛔️tokens sold are not usable, but will possibly be in the future
⛔️ICO will fund the development of the project
⛔️MUN price will vary AND reasonable expectation of future profits
⛔️#profits (or losses) depend solely on efforts of #Munchee #managers
⛔️#marketing MUN token in the manner to induces the purchasers to believe there is a profit expected solely for buying MUN and reselling it later.
⚠️a positive definition -> this IS a security
Read 10 tweets
So erschütternd die Ereignisse beim #Chemnitz/er FC um #Haller auch sind, Schlussfolgerungen müssen gezogen werden. Ein Thread über #Prävention, #Männlichkeit, den Tod der „alten Garde“, #Neonazis in #Security-Unternehmen, die Opfer rechter #Gewalt und #Demokratie.
#Prävention I: Fußballclubs sind zentrale Institutionen einer #Gesellschaft und tragen dazu bei, wie sich diese politisch entwickelt. Jeder #Verein kann #Demokratie fördern durch Bildungsangebote für #Fußballfans und die eigenen Mitarbeiter*innen.
Prävention II: Viele Clubs tun dies bereits durch #Aktionstage zu #Zivilcourage und #Gedenkstättenfahrten zur Unterstützung, Sensibilisierung und Vernetzung von Fans, die sich gegen Diskriminierung engagieren. Daraus können andere lernen. #nonazis
Read 8 tweets
#IMO: One man shot dead by thugs during gubernatorial/state legislative #elections at Eziama Obire in Nkwere LGA. Victim said to be an agent of Peoples Democratic Party, #PDP. #NigeriaDecides2019
#ENUGU: One man #killed in Igbo-Eze North LGA. Police say Osondu Odoh, 30, was a supporter of #APC governorship candidate, Ayogu Eze. Eze’s media aide says victim was accidentally shot by #policeman. #NigeriaDecides2019 👇
#AKWAIBOM: One ballot snatcher #killed by soldier in Ikot Udo Ossiom village, Ukanafun LGA. Report says soldiers thwarted man’s first attempt to snatch boxes at polling unit, shot him when he returned for second attempt. #NigeriaDecides2019 #ElectionViolence 👇
Read 11 tweets
Happy International Women's Day! This #IWD2019 we'd like to encourage our followers to check out the profiles of some of the wonderful women we are lucky to work with at CTPSR!

(check out twitter.com/CTPSR_Coventry… for a full list of CTPSR Twitter users!)
First up - @heavencrawley. Heaven is Research Professor at CTPSR & Director of the UKRI GCRF Hub on South-South Migration, Inequality & Development. Follow Heaven for great insights based on her vast knowledge of a range of #migration & #development issues #IWD2019
.@drkristinaune is the head of our Faith & Peaceful Relations Research Group, and has recently been appointed Professor. Follow Kristin for commentary on issues of faith, community, Higher Education and gender #IWD2019 #FollowFriday
Read 20 tweets
If you're a student of #AI and want to become a force for #good, learn:

- AI #fairness
- AI #privacy
- AI #security
- AI #verification
- AI #adversarial defenses

IMO - most folks still don't know how these fields work

Be the change

(#tutorials in replies 👇)

#100DaysOfMLCode
Read 4 tweets
HOW TO TRACE A MISSING OR STOLEN PHONE

If you lose your mobile phone, you can trace it without going to the police.

Most of us always fear that our phones may be stolen at any time.

Each phone carries a unique
IMEI no. i.e. International Mobile Equipment Identity
No which can be used to track it anywhere in the world.

This is how it works:

1. Dial *#06# from your mobile.

2. Your mobile phone shows a unique 15 digit.

3. Note down this number at a secure place except in your mobile phone itself as this is the number which will help
trace your phone in case of theft.

4. Once stolen, just E-mail this 15 digit IMEI No. to cop@vsnl.net with details as stated below:

Your name:____________________
Address:______________________
Phone model:_________________
Make:_________________________
Read 5 tweets
1/8: Thread about #privacy.

Say you're at a public event and there's a photo booth where you can have your picture taken and printed + sent to you by e-mail. You don't get more info than that.

Do you (or should you) expect your pictures to be publicly available on the Internet?
2/8: I was at this O'Learys bar with a @PepsiMAX sponsored event where you could see the original @ChampionsLeague trophy. @fotobaren had a photo booth where you could get a free print photo in front of the trophy.
Someone™ failed to inform that anyone could find the pix online.
3/8: When I was asked if I wanted the pic by e-mail I thought "I wonder if they got their #security in order". To keep it short; very easily I could see all 886 pics taken for the event in both Oslo and Bergen.

Do anyone in the pics know this? How long will they stay online?
Read 9 tweets
QUESTIONS YOU SHOULD NEVER ANSWER ON/OFFLINE - Have you been asked about your -

- Childhood
- Family
- Favorites
- Favorites Historical
- Firsts
- Personal Characteristics
- Education
- Work

A #thread

#SecurityQuestions #Beware #BeAware #Risk #Security
A security question is a form of shared secret used as an authenticator.

It is commonly used by banks, cable companies and wireless providers as an extra security layer. - @Wikipedia

#SecurityQuestions #Beware #BeAware #Risk #Security
When a random post asks you any or a combination of any the following questions, let your antenna be up and please ignore:

The house number & street name you lived in as a child?

#SecurityQuestions #Beware #BeAware #Risk #Security
Read 21 tweets
It's #SaferInternetDay today. Will tweet some tips today.
1. You can't lose what you don't have. Only register an account for a website or app when you really need to. Use a throwaway email address (like Mailinator) and fake as much personal data as possible.
#Security
2. Never reuse passwords. Even not for "low value" accounts. Use a password manager or even a password book if that's most convenient for you to support you in creating unique passwords.
#SaferInternetDay #Security
3. Configure 2FA for your online accounts when possible, even if only SMS based 2FA is available. 2FA is always better than no 2FA. Configure a fallback (2FA backup codes or other recovery mechanism) for when the code cannot be received or generated.
#SaferInternetDay #Security
Read 10 tweets
Another card consolidation scheme. "Curve".
Whether you're a small business or a giant payments provider, if some nobody startup tries to wedge itself between you and your customers, f$%^ them up, with extreme prejudice. Seriously.
My previous comments on Curve's lazy, cynical, parasitic business model:
Another failed scheme from a few years ago, "Fuze"
facebook.com/ideafaktory/po…

And Amazon tried this with their "wallet"
facebook.com/ideafaktory/po…
Read 6 tweets
"I want to warn the world about an unprecedented danger that’s threatening the very survival of open societies.

…I’ll focus on #China, where President #XiJinping wants a one-party state to reign supreme."

project-syndicate.org/onpoint/the-ai…
"Xi is trying to consolidate all the available info about a person into a centralized database to create a 'social credit system'..people will be evaluated by algorithms that will determine whether they pose a threat to the 1-party state. People will then be treated accordingly."
"#China is not the only #authoritarian regime in the world, but it is undoubtedly the #wealthiest, #strongest & most developed in machine learning & #AI.

This makes #Xi the #most #dangerous #opponent of those who believe in the concept of #OpenSociety."

project-syndicate.org/onpoint/the-ai…
Read 22 tweets
Your browser is (probably) one of the apps you use most throughout the day. What can it do to protect your privacy online? Let's take a look.

vi.tc/2CICDnZ

#privacy #Security #YourBrowserMatters
Your browser:

1. Secures your connection to websites.

When you connect to a secure (https) website, your browser establishes a secure connection with that website. All data is encrypted so that only the browser and the website can see what is being sent over the connection. 🔒 The site info pane in Vivaldi browser
2. It checks for certificates.

Your browser checks the certificates sent by the website to make sure you’re connecting to the real domain. That stops attackers from pretending to be that website. Simply put, an attacker will not have the website’s certificate.
Read 13 tweets
So I wanted to encrypt some files. Thought about using 7z+password. Stackexchange folks said "Didn't review it but it should be fine. You can browse the code yourself". So I did. After a few mins I noticed they use 8byte "random" IV. Yes, half of IV is zeroes. But it gets worse.
Aside from the fact that 7z XORs plaintext with zeroes, I was curious about the "RandomGenerator" which generates IV. That's when I vomited. The first comments say "This is not very good random number generator. Please use it only for salt." It is not used only for salt.
Yes, it uses PID and time(null) as seed. Yes, this is 7zip's random generation code running on your computers in 2019. More "cursed" code below. #7zip #encryption #facepalm #randomness #entropy #RNG #crypto #cryptofail
Read 9 tweets
We all love your media player, but that’s really rude #VLC 🙄

VLC developers refused to consider #software "update-over-HTTP" as a threat.

Responded→ “no threat model. no proof. no #security bug"

It wouldn't hurt if you simply consider the suggestion.

trac.videolan.org/vlc/ticket/217…
Though VLC updates are "signed and authenticated with OpenPGP," as developers said, adding an inexpensive but an important extra later of security is a considerable suggestion.
Yes, absolutely. But Looking at your software' popularity and the user base, adding another "easy to implement" second-factor authentication is not a bad idea. Or is it?

Read 3 tweets
There are just over two weeks left to submit a talk for #GR8Conf EU 2019 at cfp.gr8conf.org

If you need ideas, here's a thread.

#groovylang #grailsfw #gradle #spockfw #gebish #griffon #springboot #micronautfw #ratpackweb #sdkman #android #devops #ci #cd #cfp #jenkins
Feel free to like/❤ a topic you’d attend and @ people you think should submit a talk on this topic. I have A LOT of ideas so I’ll spread this out over a few days maybe a week depending on how this goes.
1/ an intro to @spockframework

including:
- using #spockfw in a polyglot organization including any tips/tricks for integrating with other languages like #Java and #Kotlin
- the top things you wish you knew when you started using spock
- good testing practices in general
Read 15 tweets
Second cache of 9/11 docs released by The Dark Overlord hackers rt.com/usa/448416-hac…#september11 #DarkOverlord #TheDarkOverlord #ITsec #ITsecurity #IsraelDid911
According to @Forbes, the cybercrime group known as #TheDarkOverlord has acquired 18,000 documents, many of which are related to the 9/11 events, and are demanding #bitcoin ransom in return for the data. #DarkOverlord
forbes.com/sites/thomasbr…
Read 24 tweets
@KonikuTech We are deliberate...Yes, we work with great intent, always and rightfully so. Did you know the word Koniku means immortal? It comes from the south of Nigeria. There is a whole back story it? Would you like to know...? 1/6
Now, have you seen the device we are debuting soon? Its inspired by natural iridescence: pinterest.com/pin/8760915523…. The iridescence typified by the Scarabaeus sacer of Egyptian mythology, the divine manifestation of the early morning sun...Read about Ra: en.wikipedia.org/wiki/Ra 2/6
For those fortunate enough to have visited the Koniku HQ in Berkeley (🤫, your NDA still applies...sorry 🥺... blame the lawyers), one of the first remarks they make is: "it's a Jellyfish!". Yes, that's also deliberate. The number 1 remark is "how do you keep neurons alive?" 3/6
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!