thanks for everyone who actually writes informative posts on this thing ❤️
- 35 Followers
- 141 Following
- 4 Posts
pretty experienced software developer with a strong interest in #infosec. EU. Realist.
That's an interesting question!
I had this male friend who I admired for being smart and clever and a good musician as a 18yo.
A few years after we had lost contact, he invited me over but I was way less grown up than his friends.
So then I was too intimidated to reestablish contact for some years.
We both went off the facebook/whatsapp so now the communication is not in easy reach.
I should actually get on that, because i'm curious, and i'm sure i can figure out how to reestablish contact with a bit of google foo and have a good little catch up chat now. Even if he is a very private person (Could be, don't know. I certainly am.)
@lirantal As dev, I can confidently say this #vscode popup is unacceptable and has already done it's damage by causing widespread alarm fatigue.
They made this to show up on EVERY SINGLE FOLDER I open with vscode. It has so clearly been bogus from day 1 that i never even looked into what triggers it, because the criteria is clearly wrong.
It SHOULD have been designed to only show up when a .vscode directory exists in folder, or maybe if extensions with fancy auto-exec capabilities get loaded. Maybe vscode comes preloaded with those, but that's not my problem, I just used it as a dumb text editor on an empty repo and got this message. 
Context, I created this rant after thinking about this vscode exploit :https://infosec.exchange/@lirantal/110468310055535868 and how to protect developers from code exec via a repo they clone. This is not it.
Liran Tal :verified: (@[email protected])
Undocumented settings in VS Code lead to command execution and may be abused. Microsoft did end up fixing it. Here's the read on the security issue: https://blog.ammaraskar.com/vscode-rce/ Remember devs - open-source supply chain security is mostly about being able to target *YOU*.
@lori @solder_on I search for "calling flipperzero functions from python" and found this: https://github.com/wh00hw/pyFlipper
Looks alright and if it doesnt work you should at least get some error messages from python about what went wrong :)
Looks alright and if it doesnt work you should at least get some error messages from python about what went wrong :)
Wolfie ChristlT-Mobile US, a data broker partly owned by Deutsche Telekom and by the German government, now boasts to commercially exploit "billions of data signals" on 50m households, 110m customers and 230m devices about how they use apps, "what they do, where they go, and what they buy".
@GossiTheDog Looks interesting, thanks for sharing 
So it is my perspective as an left-party EU person that #tiktok being such a huge company everywhere is not a good thing, which implies the need for some sort of clever regulation.
That's it. I'm no expert.
#Orwell1984 was never about the privacy. It is about how a dictatorship controls people by giving them only the information that supports a pro-dictatorship world view.
Its super effective and frankly, super scary, if you think it through from the perspective of an individual worker in a society that will not think twice to throw you into the meat-grinder for the greater good.
@riskydotbiz had a take on the #tiktokban that I find interesting.
First off, let's completely ignore the privacy aspect please.
Now, the power aspect. Do we actually want a huge chinese media empire to exist worldwide? Because #tiktok is certainly that.
Now if tiktok actually enabled cultural exchange and friction between China and the rest of the world, that would be a different thing. But China has fully implemented information control. 🧵
@hackdefendr @topher yeah, it sounds like what you want is to roll your own long term support versions on a few key packages, and then use this vanilla os or some other one. The big downside i see is that you need to get security patches for your feature-frozen packages.
Maybe you want to pay for one license of red hat enterprise linux, isnt that what they do..?