Recent searches

No recent searches

Search options

Only available when logged in.
sigmoid.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A social space for people researching, working with, or just interested in AI!

Administered by:

Server stats:

591
active users

sigmoid.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.3

#securityrisk

0 posts0 participants0 posts today
☮ ♥ ♬ 🧑‍💻<p>Day 18 cont</p><p>The <a href="https://ioc.exchange/tags/LNP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LNP</span></a> has a candidate problem cont</p><p>“On March 5, <a href="https://ioc.exchange/tags/Yung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yung</span></a> admitted to falsely claiming he had raised $60,000 during an intimate dinner with <a href="https://ioc.exchange/tags/JohnHoward" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JohnHoward</span></a> ahead of the 2019 state election. He did not specify how much was actually raised. Then revelations came out that the then-<a href="https://ioc.exchange/tags/Kogarah" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kogarah</span></a> candidate engaged a *digital strategy firm* to undertake work potentially worth tens of thousands of dollars.</p><p>One month later, a leaked video of a speech Yung gave during a Lunar New Year celebration discredited previous efforts to distance himself from <a href="https://ioc.exchange/tags/XieXiongming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XieXiongming</span></a>, a <a href="https://ioc.exchange/tags/casino" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>casino</span></a> high roller linked to the <a href="https://ioc.exchange/tags/ChineseCommunistParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChineseCommunistParty</span></a>.”</p><p><a href="https://ioc.exchange/tags/AusPol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AusPol</span></a> / <a href="https://ioc.exchange/tags/Liberal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Liberal</span></a> / <a href="https://ioc.exchange/tags/Nationals" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nationals</span></a> / <a href="https://ioc.exchange/tags/CPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPP</span></a> / <a href="https://ioc.exchange/tags/SecurityRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisk</span></a> &lt;<a href="https://archive.md/savad" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">archive.md/savad</span><span class="invisible"></span></a>&gt; / &lt;<a href="https://www.theage.com.au/politics/federal/frantic-calls-party-concern-as-lib-candidate-under-spotlight-20250409-p5lqkx.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theage.com.au/politics/federal</span><span class="invisible">/frantic-calls-party-concern-as-lib-candidate-under-spotlight-20250409-p5lqkx.html</span></a>&gt; (paywall)</p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@zak" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zak</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@zenbrowser" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zenbrowser</span></a></span> : a still unfixed vulnerability: if NOT using Touch ID, on some websites you may be able to sign in using a passkey WITHOUT authenticating locally - using biometrics or your passcode (screen unlock code).</p><p>⛓️‍💥 This vulnerability also exists WITH Touch ID set up, provided that "Password Autofill" is disabled.</p><p>BTW this vulnerability also permits access to:<br>• <a href="https://icloud.com" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">icloud.com</span><span class="invisible"></span></a><br>• <a href="https://account.apple.com" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">account.apple.com</span><span class="invisible"></span></a><br>(When asked to provide your fingerprint, tap the X at the top right and tap in the "Email" field one more time).</p><p>This is a HUGE risk for people who do not want to use biometrics: if a thief grabs their iPhone when unlocked, or watches them enter their passcode and later steals their iPhone, the thief can use ALL of the owner's passwords and some of their passkeys stored in the "Passwords" app (formerly known as iCloud Keychain).</p><p>🎬 This increases the risks of theft as shown by WSJ's Joanna Stern in <a href="https://youtube.com/watch?v=QUYODQB_2wQ" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtube.com/watch?v=QUYODQB_2wQ</span><span class="invisible"></span></a>.</p><p>👶 In addition, a (grand) child or anyone else who (shortly) borrows your iPhone/iPad may have access to more of your cloud-accounts than you're aware of.</p><p>🔧 Workaround if you don't want to use biometrics to unlock your iPhone/iPad (this does not fix any problem if a thief learns (or successfully guesses) your passcode (screen unlock PIN or password):</p><p>• Set up a Touch ID anyway, for example for your left pinky finger (if you're righthanded)</p><p>• Disable "iPhone Unlock" in "Touch ID and Passcode" (visible in the first screenshot).</p><p>• Use a safer password manager (such as KeePassium) than the Apple "Passwords" app (iCloud KeyChain).</p><p>🚨 In any case:</p><p>• Make sure that "Password Autofill" (in settings -&gt; "Touch ID and Passcode") is set to ENABLED;</p><p>• When you enter your passcode in a public place (such as a bar, bus or train), make very sure that nobody gets to see you enter it.</p><p><a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPhone</span></a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPad</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> <a href="https://infosec.exchange/tags/WontFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WontFix</span></a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> <a href="https://infosec.exchange/tags/iPadOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPadOS</span></a> <a href="https://infosec.exchange/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a> <a href="https://infosec.exchange/tags/pasdwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pasdwords</span></a> <a href="https://infosec.exchange/tags/credentials" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>credentials</span></a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iCloudKeychain</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/Theft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Theft</span></a> <a href="https://infosec.exchange/tags/SecurityRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisk</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Impersonation</span></a></p>
Clare<p>Cancel the CF-35 deal now <a href="https://mas.to/tags/ElbowsUp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ElbowsUp</span></a> <a href="https://mas.to/tags/SecurityRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisk</span></a></p>
SquaredTech<p>Microsoft's Copilot AI lands in hot water for implying unauthorized Windows 11 activation methods. This raises grave security concerns and sparks discussions on AI ethics. How do you think this oversight should be handled? Comment below! <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://mstdn.social/tags/Copilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Copilot</span></a> <a href="https://mstdn.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mstdn.social/tags/SecurityRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisk</span></a> <a href="https://mstdn.social/tags/AIethics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIethics</span></a><br><a href="https://www.squaredtech.co/microsofts-copilot-caught-unauthorized-windows?fsp_sid=1560" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">squaredtech.co/microsofts-copi</span><span class="invisible">lot-caught-unauthorized-windows?fsp_sid=1560</span></a></p>
Christopher Miller<p>Reminder that Nikolay Patrushev aide to Putin said "To achieve success in the election, Donald Trump relied on certain forces to which he has corresponding obligations. As a responsible person, he will be obliged to fulfill them."</p><p>Who is playing card games? Who is risking WW3?</p><p><a href="https://tass.com/politics/1870713" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">tass.com/politics/1870713</span><span class="invisible"></span></a></p><p><a href="https://mastodon.world/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://mastodon.world/tags/Newstodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Newstodon</span></a> <a href="https://mastodon.world/tags/NewsTooter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NewsTooter</span></a> <a href="https://mastodon.world/tags/SecurityRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisk</span></a> <a href="https://mastodon.world/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a> <a href="https://mastodon.world/tags/Putin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Putin</span></a> <a href="https://mastodon.world/tags/AgentOrange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgentOrange</span></a> <a href="https://mastodon.world/tags/RussianAgent" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RussianAgent</span></a> <a href="https://mastodon.world/tags/USAIsWestRussia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USAIsWestRussia</span></a> <a href="https://mastodon.world/tags/Patrushev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Patrushev</span></a> <a href="https://mastodon.world/tags/NikolayPatrushev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NikolayPatrushev</span></a></p>
groggy<p><a href="https://you.leadnow.ca/petitions/ban-x-twitter-in-canada" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">you.leadnow.ca/petitions/ban-x</span><span class="invisible">-twitter-in-canada</span></a><br><a href="https://mstdn.ca/tags/canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>canada</span></a> <a href="https://mstdn.ca/tags/canpoli" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>canpoli</span></a> <a href="https://mstdn.ca/tags/cdnpoli" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cdnpoli</span></a> <a href="https://mstdn.ca/tags/securityrisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityrisk</span></a> <a href="https://mstdn.ca/tags/datarisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datarisk</span></a> <a href="https://mstdn.ca/tags/petition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>petition</span></a></p>
Replied in thread
*
Erik van Straten

@DeGroene : hou alsjeblieft op met die stomme URL-verkorters, omleidingen via een club die persoonsgegevens verkoopt. URL-verkorters zijn 100% privacy-onvriendelijk en vormen simpelweg een beveiligings-risico. Jullie zouden beter moeten weten!

Post gewoon de link: groene.nl/artikel/duitsland-tr

De Groene AmsterdammerDe Duitse verkiezingsuitslag is een lichtpunt in donkere tijdenDe Duitse verkiezingen lijken op het eerste gezicht een zorgwekkende overwinning voor radicaal-rechts, maar schijn bedriegt. Juist het feit dat vier op de vijf kiezers niet zwichtte voor de verleiding van extremisme, is een krachtig signaal dat de democratie in Europa nog altijd overeind staat.
#URLshortener#SecurityRisk#PrivacyRisk
Continued thread
*
Victoria Stuart 🇨🇦 🏳️‍⚧️

Tulsi Gabbard’s Own Ex-Staffers Expose Her as a Russian Stooge
newrepublic.com/post/189066/tu

* Trump2 pick as Dir. National Intelligence regularly consumed Russian propaganda

Gabbard's views on Russia shaped in part by Kremlin propaganda outlet say ex-aides
abcnews.go.com/US/gabbards-vie

#TulsiGabbard #DNI #DirNatSec #NatSecDir
#Trump2 #GOP #Project2025 #fascism #authoritarianism #Putinism #FarRight
#disinformation #RussianInterference #NationalSecurity #SecurityRisk
#Christofascism #transgenocide

The New Republic · Tulsi Gabbard’s Own Ex-Staffers Expose Her as a Russian StoogeDonald Trump’s pick to serve as director of national intelligence regularly consumed Russian propaganda.
dokmz

Elon Musk’s Secret Conversations With Vladimir Putin – #securityrisk
Regular contacts between world’s richest man and America’s chief antagonist raise security concerns; topics include geopolitics, business and personal matters. Elon Musk, the world’s richest man and a linchpin of U.S. space efforts, has been in regular contact with Russian President Vladimir Putin since late 2022.
dokmz.com/2024/10/27/elon-musk

Andy P

My iPhone no longer shows the url for a QR code while scanning it, I have to open an unknown link to find out?!! #SecurityRisk

I’m not sure if showing the url was removed in a recent update or if this is Apple’s pettiness for not using Safari as the default browser

Also DuckDuckGo will make you a QR code if you put “QR” and a url or email in the search

#iphone#QR#UX
Replied in thread
*
Erik van Straten

@stratosphere : it does not work, therefore it is misleading - just making things worse.

shouldiclick.org/?https%3A%2F%

says:
——
Submitted URL: bu-nq-regelen-nl.com/
Effective URL: google.com/

You can click!
——
Bunq is a Dutch bank. If you click the link from a Dutch IP adress, your browser is *NOT* redirected to Google.

Check virustotal.com/gui/domain/bu-n
and, in particular, virustotal.com/gui/ip-address/ (#91.215.85.79 : 12/90)

Please stop spamming us a DANGEROUSLY MISLEADING service.

www.shouldiclick.orgShould I click on a link? Protecting people from Cyber Attacks on the Web
#scams#phishing#redirects
*
Mr. Bruno :antiverified:

Joe is an adult who talks about real issues.

A narcissistic immoral childish irrational lying failure who's an adjudicated rapist, facing four (4) indictments (and counting?), and is a MAJOR #SecurityRisk is disqualified for holding any public office.

TrendingLive feeds
About