🦄 Vlt (Cédric Hebert) 🇫🇷

@[email protected]
131 Followers
237 Following
328 Posts
I am the Eye in the Sky, looking at you.
Inventor of 'cloud active defense' (https://github.com/SAP/cloud-active-defense)
Githubhttps://github.com/valvolt/
Bloghttps://community.sap.com/t5/user/viewprofilepage/user-id/194173
FOSS deceptionhttps://github.com/SAP/cloud-active-defense/
🦄 Vlt (Cédric Hebert) 🇫🇷May 10
Em Apr 28

Anyone asserting encryption is a tool for crime is either painfully misinformed or is attempting to manipulate legislators to gain oppressive power over the people.

Encryption is not a crime,
encryption is a shield.

Encryption protects you from cyberattack, identity theft, discrimination, doxxing, stalking, sexual violence, physical harm, and much more.

For safety, for privacy, for democracy, and for all our human rights, it's critical that we defend our right to encryption.

https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#Privacy #Encryption #DigitalRights #HumanRights #Democracy #RootForE2EE

Encryption Is Not a Crime

Encryption is not a crime, encryption protects us all. Encryption, and especially end-to-end encryption, is an essential tool to protect everyone online. Attempts to undermine encryption are an attack to our fundamental right to privacy and an attack to our inherent right to security and safety.

Privacy Guides
🦄 Vlt (Cédric Hebert) 🇫🇷May 7
OhmbudsmanMay 7
"Dark patterns are specific web design tricks designed to influence users into doing something they don't actually want to do or that isn't in their best interest. They often exploit users' desire for convenience, their lack of time, or their fear of missing out. The goal is to trick users into making purchases, signing up for subscriptions or sharing personal information." #DarkPatterns #Meta #Facebook #Instagram https://www.dw.com/en/dark-patterns-investigating-online-manipulation/a-77072137?maca=en-rss-en-all-1573-rdf
'Dark patterns': Investigating online manipulation

Ireland's media regulator is investigating Facebook and Instagram on suspicion that so-called dark patterns are used to manipulate users.

Deutsche Welle
🦄 Vlt (Cédric Hebert) 🇫🇷Apr 17
Dr Micha CampbellApr 16

I've just stumbled across this incredibly useful explanatory chart on mansplaining. Petition for this to be prominently displayed in every workplace.

https://www.bbc.com/worklife/article/20180727-mansplaining-explained-in-one-chart

Mansplaining, explained in one simple chart

Kim Goodwin was asked to help some colleagues tell if they were being helpful or condescending. So she created a simple chart – which went unexpectedly viral.

BBC
🦄 Vlt (Cédric Hebert) 🇫🇷Mar 25
Show threadVissMar 25
ransomware except it signs you up to every mailing list for every vendor at rsa with your personal mobile phone and resubscribes you every 24 hours using mail aliases til you pay
Show thread🦄 Vlt (Cédric Hebert) 🇫🇷Mar 19
@bortzmeyer brilliant 🤣
🦄 Vlt (Cédric Hebert) 🇫🇷Mar 9

Since I'm good at finding excuses to postpone #writing, I coded a small #foss program... for writers.

No more excuse for me I guess, maybe something you will like?

https://github.com/valvolt/writer

Show thread🦄 Vlt (Cédric Hebert) 🇫🇷Feb 25
@bortzmeyer Ah oui, le fameux réverbère de D&D 2nd edition
🦄 Vlt (Cédric Hebert) 🇫🇷Feb 25
Gabriele BiondoFeb 25

No Hardening macOS this week. Got distracted.

Starkiller is a new phishing kit that proxies REAL login pages in real-time. It steals credentials, MFA tokens and session cookies — and MFA won't save you.

I wrote a full technical analysis: how AitM works, why traditional defences fail, and what to actually do about it.

Also released ja3-probe, a Rust PoC for TLS fingerprinting of phishing proxies.

→ Post: https://bytearchitect.io/network-security/Starkiller-Phishing-Kit-Why-MFA-Fails-Against-Real-Time-Reverse-Proxies/?ref=mastodon
→ PoC: https://github.com/gb-at-r3/ja3Probe

#infosec #phishing #AitM #MFA #TLS #security #rust

🦄 Vlt (Cédric Hebert) 🇫🇷Feb 22
aburtchFeb 22

RE: https://mastodon.social/@bsletten/116112393904621126

Holy smokes. Do not trust a company called Persona with your personal information. #privacy #infosec

🦄 Vlt (Cédric Hebert) 🇫🇷Feb 16
ChiefGyk3DFeb 16

I just starred sheeki03/tirith on GitHub: https://github.com/sheeki03/tirith

⭐ 1,761 stars • Rust
Your browser catches homograph attacks. Your terminal doesn't. Tirith guards the gate — intercepts suspicious URLs, ANSI injection, and pipe-to-shell attacks before they execute.