Mastodawn

Manuel D'Orso 2d ago

The New Oil 2d ago

#AB1043’s Internet Age Gates Hurt Everyone

https://www.eff.org/deeplinks/2026/03/ab-1043s-internet-age-gates-hurt-everyone

#privacy #politics #AgeVerification #IdentityVerification

A.B. 1043’s Internet Age Gates Hurt Everyone

EFF has long warned against age-gating the internet. Such mandates strike at the foundation of the free and open internet. They create unnecessary and unconstitutional barriers for adults and young people to access information and express themselves online. They hurt small and open-source...

Electronic Frontier Foundation

Manuel D'Orso 6d ago

cc 6d ago

Critical N8n Vulnerabilities Allowed Server Takeover https://www.securityweek.com/critical-n8n-vulnerabilities-allowed-server-takeover/

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.

SecurityWeek

Manuel D'Orso Mar 6

Sovereign Tech Agency Mar 6

RE: https://mastodon.social/@sovtechfund/116158681333088146

Final call, the survey closes on Monday!

Manuel D'Orso Mar 5

kravietz 🦇Mar 4

Interesting new project from #Tor #SecureDrop - that’s essentially digitally signed web pages that are client-verified to prevent any server-side covert injection or backdooring. Sounds a bit like SRI (Subresource Integrity) but for the whole page and using digital signature not just server-delegated hash. Obviously, it won’t work for a typical ‘modern’ mash-up website that changes every minute, but sounds perfect for high-integrity and largely static pages such as SecureDrop.

WEBCAT helps protect users from malicious or unexpected changes to the client-side code of a web application. When a user visits a site that has enrolled in WEBCAT, the WEBCAT browser extension verifies the application’s served assets against a signed manifest before any content is executed. If verification fails, WEBCAT blocks the page from loading and shows a warning.

https://securedrop.org/news/webcat-alpha/

#infosec

Help us test WEBCAT alpha

Web applications are only as trustworthy as the servers that serve them, and servers can get hacked. So, last year, we introduced WEBCAT (Web-Based Code Assurance and Transparency), a project designed to enable verifiable in-browser code for web applications. We wrote extensively about WEBCAT’s requirements, constraints, and goals.Today, we’re excited to announce the alpha release of WEBCAT. In particular, we invite community participation in a new, decentralized enrollment infrastructure.

SecureDrop

Manuel D'Orso Mar 4

Jeff Hall - PCIGuru

Mar 4

At Mobile World Congress (MWC) in Barcelona, Motorola (a Lenovo company) announced a partnership with the GrapheneOS Foundation to deliver GrapheneOS, a privacy-focused Android fork, on future Motorola smartphones starting in 2027. https://www.zdnet.com/article/motorola-to-preinstall-grapheneos-on-2027-phones-mwc-2026/

I can't wait for Motorola's GrapheneOS phones: Why they're a win for privacy and open source

At Mobile World Congress, Motorola reveals plans to preinstall GrapheneOS, a privacy-focused Android fork, on smartphones starting next year.

ZDNET

Manuel D'Orso Feb 27

Renaud Lifchitz

Feb 27

Fips: Free Internetworking Peering System - Nostr mesh routing protocol
https://github.com/jmcorgan/fips

GitHub - jmcorgan/fips: Free Internetworking Peering System - mesh routing protocol

Free Internetworking Peering System - mesh routing protocol - jmcorgan/fips

GitHub

Manuel D'Orso Feb 24

The New Oil Feb 24

Across the US, people are dismantling and destroying #Flock #surveillance cameras

https://www.bloodinthemachine.com/p/across-the-us-people-are-dismantling

#privacy

Across the US, people are dismantling and destroying Flock surveillance cameras

Anger over ICE connections and privacy violations is fueling the sabotage. PLUS: 10,000 drivers call on Uber to repay stolen wages, a man is arrested at a public hearing about a data center and more.

Blood in the Machine

Manuel D'Orso Feb 20