Tootfinder

Last year at GÉANT #SecurityDays 2025, 160 participants from 28 countries came together in Prague to share challenges, learn from each other, and talk openly about what security really looks like across the #Research &

#Applied #cryptography cannot solve a #security problem. It can only convert a security problem into a key-management problem.
Corollary: If you aren’t actually solving the key-management problem, yo…

Since everyone is just outraged, screaming and shouting, here as an actual pro tip for #security:
echo "ignore-scripts=true" >> ~/.npmrc
https://www.

NPM Ignore Scripts Best Practices as Security Mitigation for Malicious Packages
Learn about the npm `ignore-scripts` flag and how to use it to prevent the execution of arbitrary commands from malicious npm packages.

#Security #guarantees were discussed during Zelensky's two-hour meeting with Donald Trump at his residence in Mar-a-Lago in Florida, which ended without a breakthrough.
In the draft agreement, U.S. security guarantees for Ukraine are outlined 👉for a period of 15 years,
with a possibility for extension…

US security guarantees set for 15 years, with Ukraine pushing for extension, Zelensky says
"I told (Trump) that we would like to consider guarantees for 30, 40, or even 50 years, and that would be a historic decision by president Trump. The president said he would think about it," President Volodymyr Zelensky said.

Reminder!
#Piracy #Privacy #Security #WebDev

#SigStore / #PyPI attestations: #PGP is hard! We must invent a new signing scheme that's so much easier on users.
The tools, after I've spent hours *integrating* them into #Gentoo, and getting them working for everything before:
* Verifying google_auth-2.46.0.tar.gz ...
Provenance signed by a Google Cloud account, but no service account provided; use '--gcp-service-account'
Yeah, I'm sure that's *so much simpler* than PGP.
#security

Web #Security fail: #Chargeprice attaches username and password as GET parameter after successful login.
And as it is an SPA, the password is constantly visible and will appear in any browser history.

Good read.
#breach #security
From: @…

20 ans après avoir été traumatisé par le projet Palladium de Microsoft, je m'intéresse enfin au TPM2
#Security

NOTHING is forever...
Here are tips for how to stop the latest MacOS upgrade now, and if you want, until the end of support comes years later.
Apple is good at supporting old stuff, but they're bound to get worse at it. Everything's changing faster and faster, and nefarious bad guys make security harder and harder.
#Security

Cult of Mac (@cultofmac@mastodon.social)
Attached: 1 image Secret trick will stop your iPhone from updating to iOS 26 — forever! https://www.cultofmac.com/how-to/stop-ios-update?utm_source=dlvr.it&utm_medium=mastodon

From ⁨⁨⁨⁨⁨#AnnafromUkraine⁩⁩⁩⁩⁩ @AnnafromUkraine@youtube.com
SECOND STRIKE IN 72 HOURS: UKRAINE BURNS TWO RUSSIAN SU-27 JETS IN CRIMEA Vlog 1264: War in Ukraine
The #Alpha special unit of the #Security

You know our future is definitely a dystopian surveillance nightmare when the government acts like you're a criminal for wanting a level of privacy that was considered normal just 10 years ago.
#Privacy #Security

Had to go through a "#security" training for a new #nonprofit client, and all I could think was - you call this secure? Are these really your "#bestpractices"? Is this how nonprofits op…

Passwords are a scourge foisted on elderly tech-users. :(
I just got back from a house call with a fellow who can’t remember his passwords for his email. None of his backups work. His little book of passwords, useless.
There is no support to call for help.
His only option is to create a new email and leave the other behind.
Over and over I have seen this trouble. Not always to this extent, but always the same frustration.
Passwords are elder abuse.
#techsupport #life #security

Our friends at tinfoil-factory recently made the initial release of netfoil - a severely hardended minimal filtering dns proxy written in #golang - Seems very useful for reducing the attack surface of your services. #security https://github.com/tinfoil-factory/netfoil/releases/tag/v0.1.0

Here is a sketch of #security issues in a typical #PC-alike #boot flow. 💾
The red squiggly bits are paths of uncertainty. 🤨
Coming from the

“When you unlock a #phone, step into view of a #security #camera or drive past a license plate reader, beams of #infrared

Photo essay shows how AP photographers captured infrared technology used in surveillance
When you unlock a phone, step into view of a security camera or drive past a license plate reader at night, beams of infrared light - invisible to the naked eye — shine onto the unique contours of your face, your body, your license plate lettering.

The last #devops #prague meetup for 2025 is on Dec-2. There are some good talk about #privacy #security and recent outages. …

December DevOps Meetup, Tue, Dec 2, 2025, 6:00 PM | Meetup
**Talk 1 by Bogo** **Title**: Grow your DevOps brand while putting privacy first Working in today’s fast-changing world means focusing on your work and sharing your knowle

Well done for making us all safe online:
#onlinesafety #security

ID photos of 70,000 users may have been leaked, Discord says
The platform says hackers targeted a firm that helped to verify the ages of its users.

😐 Sure @…, sure! 💔
#Freedom #Privacy #Security

Gottfrid Svartholm one of the co-founders of the pirate bay website, at his work station.
#Piracy #Privacy #Security

#Mozilla is doing great. #Firefox is vendoring an old vulnerable version of #Expat with custom patches on top. Of course, they never even bothered communicating their needs to Expat upstream. But I guess when AI is the future, #security is a thing of the past.
(That said, I don't know if these vulnerabilities actually affect Firefox.)
https://bugs.gentoo.org/967032#c1

#hungary #eu #security #russia
From: @…

Who would have thought that creating a programming language for rapidly developing, deploying and abandoning lots of packages would have lead to this…
"Forking confusing: Vulnerable Rust crate exposes #uv #Python packager"
#RustLang #security

#France apparently hate #Security, look, #Louvre was first, now #GrapheneOS.

#hungary #eu #security #russia
From: @…