F. Maury ⏚

@x_cli@infosec.exchange
742 Followers
262 Following
3.9K Posts

Network and Protocol Security Specialist. I am currently freelancing on missions in the following domains: system, network, software and security engineering. I have a strong interest for applied cryptography, and I am used to give trainings and to write press articles and blog posts.

I am an antispeciesist, and member of L214, a French NGO fighting for animal rights. I also fight for LGBTQIA+ rights.

I am a RNG (Random Network Guy): do not expect better posts than those produced by an infinite number of monkeys.

#infosec #cybersecurity #network #crypto #linux #antispeciesism #author #privacy #podcast #devops #secdevops #devsecops #lgbt #fedi22 searchable

PronounsAny pronouns :nonbinary_flag:
OccupationNetwork Guardian Angel
Websitehttps://broken-by-design.fr/about
Podcast (Devops)https://pod.broken-by-design.fr
Position on AIKill it now
F. Maury ⏚35m ago
F. Maury ⏚7h ago
I'll be at Lille tonight, a day before the #pts25 kick-off. Anyone for a drink?
F. Maury ⏚7h ago
I'll be at Lille tonight, a day before the #pts25 kick-off. Anyone for a drink?
F. Maury ⏚1d ago
Show threadMerle Meyerdierks1d ago
"We showed that the multi-device support of the #Signal messenger can be abused to eavesdrop on all communication after a one-time credential breach. Thus, currently, the Signal messenger does not provide message privacy in the post-compromise security scenario." eprint.iacr.org/2021/626.pdf

eprint.iacr.org/2021/626.pdf
F. Maury ⏚1d ago
desirable_dialogue1d ago

#Signal silently falls back to "unsealed sender" messages if server returns 401 when trying to send "sealed sender" messages

"...Yes, one day the server could decide to no longer support sealed sender, and sends would go back to be unsealed, and the server would know who the sender is. There's not a great way to prevent that with the current design..."

https://github.com/signalapp/Signal-Android/issues/13842

Signal silently falls back to "unsealed sender" messages if server returns 401 when trying to send "sealed sender" messages · Issue #13842 · signalapp/Signal-Android

Guidelines I have searched searched open and closed issues for duplicates I am submitting a bug report for existing functionality that does not work as intended This isn't a feature request or a di...

GitHub
F. Maury ⏚2d ago

Deux agressions sur la route en deux semaines, dont une où le conducteur est sorti de sa caisse pour qu'on se tape, parce qu'il a trouvé que ne pas démarrer pied au plancher après un feu était inacceptable, et un poids lourd lancé à +100km/h a deux centimètres et demi de mon pare-choc arrière, pleins phares et klaxonant, alors que le trafic était hyper dense et la voiture devant moi à 50 mètres. Deux hommes, BTW.

C'est moi ou la conso de CBD devrait devenir obligatoire avant la prise du volant.

Ou le sexage in-utero pour diminuer la quantité de gros cons dans le monde. Au choix.

F. Maury ⏚Jun 20
Pass the SALT ConferenceJun 20

Last but not the least, let's end our program review with the PRIVACY session and 3 great talks 🤩

- @rafi0t will share the results of his last research about dirty tricks and code from some of the world's largest websites 🔍
- @x_cli will review the current state of the metadata from popular Instant Messaging applications 🎯
- and we will finally learn from Sihem Bouhenniche how easy it is (or not!) to fingerprint Android devices without specific permission 👾

⚠️ Available seats are disappearing quickly!
🎟️ Book your free seat: https://pretix.eu/passthesalt/2025/
📖 Schedule: https://cfp.pass-the-salt.org/pts2025/schedule/
📍 Lille, FR | 📅 July 1 to 3, 2025

Relays appreciated 🙏

F. Maury ⏚Jun 13
Bon PoteJun 12
Les Sénateurs ont ce soir refusé de voter pour la "taxe Zucman", soit taxer de 2% les patrimoines supérieurs à 100 millions d'euros.
Ils défendent donc les intérêts de 1800 ultra riches plutôt que de financer les services publics, l'école, la transition écologique... la fameuse "droite humaniste".
F. Maury ⏚Jun 11
Première Secrétaire du PortiJun 11

j'avoue que Meta capable d'associer votre historique de navigation avec votre identité sur mobile même avec un VPN même en navigation privée même sans être connecté à Facebook/Insta, c'est aussi ingénieux qu'affreux, je l'avais pas vu venir

https://localmess.github.io

Covert Web-to-App Tracking via Localhost on Android

F. Maury ⏚Jun 10
Bastien Le QuerrecJun 10

Le gouvernement et Macron relancent la bataille de la vérification d'âge sur les réseaux sociaux. La semaine dernière c'était la violence faites aux femmes qui était instrumentalisée, cette semaine c'est un fait-divers sordide qui sert d'excuse.

C'est donc le bon moment pour (re)lire la série d'articles de @sveawindwehr sur la question de la vérification d'âge dans l'UE.

Partie 1 : https://www.eff.org/deeplinks/2025/04/digital-identities-and-future-age-verification-europe
Partie 2 : https://www.eff.org/deeplinks/2025/04/age-verification-european-union-mini-id-wallet
Partie 3 : https://www.eff.org/deeplinks/2025/05/keeping-people-safe-online-fundamental-rights-protective-alternatives-age-checks

Digital Identities and the Future of Age Verification in Europe

This is the first part of a three-part series about age verification in the European Union. In this blog post, we give an overview of the political debate around age verification and explore the age verification proposal introduced by the European Commission, based on digital identities. Part two...

Electronic Frontier Foundation
F. Maury ⏚Jun 10
Pass the SALT ConferenceJun 10

today, back to the wire, we dive into our NETWORK security session 👾

1. Benoit Girard from @quarkslab will present us a plugin framework development he designed for #Wireshark 🛠️

2. Geoffrey Sauvageot-Berland from #orangecyberfr will detail a VLN he found in VRRP protocol 🎯

⚠️ Available seats are disappearing quickly!

🎟️GO & book your (free) seat: https://pretix.eu/passthesalt/2025/
📘Schedule: https://cfp.pass-the-salt.org/pts2025/schedule/#
📅July 1 to 3, 2025
📍Lille, FR

Relays appreciated🙏