Kevin Karhan 
@mailbox_org oder einfach brauchbare #ITsec #InfoSec, #OpSec & #ComSec.
- Jede*r 08/15-Zahlungsdienstleister in Deutschland hat mehr Schutzmechanismen und Redundanzen eingeplant!?, weil @BaFin denen dazu in den Nacken atmet!
Shi
MarcAnother "Germany sucks at #ITsec" headline.
Stryker had to wipe systems after Iranian attack.
But let's be real: healthcare gets hit everywhere. US, UK, same story.
Are we actually worse, or just more self-critical?
The question isn't if we fail - > it's if we learn faster than others.
@hcf that's just wrong and you know that.
- If this was the case they'd not facilitate any #eMail whatsoever!
- They do it to facilitate a #toxic #LockIn to their #Apps and #WebMail at the cost of #interoperability, #Accessibility and #Privacy !
For example, if "#Security" was a real issue, they'd host their #IMAP+#SMTP access exclusively over @torproject / #Tor because #OnionServices are using fully-encrypted connections in a self-authenticating adress spaces.
- They don't because that isn't the issue, and I'm not talking about the Server-to-Server - Connectivity, which is INHERENTLY AND UNFIXABLE INSECURE WITH EVERY EMAIL PROVIDER unless they don't allow actual cross-provider eMails (or restrict it to very few, selected competitiors with spechally negotiated connectivity [i.e. #VPN|s], which to my knowledge NONE of the commercial providers do)…
I brought up @monocles because they at least don't lie to customers and are honest about security & privacy!
- If your "#security" relies on someone else risking jailtime, then you should IMHO get additional time for being "criminally incompetent" and "putting others at risk'…
@hcf @dans_root @earthnewstech if you don't understand the concept of "#Self-Custody" of Keys then you ain't in the position to be angry.
I merely hinted at the fact that @monocles isn't making false security promises and instead encourages proper #OpSec, #InfoSec, #ComSec & #ITsec practises…
Kevin Karhan :verified: (@[email protected])
@[email protected] @[email protected] @[email protected] except both fuck up their self-hosted PGP which doesn't doesn't do *real #E2EE* if you don't exercise #SelfCustody of all the keys and use #PGP/MIME over #IMAP+#SMTP! - Something that @[email protected] [does disclose in their documentation!](https://docs.monocles.eu/services/mail.service/#security_of_keys)
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕Beware of blank lines and white spaces — Supply-chain attack using invisible code hits GitHub and other repositories
Unicode that’s invisible to the human eye was largely abandoned - until attackers took notice.
#hacking #blankline #whitespace #github #supplychain #unicode #hack #git #code #coding #invisible #gitrepo #itsecurity #it #itsec
JuSchi#Krankenkasse #TK #Techniker #GrapheneOS #ITsec #Datenschutz #Kundenfreundlichkeit
Läuft's grundsätzlich nicht auf GrapheneOS - oder fehlen einfach nur die Google Services?
FrankMeine #Krankenkasse (#TK, #Techniker) weigert sich ja, #GrapheneOS für die Nutzung der eigenen Apps anzuerkennen.
Ich habe mir das nun lange genug angeschaut und denen mal eine längere Email geschickt.
Wie sieht das bei anderen Nutzern von GrapheneOS aus? Gibt es da sonst noch jemanden, der ebenfalls solche Probleme hat? Und wenn ja: wie hast DU reagiert?
Ich finde, wir sollten den Krankenkassen mal ein wenig Dampf machen.