Lukas

@[email protected]
75 Followers
170 Following
396 Posts
IT-Security @HHU_ZIM. #selfhosting, #FLOSS, #Netzpolitik, #Crypto, #Privacy und #Jugendarbeit.
homepagehttps://lrose.de
LukasMar 5
PSA: #Google is about to #lockdown #Android. Starting September 2026, Google will only allow Apps from registered developers on Android devices. This effectively gives them control over independent app stores like @fdroidorg and all developers that did not want to work with Google in the past. I have just sent an email to the european parliament about that matter. If you rely on independent app stores as well, feel free to do that, too! More information on https://keepandroidopen.org/
Keep Android Open

Advocating for Android as a free, open platform for everyone to build apps on.

LukasDec 6
I've been using the #Turris Omnia NG #OpenWRT #WiFi7 router for a month now. Read on my first thoughts here: https://lrose.de/posts/stateoftheturrisomniang/ :)
On the state of the Turris Omnia NG

Motivation I want to switch my network setup to open source software (and hardware) as much as possible. Therefore, I was looking for a modern OpenWRT WiFi device for quite a while now. I wanted stable OpenWRT support, enough computing power, memory and storage to run OpenWRT with some packages smoothly, preferably in open hardware. Most importantly, I wanted to directly go for WiFi 7 from my current WiFi 5 network. Even if I do not own any WiFi 7 devices yet, I want to use my new networking equipment for years to come, and therefore be future-proof. I also needed an SFP+ slot for cross-site connectivity, and preferably 2.5GiB+ copper ethernet as well to support the fast WiFi network.

lukaro's Blog
LukasOct 10
Vielen Dank an Ralph Caspers @hyperjinx für die tolle Moderation der Big Brother Awards! #BBA25 @digitalcourage
LukasSep 25
@via Hey! Glad to see the microfiche stream is back! Did you get a copyright takedown from YouTube?
LukasSep 23
Hi @Lilith, bin gerade über knastarchiv.de gestolpert. Super Sache, danke, dass du die Zeitungen sichtbarer machst. Das ist wirklich wertvolles Kulturgut. Hast du mal darüber nachgedacht, eine Sortierfunktion nach Titel und Erscheinungsdatum einzufügen? Die entsprechenden Metadaten müssten dir doch bereits vorliegen, oder? Und kriegen wir die Zeitungen vielleicht irgendwie auch ins Internet Archive?
Show threadLukasJan 15, 2025
2/2 Ich weiß, #Telefonkontakt ist teurer, aber ich kaufe doch bei euch ein! Und ich zahle gerne auch ein paar Euro mehr, wenn ich dafür im Problemfall eine schnelle Lösung am Telefon bekomme, anstatt tagelang auf E-Mail-Antworten zu warten. Ich finde das sehr frustrierend, und werde demnächst vor dem Bestellen darauf achten, ob es eine telefonische Kontaktmöglichkeit gibt. Vielleicht hilft das ja.
LukasJan 15, 2025
Man kann ja heute gefühlt nirgends mehr #anrufen. Bei den meisten #Unternehmen, mit denen ich als #Verbraucher Kontakt habe, gibt es nur FAQ-Seiten, #Chatbots oder Kontaktformulare. Oftmals gibt es nichtmal eine Mailadresse, und das Kontaktformular wird erst sichtbar, nachdem man sich durch den FAQ-Dschungel geklickt hat. Und einen Telefonkontakt gibt es schon gar nicht, oder wenn doch, begrüßt einen dort auch nur der Chatbot. 1/2
LukasOct 24, 2024
Just discovered a new gem for my collection of best bluescreens in public spaces! #Windows #bluescreen #bsod
Show threadLukasOct 17, 2024

#Zendesk blog post, so it might actually be legit: https://support.zendesk.com/hc/en-us/articles/8187090244506-Email-user-verification-bug-bounty-report-retrospective

"Zendesk identified a vulnerability through our bug bounty program" - no, you rejected him.

"[The researcher] violated key ethical principles by directly contacting third parties about their report prior to remediation." No, only after you rejected him, not prior to remediation.

This makes me like Zendesk even less.

#security #corporatebullshit

Email user verification bug bounty report retrospective

This summer, Zendesk identified a vulnerability through our bug bounty program which we worked with a researcher to address. We have no evidence that this vulnerability was exploited by a bad actor...

Zendesk help
LukasOct 17, 2024
A 15 year old claims to have found a bug in #Zendesk, allowing him to authenticate against the #SSO of companies using Zendesk, e.g. to access their #Slack. Zendesk allegedly ignored the #disclosure as "out-of-scope" until further pressure was applied. https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md

Gist