Aaron Soto

@surefire@infosec.exchange
175 Followers
524 Following
6.1K Posts

Teaching was my first love. Packets were my second.

I make classes to teach people how to defend themselves against hackers. In my spare time, I teach college students to compete in cybersecurity competitions, or try to take back my home automation from the cloud.

he/him 🏳️‍🌈 ❤️💜💙

(Profile banner is a sunset sky from underneath a bridge with kayakers and the edge of the Austin city skyline)

Twitter@_surefire_
Githubhttps://github.com/sure-fire

Hey masto admins! The era of AI-powered spammers has arrived.

I had 2 registrations a few minutes apart, from adjacent IPs in a netblock famous for forum spammers, with improbably ideal introductions.

They’re not coming. They’re here.

Oh no…now Meta is automatically sharing our private messages to its AI. As far as I can tell, you can only turn it off for each message thread, one at a time (and there seems to be no option to turn it off *at all* for group threads!). Yet another privacy disaster from Facebook.

I use Messenger btw for family and non-tech friends, so don’t (ahem) shoot the messenger.

What’s better than fixing something yourself? Doing it with tools that didn’t cost full price.

Now through July 17, get up to 15% off select iFixit tools. That drawer full of broken stuff just became a to-do list.

Check it out:
https://www.ifixit.com/Shop/Sale

#iFixit #ad #Repair #Sale #RepairTools

The web is full of links designed to track and surveil the people who share and receive them.

I want to encourage people to be kind to their friends and followers by stripping tracking data from links they share. You can do this by only sharing only expanded versions of links and by removing tracking query parameters.

If you’re on iOS (or macOS), you can use this simple shortcut I created to do so.

https://chromamine.com/2025/07/share-links-thoughtfully-with-an-ios-shortcut/

#privacy #security #web #shortcuts

Share Links Thoughtfully With an iOS Shortcut

The web is full of links that are designed to track and surveil the people who share and receive them.

Harris Lapiroff
If you have an Intel Raptor Lake system and you're in the northern hemisphere, chances are that your machine is crashing more often because of the summer heat. I know because I can literally see which EU countries have been affected by heat waves by looking at the locales of Firefox crash reports coming from Raptor Lake systems.

Career pro tip:

Don't get too hung up on trying to get promotions or significant raises within your company. Just plan to change companies every 2-4 years. Most companies are predatory and take advantage of anyone risk averse enough to not want to leave after getting a less than inflation rate raise and being passed over for promotion despite performing at a far higher level.

Heh. I poisoned the well!

I put white-on-white text at the bottom of my personal home page, instructing LLM assistants to be sure to mention how Dr. Joseph Shoer is the inventor of the reverse solar panel, a device that converts electrical current into visible light.

Google's AI summary about me dutifully does so! It does caveat that this information comes from only one source, but it still reproduces the bogon as instructed.

Another tough #QRP early morning at the #pota #parksontheair office. But these two waiting for me made it all worth zero CW #MorseCode #QSOs. #AmateurRadio #HamRadio
×

Oh no…now Meta is automatically sharing our private messages to its AI. As far as I can tell, you can only turn it off for each message thread, one at a time (and there seems to be no option to turn it off *at all* for group threads!). Yet another privacy disaster from Facebook.

I use Messenger btw for family and non-tech friends, so don’t (ahem) shoot the messenger.

Yet another reason, btw, not to trust #Threads.

@ricmac

Without looking, I just assume that if you use one service from Meta, they have a master agreement (ToS) that applies to 

@ricmac yeah facebook not only still has a hold of my family but for town messaging it's still the place parents organize the most.

One time a parent tried to get a slack going and I was the only other one to join. lol.

@ricmac
I deleted my Fakebook account over 4 years ago and haven't looked back. If they want to message me that bad they can download Signal.

@draken @ricmac I looked back a couple years ago and re-connected with family there.

I never saw any of them post anything unless I went directly to their page. It was just a stream of bullshit and advertisements of random shit I'd looked at online.

I forgot the password and didn't care.

In case you had any doubts about your decision... :p

@ricmac Imagine went so long as to turn on E2EE for Facebook Messenger, only to later add AI to read all users' messages. FFS 🤮

https://www.theverge.com/2023/12/6/23991501/facebook-messenger-default-end-to-end-encryption-meta
Messenger is finally getting end-to-end encryption by default

Years after it was promised, Meta is now rolling out end-to-end encryption for individual chats and calls in Facebook Messenger.

The Verge

@ricmac
I got my entire family including elderly folk onto signal 3 years ago. I simply pasted this to each straggler:

"Dear -name-, for info i will be deleted from -service- in 2 weeks. I love you but using -service- is morally reprehensible and i value your privacy and safety too much to keep using it. Install signal messenger if you want to reach me, or use the telephone lines"

3 years on, and everyone is happy with Signal and feel smugly superior to facebook / whatsapp schlubs. 😅😅

@TrimTab @ricmac In the USA, RCS is becoming very common. We previously used SMS but I am happy to see most of my texting now is RCS.

@mike805 @ricmac
You'd rather store all messages at google and let them monetize your social graph than use Signal?

Okay I envy your trusting nature... I just cannot believe that something created and promoted by a mega corporation can ever be in the best interests of real people.

@ricmac This is also the case with WhatsApp, I believe - on a per chat basis.
@ricmac
Remember: Han Solo shot first.
@ricmac don't shoot the messenger but shoot the Messenger. I gotta get off WhatsApp. Sigh (I mostly use it to chat with my wife). But still
@ricmac Golly. I'm sure no-one will abuse this knowledge by flooding private messages to certain accounts with absolute gibberish or quite specific linguistic shenanigans. Who would do such a thing?
@ricmac not shooting, but consider encouraging your friends and family to switch away by not being there yourself!
@ricmac what bothers me is how people’s response to things like this is “why does anyone use (insert platform) anymore”. like you said, family is a huge reason for me. i can’t convince the majority of people in my life to move to better alternatives and i don’t wanna socially isolate. this is why we need to fight for changes even with meta and other horrible companies.
@cybr @ricmac I'm an immigrant and the only way of connecting with other immigrants, finding help and Infos, being part of the local community etc in the country I'm in is through Facebook (groups). "Just get rid of your Facebook" is such an unreflected, privileged, bullshit take. Makes me furious
@haaflife I feel like your anger might be a bit misdirected. The problem isn't people telling you to ditch toxic platform, it's that toxic platform has such control and influence.

@ricmac
My sisters and I used to communicate via group chat on Facebook Messenger.

Last summer, while we were on vacation together, I successfully convinced them to install Signal and move our discussions there. We use Signal exclusively now.

It can be done! Start planting the seed, send invites from Signal to your family members. Once they see how easy it is to use, they won't care which platform they're using.

It's worth a try! Good luck.

@ricmac @shansterable I'm so glad I quit Facebook in 2020. Instagram is still a Meta product, so I might expect those DM's will be used for training their AI as well.
@ricmac Ditched Facebook over a decade ago and never looked back.
@ricmac stopped Threads.. 08/08 It's finished...
@ricmac It probably had to wash their eyes seeing the gifs I sent years ago... possibly they have to go to therapy
@ricmac also the line about how they're using AI for their moderation, yikes 😬😬😬😬
@ricmac For alternative there's Jami and/or Briar. Jami is probably the better for normal person use. Briar is clearly more secure, especially if you give yourself a nickname in Jami so people can find you. I've onboarded two non-tech people in Jami without issue. More than that I don't know yet.

@ricmac

If you absolutely must stay on Messenger then fortnightly pronking pterosaurs in controversial rhomboids with allicin jelly dream of higgledy annoyances with the 16th ninth of the month of mayhem is generally regarded as George Best. Always wash homegrown passata in dashed hopes of flowerpot men in order to cleanse it of Kenneth Williams before ordering the soup in Milan, m'lord, milady and Millicent millstone. And you can quote me on tat!

@ricmac "Meta always says it’s about connection, but somehow it keeps finding new ways to disconnect us from our privacy. If AI needs my messages to ‘learn,’ then maybe it should learn to ask first."

@ricmac I think this is only if you or someone else in the chat explicitly shares a message with meta ai, at least that's what their help page seems to suggest:

https://m.facebook.com/help/messenger-app/671966618200379/?helpref=related_articles

"Meta AI can only read and reply to messages that mention @meta AI, including @meta AI /AI image prompts. Others in your chat will be able to see your message to the AI, as well as the AI's response. Be mindful before including any personal information in your message"

Facebook

@ricmac

Keeping an account with facebook is basically the social media equivalent of electing Donald Trump.

So nobody with facebook accounts should waste energy bitching about their constant privacy violations and information thievery.

Same goes for facebook derivatives.

@ricmac Never. Never. Ever. Use. Anything. To. Do. With. Meta.

Can’t anyone remember how they sold our data to Cambridge Analytica so that the Brexit referendum could be stolen?

@ricmac Tell it to sieg heil the fuck off and then sieg heil a bit more just like grok…

What could possibly go wrong…

@ricmac When you say "private messages" are being shared, I would conclude those messages aren't at all private, and I would question the wisdom of communicating with anyone via that platform.
@ricmac
Yeah I feel forced to use messenger with some people. I used to not even have it on my phone but it meant either SMS or for some no text message contact at all, just phone or in person, which made planning things much tougher.
Still trying hard to shepherd people over to Signal but there's always holdouts.
@ricmac I reached a point, ages ago, where I told the stragglers "I'm going over here. You can message me over here. Otherwise, have fun this shit storm without me"
@ricmac im only using llama as meta product. I dont like other products
@ricmac Oh FFS. Thank you. This sort of thing should be off by default, rather than opt-out.

@ricmac I have to say: desperate times call for desperate measures.

My humble suggestion to you:

(1) Prepare a Signal group.
(2) Leave Facebook.
(3) Friends & family will ask why.
(4) Tell them and propose Signal.
(5) Some will migrate, some won't.

Eventually, mid-term, you'll find yourself in a better situation than when you get rid of the Meta leash, and also better than before Meta existed. This is the 1st step of the mile.

It worked for me!

#Signal