Mastodawn

We strongly oppose the Unified Attestation initiative and call for app developers supporting privacy, security and freedom on mobile to avoid it. Companies selling phones should not be deciding which operating systems people are allowed to use for apps.

https://uattest.net/

Unified Attestation

Unified Attestation is a free, open-source alternative to Google Play Integrity with offline verification and simple app + server integration.

abacabadabacaba Mar 9

Tjeerd Royaards Mar 7

Red lines. Cartoon from last year, relevant as ever (I wish it weren't).

#WarCrimes #InternationalLaw #refugees #RedLines

abacabadabacaba Mar 9

Cat 🐈🥗 (D.Burch)

⁠

Mar 7

Can't wait to use and promote illegal operating systems that do not verify age.

abacabadabacaba Feb 20

Wladimir Palant Feb 18

Note how LastPass PR offloaded a ton of buzzwords here that don’t actually mean anything. They turned this kind of responses into an art. https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/

Bitwarden at least admits that a fully compromised server isn’t part of their threat model. It’s the same for LastPass, and in the past they’ve rejected vulnerability submissions based on that – there are a number of very simple ways in which a compromised server is able to access your “secure” vault. But they won’t admit it, hoping instead that the message will drown in the noise they produce.

For the sake of completeness: Dashlane’s response is merely generic. 1Password’s response is correct from what I can tell: the “compromised server” scenario has been considered and the risks arising from it are documented, nothing new here.

#LastPass #infosec

Password managers' promise that they can't see your vaults isn't always true

Contrary to what password managers say, a server compromise can mean game over.

Ars Technica

abacabadabacaba Feb 11

Stefan Eissing Feb 10

Do not travel to the USofA, part XXXIV:

- doing everything right is not enough
- white skin does not protect you
- detention may mean a cell shared with 70 people, fighting over food, without medical supplies
- your signature will get forged if you refuse
- judge orders for release on bail are ignored

https://www.theguardian.com/us-news/2026/feb/09/irish-man-seamus-culleton-ice-detention

Irish man with valid US work permit held in ICE detention for five months

Seamus Culleton has lived in US for two decades, married a citizen and runs a plastering business but faces deportation

The Guardian

abacabadabacaba Jan 29

Soatok Dreamseeker Jan 27

I heard Meta, Reddit, and other corporate owned social media are blocking links to https://icelist.is

Whatever you do, don't go to https://icelist.is

Definitely don't spin up a caching reverse proxy that mirrors https://icelist.is/

Doing that would make Zuck sad

ICE List – Put ICE on ice

abacabadabacaba Jan 24

Gabriele Svelto Jan 22

In the early days of personal computing CPU bugs were so rare as to be newsworthy. The infamous Pentium FDIV bug is remembered by many, and even earlier CPUs had their own issues (the 6502 comes to mind). Nowadays they've become so common that I encounter them routinely while triaging crash reports sent from Firefox users. Given the nature of CPUs you might wonder how these bugs arise, how they manifest and what can and can't be done about them. 🧵 1/31

abacabadabacaba Jan 12

Frank Sauer Jan 5

What EU doing?

abacabadabacaba Jan 4

evacide Jan 4

This year, for my mental health, I'm going to practice just letting people be wrong on the internet.

abacabadabacaba Dec 13

One more reason to never ever buy any digital content, or any devices that can be bricked remotely.
https://cloudisland.nz/@parisba/115710491106723110

Dr Paris (he/him) (@[email protected])

posted about my Apple ID woes, please share widely? https://hey.paris/posts/appleid/

Cloud Island