Mastodawn

Andr3Baca0 🐋Aug 19, 2024

Michael Stapelberg 🐧🐹😺Aug 19, 2024

I just released i3status v2.15:
https://www.freelists.org/post/i3-announce/i3status-v215-released

#i3

[i3 announcement] i3status v2.15 released - i3-announce - FreeLists

[i3 announcement] i3status v2.15 released, i3-announce at FreeLists

Andr3Baca0 🐋Dec 7, 2023

Podcast Ubuntu Portugal 🎙️Dec 7, 2023

Continuando no ciclo de anfitriões convidados, no episódio 276 tivemos o grande @Andr3Baca0

Neste episódio continuámos a cobrir eventos, abordando a @inercia , e a @bsideslisbon, falámos de "tilling window management" e muito #IoT com @homeassistant.

Oiçam, partilhem e subscrevam!
https://podcastubuntuportugal.org/e276/

#Linux #Ubuntu #OpenSource #SoftwareLivre #podcast #podcastsOfUbuntu

E276 O Abade de Bação

Desta vez recebemos a visita do André Bação, para fazer serão connosco. Para além de uma dose copiosa de vinhos regionais e fumeiro, trouxe-nos condensadores …

Andr3Baca0 🐋Dec 25, 2022

Happy Xmas everyone! Be safe and enjoy your family!!

Andr3Baca0 🐋Dec 23, 2022

SwiftOnSecurity Dec 23, 2022

LASTPASS NEWS ALERT AND COMMENTARY:
LastPass attackers know your name and billing address and all websites you have saved passwords for, and if your master password isn't sufficiently strong may be possible to brute-force open everything on attacker's machines.

PLEASE READ BEFORE PROCEEDING: https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

The fact LastPass doesn't encrypt website URLs is a known flaw it appears they never fixed on purpose, going back almost 6 years:
https://hackernoon.com/psa-lastpass-does-not-encrypt-everything-in-your-vault-8722d69b2032

This eventual possible security breach was planned-for as part of LastPass' design for username and password protection. This doesn't break the core offering.
But it has stripped away multiple layers of protection and will hasten my looking at @bitwarden

It's impossible to be completely secure in a massive offering. However I have always disagreed with their decision to not 100% encrypt all metadata, and this event shows that was a foolish choice when seen against the inevitable of the entropy our complex electronic systems.

In the end, a password manager is still right choice in comparison to alternative. And a cloud-native offering like LastPass strongly hedges against data loss by normal users trying to manage their own vault. That is an undersold primary risk, not hackers. Still, very disappointed.

Current password setup:
- Primary vault is LastPass with 2FA
- Core fallback "key" accounts like email that allow pw reset are only in a KeyPass db file with 20char password, synced via OneDrive+2FA.
- This is then further backed-up with BackBlaze, using 40char encryption key

Security Incident December 2022 Update - LastPass

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.

The LastPass Blog

Andr3Baca0 🐋Dec 9, 2022

Diogo Constantino Dec 8, 2022

@arturcoelho @Paulborgmeister com um agradecimento à vossa "classe": https://podcastubuntuportugal.org/e224/

E224 Esculpir o Miolo

Enquanto o Miguel e o Carrondo andam entretidos com tomadas, o Constantino andou a ver vídeos.

Andr3Baca0 🐋Dec 4, 2022

Anyone suggests a nice certification path for blue teams?

Andr3Baca0 🐋Nov 22, 2022

Just found this! GDPR tracker.
https://www.enforcementtracker.com/

I know for a fact that there are tons more that should be in this tracker and therefor paying fines due to lack of responsable behaviour while taking care of private data.

One massive example is Tap Air Portugal that failed in some many levels on their last known breach.

How is your country performing regarding people's private data?

#securitybreach #gdpr #breach #security #fines

GDPR Enforcement Tracker - list of GDPR fines

List and overview of fines and penalties under the EU General Data Protection Regulation (GDPR, DSGVO)

Andr3Baca0 🐋Nov 21, 2022

Podcast Ubuntu Portugal 🎙️Nov 21, 2022

Somos um #podcast dedicado ao #Ubuntu, ao #SoftwareLivre e outras cenas!
Se tecnologia, #Linux e #opensource são do vosso interesse então é possível que o nosso show também seja.

Esperamos que oiçam, gostem, subscrevam e partilhem!

Podem encontar o nosso site em https://podcastubuntuportugal.org

Andr3Baca0 🐋Nov 20, 2022

Show thread

Jerry 🦙💝🦙Nov 20, 2022

@xDL heh. Yes.
2 AMD 5950 16c/32thread 128GB ram with nvme ssds running sidekiq jobs
1 AMD 5950 16c/32thread 128GB ram with nvme ssds running elasticsearch and redis
1 AMD 5950 16c/32thread 128GB ram with nvme ssds running Postgres DB
2 AMD 5950 16c/32thread 128GB ram with nvme ssds running PUMA (mastodon web app) and nginx (only one is currently powered on - other is being reworked
1 AMD Epyc 32c/64th 400GB ram with 10TB of nvme ssd acting as a s3 storage provider and another nginx/PUMA web front end

Andr3Baca0 🐋Nov 11, 2022

@mariemoe Hi, thank you for you presentation at BSidesLisbon.

What are your opinions regarding open-source vital software like the one running medical devices?

What do you think around the obligation of open-source all EOL or End of Support medical equipment like pacemakers or insulin pumps?

🙏