Guillaume Endignoux

@gendx@infosec.exchange
292 Followers
367 Following
1.1K Posts
Software: security, cryptography, Rust enthusiast. Outdoors: mountains, cycling, trains. Zurich-based.
Bloghttps://gendx.dev
Blog (alternate)https://gendignoux.com
GitHubhttps://github.com/gendx
Codeberghttps://codeberg.org/gendx
Guillaume Endignoux2d ago
tante3d ago
Firefox should really strip down the browser to the core, make that performant and secure. Maybe even improve extension interfaces and then deliver whatever "AI" nonsense they want through extensions. Would make it so easy to stop having to talk about kill switches and how "hard" those are. Offer people all the slop extensions in the world and see who will download them.
Guillaume Endignoux3d ago
Michael Salbeck3d ago

Guten Morgen ☕

Das freie GraphenOS macht Schlagzeilen:
Die spanische Polizei nennt es "Geister-Betriebssystem". Und:

" 'Jedes Mal, wenn wir ein Pixel sehen, denken wir, es könnte ein Drogendealer sein' "
"Abhörmaßnahmen wirkungslos"
"Staatliche Malware funktioniert nicht wie geplant"

"Da die katalanische Polizei aber laut eigenen Angaben ohnehin jeden Pixel-User für einen Dealer hält, ist es wahrscheinlich günstiger, selbst gleich GrapheneOS zu installieren."

;-)

https://www.derstandard.de/story/3000000278495/katalanische-polizei-geht-gezielt-gegen-nutzer-von-pixel-smartphones-vor

Katalanische Polizei geht gezielt gegen Nutzer von Pixel-Smartphones vor

Auf den Geräten lassen sich alternative Betriebssysteme mit Fokus auf Datenschutz wie GrapheneOS installieren. Das reicht für einen Pauschalverdacht

DER STANDARD
Guillaume Endignoux5d ago
Stefano MarinelliJan 3

AI models don’t really 'get' the BSDs. As a result, they often provide incomplete, imprecise, or flat-out wrong answers by defaulting to Linux paradigms. When it comes to illumos-based systems, they just completely lose the plot.

This is becoming a serious issue for the BSDs and illumos ecosystems. We are seeing entire websites flooded with AI-generated tutorials and guides that are totally incorrect. Most people don't realize this; they follow the instructions, fail, and then assume that the BSDs doesn't work well or are 'unstable' because they have supposedly changed since the guide was written.

Luckily, some people eventually find my blog, reach out, and finally understand what's actually going on. Others, unfortunately, end up on major social sites or comments, claiming that these systems are broken.

In 2026, one of our greatest challenges will be teaching people how to vet their sources and filter information.
And I see this as a very, very uphill battle.

#IT #SysAdmin #FreeBSD #NetBSD #OpenBSD #illumos #News #UnderstandingText #Disinformation

Guillaume Endignoux5d ago
Hacker News 50Jan 2

US Government demands access to European police databases and biometrics [video]

Link: https://media.ccc.de/v/39c3-trump-government-demands-access-to-european-police-databases-and-biometrics
Discussion: https://news.ycombinator.com/item?id=46464929

Trump government demands access to European police databases and biometrics

media.ccc.de
Guillaume EndignouxJan 1
Cory DoctorowJan 1

*On December 28th, I delivered a speech entitled "A post-American, enshittification-resistant internet" for 39C3, the 39th Chaos Communications Congress in Hamburg, Germany. This is the transcript of that speech*:

https://archive.org/details/doctorow-39c3

--

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2026/01/01/39c3/#the-new-coalition

1/

Guillaume EndignouxDec 28
Show threadZack WhittakerDec 28

One of the most important tools you can use on the internet to protect yourself from online security and privacy threats is… an ad-blocker.

In this deep-dive (and one of my favorites), I explain how ad blockers defend against surveillance and malware. I also have plenty of ad blocker suggestions for you to consider!

https://this.weekinsecurity.com/why-ad-blockers-are-a-top-security-and-privacy-defense-for-everyone/

Why ad blockers are a top security and privacy defense for everyone

Ad blockers can help defend against some of the top hacks, scams, and surveillance today. Here are some of the best ad blockers that you can use.

~this week in security~
Show threadGuillaume EndignouxDec 27

I particularly appreciate the up-to-date and hardened Linux kernel, the lack of junk OEM apps, the ability to set permissions on all apps including system ones, the added ability to control permissions for network and sensors, etc.

On that last point, while most apps genuinely need network access, 99% don't need access to accelerometers and such, which can reveal a lot about your lifestyle (activity patterns, etc.). And even fewer apps need access to both network and sensors.

So far my only legit use case for sensors is the camera app to distinguish between portrait and landscape modes, and perhaps to avoid motion blur.

Guillaume EndignouxDec 27
Fairly accurate review, matches my experience with #GrapheneOS https://youtube.com/watch?v=gDR6V5OdnYg
Maybe This Phone ISN’T Just for Criminals - Trying Graphene OS for a Month.

YouTube
Guillaume EndignouxDec 27
Kevin BeaumontDec 26

Merry Christmas to everybody, except that dude who works for Elastic, who decided to drop an unauthenticated exploit for MongoDB on Christmas Day, that leaks memory and automates harvesting secrets (e.g. database passwords)

CVE-2025-14847 aka MongoBleed

Exp: https://github.com/joe-desimone/mongobleed/blob/main/mongobleed.py

This one is incredibly widely internet facing and will very likely see mass exploitation and impactful incidents

Impacts every MongoDB version going back a decade.

Shodan dork: product:"MongoDB"

Guillaume EndignouxDec 26
XKCD BotDec 26
#3186 - Truly Universal Outlet