TechHub

1 post1 participant0 posts today

Daniel ReedersI can't speak for the quality of care offered here but the need is enormous. Fuck it all.<a href="https://www.theguardian.com/australia-news/2025/apr/14/nsws-sole-womens-only-clinic-dedicated-to-trauma-ends-game-changing-focus-ntwnfb" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theguardian.com/australia-news/2025/apr/14/nsws-sole-womens-only-clinic-dedicated-to-trauma-ends-game-changing-focus-ntwnfb</a> <a href="https://beige.party/tags/nswpol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nswpol</a> <a href="https://beige.party/tags/dv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dv</a> <a href="https://beige.party/tags/pvaw" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pvaw</a> <a href="https://beige.party/tags/ptsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ptsd</a> <a href="https://beige.party/tags/women" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#women</a>

AnnaIn case it was missed in the post above, this is my updated article:👉 <a href="https://www.thecanary.co/global/world-analysis/2025/04/01/anna-severe-me-cfs/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.thecanary.co/global/world-analysis/2025/04/01/anna-severe-me-cfs/</a>My doctor predicts I will die if I don’t leave soon. I need a solid, safe, home I can go to and recover to at least a stable baseline. It’s not full recovery, but it’s better than a slow death.Help please 🙏 <a href="https://aus.social/tags/PwME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PwME</a> <a href="https://aus.social/tags/LongCovid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LongCovid</a> <a href="https://aus.social/tags/MECFS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MECFS</a> <a href="https://aus.social/tags/Hypothyroidism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hypothyroidism</a> <a href="https://aus.social/tags/ChronicIllness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChronicIllness</a> <a href="https://aus.social/tags/Neisvoid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Neisvoid</a> <a href="https://aus.social/tags/Abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Abuse</a> <a href="https://aus.social/tags/Housing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Housing</a> <a href="https://aus.social/tags/Dysautonomia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dysautonomia</a> <a href="https://aus.social/tags/SocialWork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialWork</a> <a href="https://aus.social/tags/MedMastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MedMastodon</a> <a href="https://aus.social/tags/PWLC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PWLC</a> <a href="https://aus.social/tags/MutualAid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MutualAid</a> <a href="https://aus.social/tags/HumanRights" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HumanRights</a> <a href="https://aus.social/tags/Press" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Press</a> <a href="https://aus.social/tags/Housing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Housing</a> <a href="https://aus.social/tags/Journalism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Journalism</a> <a href="https://aus.social/tags/MECFS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MECFS</a> <a href="https://aus.social/tags/SevereME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SevereME</a> <a href="https://aus.social/tags/Abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Abuse</a> <a href="https://aus.social/tags/Neglect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Neglect</a> <a href="https://aus.social/tags/MutualAid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MutualAid</a> <a href="https://aus.social/tags/Narcissist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Narcissist</a> <a href="https://aus.social/tags/Psychopath" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Psychopath</a> <a href="https://aus.social/tags/MCAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MCAS</a> <a href="https://aus.social/tags/MCAD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MCAD</a> <a href="https://aus.social/tags/Endometriosis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Endometriosis</a> <a href="https://aus.social/tags/ChronicPain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChronicPain</a> <a href="https://aus.social/tags/CostOfLivingCrisis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CostOfLivingCrisis</a> <a href="https://aus.social/tags/Melbourne" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Melbourne</a> <a href="https://aus.social/tags/Australia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Australia</a> <a href="https://aus.social/tags/DomesticAbuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DomesticAbuse</a> <a href="https://aus.social/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a><a href="https://a.gup.pe/u/chronicillness" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@chronicillness</a> <a href="https://a.gup.pe/u/longcovid" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@longcovid</a> <a href="https://a.gup.pe/u/neisvoid" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@neisvoid</a> <a href="https://a.gup.pe/u/disabilityjustice" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@disabilityjustice</a> <a href="https://a.gup.pe/u/disability" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@disability</a> <a href="https://a.gup.pe/u/socialwork" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@socialwork</a> <a href="https://a.gup.pe/u/dysautonomia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@dysautonomia</a> <a href="https://a.gup.pe/u/mutualaid" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mutualaid</a> <a href="https://a.gup.pe/u/mecfs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mecfs</a> <a href="https://a.gup.pe/u/chronicpain" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@chronicpain</a> <a href="https://a.gup.pe/u/mcas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mcas</a> <a href="https://a.gup.pe/u/australia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@australia</a> <a href="https://a.gup.pe/u/melbourne" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@melbourne</a>

Europe Says<a href="https://www.europesays.com/1961251/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.europesays.com/1961251/</a> EJÉRCITO ESPAÑOL | ¿A quiénes reclutarían primero si España entrara en guerra? <a href="https://pubeurope.com/tags/ciudadanos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ciudadanos</a> <a href="https://pubeurope.com/tags/Constituci%C3%B3n" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Constitución</a> <a href="https://pubeurope.com/tags/dv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dv</a> <a href="https://pubeurope.com/tags/Ej%C3%A9rcito" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ejército</a> <a href="https://pubeurope.com/tags/Espa%C3%B1a" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#España</a> <a href="https://pubeurope.com/tags/Guerra" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Guerra</a> <a href="https://pubeurope.com/tags/llamarian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#llamarian</a> <a href="https://pubeurope.com/tags/noticias" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#noticias</a> <a href="https://pubeurope.com/tags/quien" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#quien</a> <a href="https://pubeurope.com/tags/recluta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#recluta</a> <a href="https://pubeurope.com/tags/sociedad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sociedad</a> <a href="https://pubeurope.com/tags/soldados" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#soldados</a> <a href="https://pubeurope.com/tags/spain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#spain</a>

Erik van StratenLet's EncryptIn <a href="https://infosec.exchange/@aral@mastodon.ar.al/114224524044750719" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@aral@mastodon.ar.al/114224524044750719</a> <a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> wants us to pay taxes to keep Let's Encrypt "alive". Here's another reason NOT to do that.Apparently the *.eu.org domain needed laundrying because it's reputation became too bad. So scammers create zillions of insane domain names and obtain *FREE* (for them) certificates for those sites. Usually such sites are not malicious; they're intended to have virusscanners remove detection, eventually for the sub-TLD ".eu.org".To see this, you may consider opening <a href="https://crt.sh?q=eu.org" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://crt.sh?q=eu.org</a> but that will fail because there are WAY too many results.To restrict the amount of records, try a subdomain name and further restrict output by deduplicating and restricting to not expired, as follows: <a href="https://crt.sh/?Identity=madaline.eu.org&exclude=expired&deduplicate=Y" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://crt.sh/?Identity=madaline.eu.org&exclude=expired&deduplicate=Y</a>The screenshot below gives an idea (they're all Let's Encrypt certs by the way, and I marked one with an insane domain name).I wrote about this phenomenon before, e.g. in <a href="https://www.security.nl/posting/781057/Let%27s+Encrypt+git_git_git___" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.security.nl/posting/781057/Let%27s+Encrypt+git_git_git___</a> (at the time I did not understand why yet).VirusTotal knows of 72.5K direct subdomains of *.eu.org: "Subdomains (72.5 K)"(open the RELATIONS tab in <a href="https://www.virustotal.com/gui/domain/eu.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.virustotal.com/gui/domain/eu.org/</a>).<a href="https://mstdn.social/@TheDutchChief" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@TheDutchChief</a> <a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@EUCommission</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nlnet</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVcerts</a> <a href="https://infosec.exchange/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a>

Erik van Straten<a href="https://blob.cat/users/emu" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@emu</a> : given a domain name (*) for a website with an APPARENT owner, DV certs do not provide ANY security because users have no reasonable way to determine whether said domain name DOES NOT belong to the apparent owner.Phishing is wreaking havoc on the internet. There are lots of people like you who DO NOT provide ANY solutions.(*) In some message (email, SMS, chatapp, DM, ...), found by Googling, out of a QR-code, in a paper letter or on social media.A DV cert may be fine for your home NAS, but not for your bank. Unfortunately big tech does not want users to see the difference between a fake and a real bank (or any other critical website) in their browsers.<a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/Browsers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Browsers</a>

EV not Petrol<a href="https://aus.social/tags/theguardian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#theguardian</a> <a href="https://aus.social/tags/domesticviolence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#domesticviolence</a> <a href="https://aus.social/tags/dv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dv</a> <a href="https://aus.social/tags/southaustralia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#southaustralia</a> <a href="https://aus.social/tags/katelyons" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#katelyons</a>‘Best that exists globally’: South Australia’s domestic violence disclosure scheme provides relief and freedom <a href="https://www.theguardian.com/society/2025/mar/30/best-that-exists-globally-how-south-australias-domestic-disclosure-scheme-provides-relief-and-freedom-ntwnfb?CMP=Share_iOSApp_Other" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theguardian.com/society/2025/mar/30/best-that-exists-globally-how-south-australias-domestic-disclosure-scheme-provides-relief-and-freedom-ntwnfb?CMP=Share_iOSApp_Other</a>

Erik van Straten<a href="https://mas.to/@jschwart" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jschwart</a> : aan add-ons hebben we niks: die zullen door veel te weinig mensen worden gebruikt waardoor er niets verandert (bovendien bestaat het risico dat mensen nep-add-ons installeren).Het gaat om een *combinatie* van wijzigingen die de EU zal moeten afdwingen.Domeinnamen (inclusief het toenemende aantal TLD's) zijn namelijk het *probleem*. Je kunt ze vergelijken met telefoonnummers of woonadressen, potentieel iets- of nietszeggende strings die van een eigenaar *kunnen* zijn (en morgen van een ander). De enige voordelen ervan zijn dat ze uniek zijn en meestal kort.De meeste internetters begrijpen echter niet hoe je ze moet interpreteren, zoals dat www-example·com iets heel anders is dan www.example·com (om het nog maar niet te hebben over IDN's zoals in "https:⧸⧸lîdl·be/login").Ik zie geen andere oplossing dan voor *mensen* begrijpelijke en traceerbare identificerende informatie opnemen in websitecertificaten, waaronder bijv. (indien beschikbaar) een KvK-nummer (in tegenstelling tot bij 'whois' kun je bij de KvK wel zinvolle identificerende info vinden). Alleen al betrouwbaar weten in welk land de websiteverantwoordelijke gevestigd is, zou al enorm kunnen helpen tegen oplichting.In <a href="https://infosec.exchange/@ErikvanStraten/113990009126611573" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113990009126611573</a> zie je een screenshot van https://play.google-ivi·com waar Google Trust Services "gewoon" een ceetificaat voor uitgeeft (te zien in <a href="https://infosec.exchange/@ErikvanStraten/114061799937444243" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114061799937444243</a>).<a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVcerts</a> <a href="https://infosec.exchange/tags/GTS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GTS</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a>

Erik van Straten"Franse overheid voert phishingtest uit op 2,5 miljoen leerlingen" <a href="https://www.security.nl/posting/881630/Franse+overheid+voert+phishingtest+uit+op+2%2C5+miljoen+leerlingen" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.security.nl/posting/881630/Franse+overheid+voert+phishingtest+uit+op+2%2C5+miljoen+leerlingen</a>KRANKZINNIG!Het is meestal onmogelijk om nepberichten (e-mail, SMS, ChatApp, social media en papieren post - zie plaatje) betrouwbaar van echte te kunnen onderscheiden.Tegen phishing en vooral nepwebsites is echter prima iets te doen, zoals ik vandaag nogmaals beschreef in <a href="https://security.nl/posting/881655" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://security.nl/posting/881655</a>.(Big Tech en luie websitebeheerders willen dat niet, dus is en blijft het een enorm gevecht).<a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/NepWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NepWebsites</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVcerts</a> <a href="https://infosec.exchange/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/Certificaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificaten</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/Evilginx2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Evilginx2</a> <a href="https://infosec.exchange/tags/Zwakke2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Zwakke2FA</a> <a href="https://infosec.exchange/tags/ZwakkeMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ZwakkeMFA</a> <a href="https://infosec.exchange/tags/Weak2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Weak2FA</a> <a href="https://infosec.exchange/tags/WeakMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WeakMFA</a> <a href="https://infosec.exchange/tags/Authenticatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authenticatie</a> <a href="https://infosec.exchange/tags/Impersonatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonatie</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/DomainNames" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DomainNames</a> <a href="https://infosec.exchange/tags/Authenticity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authenticity</a> <a href="https://infosec.exchange/tags/Aurhenticiteit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Aurhenticiteit</a> <a href="https://infosec.exchange/tags/Owner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Owner</a> <a href="https://infosec.exchange/tags/Eigenaar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Eigenaar</a> <a href="https://infosec.exchange/tags/Verantwoordelijke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verantwoordelijke</a> <a href="https://infosec.exchange/tags/Responsible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Responsible</a> <a href="https://infosec.exchange/tags/Accountable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Accountable</a> <a href="https://infosec.exchange/tags/DigiD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DigiD</a> <a href="https://infosec.exchange/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SMS</a> <a href="https://infosec.exchange/tags/Email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Email</a> <a href="https://infosec.exchange/tags/ChatApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChatApps</a> <a href="https://infosec.exchange/tags/Verzender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verzender</a> <a href="https://infosec.exchange/tags/Sender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sender</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a>

Erik van Straten<a href="https://freeradical.zone/@mensrea" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mensrea</a> : if you visit a shop (or a bank) in the center of the city, chances are near zero that it's run by impostors.However, if you go to some vague second hand market, chances are the you will be deceived.Possibly worse, if there's an ATM on the outside wall of a shack where Hells Angels meet, would you insert your bank card and enter your PIN?On the web, most people do not know WHERE they are.Big Tech is DELIBERATELY withholding essential information from people, required to determine the amount of trust that a website deserves.DELIBERATELY, because big tech can rent much more (cheap) hosting and (meaningless) domain names to whomever if website vistors cannot distinguish between authentic and fake websites.You are right that some people will never understand why they need to know who owns a website.However, most people (including <a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@troyhunt</a> ) would enormously benefit.Like all the other deaf and blind trolls, you trash a proposal because it may be useless for SOME, you provide zero solutions and you keep bashing me.What part of "get lost" do you not understand?<a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> <a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@EUCommission</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nlnet</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#httpsVShttp</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bond</a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotBond</a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spam</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Banks</a>

Erik van Straten<a href="https://freeradical.zone/@mensrea" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mensrea</a> : it is not the UI/UX that is the problem. It is missing reliable info in the certs.Image from <a href="https://infosec.exchange/@ErikvanStraten/114224682101772569" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114224682101772569</a><a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> <a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@EUCommission</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nlnet</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#httpsVShttp</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bond</a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotBond</a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spam</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Banks</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a>

Erik van Straten<a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> :I don't want to pay a cent. Neither donate, nor via taxes.<a href="https://infosec.exchange/@ErikvanStraten/114227977082449887" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114227977082449887</a><a href="https://mstdn.social/@TheDutchChief" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@TheDutchChief</a> <a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@EUCommission</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nlnet</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#httpsVShttp</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bond</a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotBond</a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spam</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Banks</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a>

Erik van Straten<a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> : most Let's Encrypt (and other Domain Validated) certificates are issued to junk- or plain criminal websites.They're the ultimate manifestation of evil big tech.They were introduced to encrypt the "last mile" because Internet Service Providers were replacing ads in webpages and, in the other direction, inserting fake clicks.DV has destroyed the internet. People loose their ebank savings and companies get ransomwared; phishing is dead simple. EDIW/EUDIW will become an identity fraud disaster (because of AitM phishing atracks).Even the name "Let's Encrypt" is wrong for a CSP: nobody needs a certificate to encrypt a connection. The primary purpose of a certificate is AUTHENTICATION (of the owner of the private key, in this case the website).However, for human beings, just a domain name simply does not provide reliable identification information. It renders impersonation a peace of cake.Decent online authentication is HARD. Get used to it instead of denying it.REASONS/EXAMPLES🔹 Troy Hunt fell in the DV trap: <a href="https://infosec.exchange/@ErikvanStraten/114222237036021070" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114222237036021070</a>🔹 Google (and Troy Hunt!) killed non-DV certs (for profit) because of the stripe.com PoC. Now Chrome does not give you any more info than what Google argumented: <a href="https://infosec.exchange/@ErikvanStraten/114224682101772569" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114224682101772569</a>🔹 https:⧸⧸cancel-google.com/captcha was live yesterday: <a href="https://infosec.exchange/@ErikvanStraten/114224264440704546" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114224264440704546</a>🔹 Stop phishing proposal: <a href="https://infosec.exchange/@ErikvanStraten/113079966331873386" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113079966331873386</a>🔹 Lots of reasons why LE sucks: <a href="https://infosec.exchange/@ErikvanStraten/112914047006977222" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/112914047006977222</a> (corrected link 09:20 UTC)🔹 This website stopped registering junk .bond domain names, probably because there were too many every day (the last page I found): <a href="https://newly-registered-domains.abtdomain.com/2024-08-15-bond-newly-registered-domains-part-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://newly-registered-domains.abtdomain.com/2024-08-15-bond-newly-registered-domains-part-1/</a>. However, this gang is still active, open the RELATIONS tab in <a href="https://www.virustotal.com/gui/ip-address/13.248.197.209/relations" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.virustotal.com/gui/ip-address/13.248.197.209/relations</a>. You have to multiply the number of LE certs by approx. 5 because they also register subdomains and don't use wildcard certs. Source: <a href="https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/</a><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@EUCommission</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nlnet</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#httpsVShttp</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bond</a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotBond</a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spam</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Banks</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a>

Aischa 🏳️‍🌈🏴‍☠️You can forget how far you've come! Here Is a surprisingly marked up copy of The Verbally Abusive Relationship, which I am guessing I was given about 10 years ago. I rarely do this to my books. <a href="https://mastodon.social/tags/dv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dv</a> <a href="https://mastodon.social/tags/abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#abuse</a> <a href="https://mastodon.social/tags/ipv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ipv</a>

Erik van Straten<a href="https://infosec.exchange/@lewiray" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@lewiray</a> : phishing can and should be mitigated.See <a href="https://infosec.exchange/@ErikvanStraten/114222237036021070" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114222237036021070</a> and (I just wrote this) <a href="https://infosec.exchange/@ErikvanStraten/114224682101772569" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114224682101772569</a>.<a href="https://infosec.exchange/@haveibeenpwned" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@haveibeenpwned</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/Browsers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Browsers</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a>

Erik van Straten<a href="https://troet.cafe/@rohare" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@rohare</a> : phishing can and should be mitigated.See <a href="https://infosec.exchange/@ErikvanStraten/114222237036021070" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/114222237036021070</a>.<a href="https://infosec.exchange/@haveibeenpwned" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@haveibeenpwned</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/Browsers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Browsers</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a>

Erik van Straten<a href="https://mastodon.social/@BjornW" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BjornW</a> :I've stopped doing that after a lot of people called me an idiot and a liar if I kindly notified them. I stopped, I'll get scolded anyway.Big tech and most admins want everyone to believe that "Let's Encrypt" is the only goal. Nearly 100% of tech people believe that.And admins WANT to believe that, because reliable authentication of website owners is a PITA. They just love ACME and tell their website visitors to GFY.People like you tooting nonsense get a lot of boosts. It's called fake news or big tech propaganda. If you know better, why don't you WRITE BETTER?It has ruined the internet. Not for phun but purely for profit. And it is what ruins people's lives and lets employees open the vdoor for ransomware and data-theft.See also <a href="https://infosec.exchange/@ErikvanStraten/112914047006977222" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/112914047006977222</a> (and, in Dutch, <a href="https://security.nl/posting/881296" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://security.nl/posting/881296</a>).<a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@troyhunt</a> <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/AnonymousCertificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AnonymousCertificates</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/LetsAuthenticate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsAuthenticate</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> <a href="https://infosec.exchange/tags/Identity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Identity</a> <a href="https://infosec.exchange/tags/Authenticity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authenticity</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCrime</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/Weak2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Weak2FA</a> <a href="https://infosec.exchange/tags/WeakMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WeakMFA</a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVcerts</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/ACME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ACME</a> <a href="https://infosec.exchange/tags/USdependencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USdependencies</a> <a href="https://infosec.exchange/tags/USdependency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USdependency</a> <a href="https://infosec.exchange/tags/USdependent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USdependent</a> <a href="https://infosec.exchange/tags/USAdependencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USAdependencies</a> <a href="https://infosec.exchange/tags/USAdependency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USAdependency</a> <a href="https://infosec.exchange/tags/USAdependent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USAdependent</a>

Erik van Straten<a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@troyhunt</a> : if we open a website that we've never visited before, we need browsers to show us all available details about that website, and warn us if such details are not available.We also need better (readable) certificates identifying the responsible / accountable party for a website.We have been lied to that anonymous DV certificates are a good idea *also* for websites we need to trust. It's a hoax.Important: certificates never directly warrant the trustworthyness of a website. They're about authenticity, which includes knowing who the owner is and in which country they are located. This helps ensuring that you can sue them (or not, if in e.g. Russia) which *indirectly* makes better identifiable websites more reliable.More info in <a href="https://infosec.exchange/@ErikvanStraten/113079966331873386" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113079966331873386</a> (see also <a href="https://crt.sh/?Identity=mailchimp-sso.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://crt.sh/?Identity=mailchimp-sso.com</a>).Note: most people do not understand certificates, like <a href="https://mastodon.social/@BjornW" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BjornW</a> in <a href="https://mastodon.social/@BjornW/114064065891034415" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mastodon.social/@BjornW/114064065891034415</a>: ❝ <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a> offers certificates to encrypt the traffic between a website & your browser. ❞ 2x wrong.A TLS v1.3 connection is encrypted before the website sends their certificate, which is used only for *authentication* of the website (using a digital signature over unguessable secret TLS connection parameters). A cert binds the domain name to a public key, and the website proves possession of the associated private key.However, for people a domain name simply does not suffice for reliable identification. People need more info in the certificate and it should be shown to them when it changes.Will you please help me get this topic seriously on the public agenda?Edited 09:15 UTC to add: tap "Alt" in the images for details.<a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVcerts</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Authentication</a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Impersonation</a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spoofing</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#httpsVShttp</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a>

Radio Azureus<a href="https://infosec.exchange/@ErikvanStraten" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ErikvanStraten</a> Dankjewel voor deze verhelderende uitleg. Ik heb er niet bij stilgestaan dat door Cloudflare grote blokken van het internet letterlijk kunnen worden uitgeschakeld, door simpelweg een script te draaien<a href="https://mastodon.social/tags/Risico" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Risico</a> <a href="https://mastodon.social/tags/Economie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Economie</a> <a href="https://mastodon.social/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a> <a href="https://mastodon.social/tags/Fastly" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fastly</a> <a href="https://mastodon.social/tags/CDN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CDN</a> <a href="https://mastodon.social/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://mastodon.social/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://mastodon.social/tags/FISASection702" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FISASection702</a> <a href="https://mastodon.social/tags/FISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FISA</a> <a href="https://mastodon.social/tags/ThreeLetterAgencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreeLetterAgencies</a> <a href="https://mastodon.social/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trump</a> <a href="https://mastodon.social/tags/Sbowden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sbowden</a> <a href="https://mastodon.social/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://mastodon.social/tags/VVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VVD</a> <a href="https://mastodon.social/tags/PVV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PVV</a> <a href="https://mastodon.social/tags/CIDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CIDI</a> <a href="https://mastodon.social/tags/VT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VT</a> <a href="https://mastodon.social/tags/VirusTotal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VirusTotal</a> <a href="https://mastodon.social/tags/DVCerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVCerts</a> <a href="https://mastodon.social/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://mastodon.social/tags/OV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OV</a> <a href="https://mastodon.social/tags/EV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EV</a> <a href="https://mastodon.social/tags/QWAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#QWAC</a> <a href="https://mastodon.social/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCrime</a> <a href="https://mastodon.social/tags/NepWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NepWebsites</a> <a href="https://mastodon.social/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FakeWebsites</a>

Mikel Forcada EA5IYLMy memory fails, can you folks help me? What's the name of a novel suite of python programs that implements both digital voice and a new (?) keyboard-to-keyboard text modes in a single GUI? I installed it in a hard disk that died, and I don't remember. Thank you very much!<a href="https://mastodon.radio/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://mastodon.radio/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a>

Erik van Straten<a href="https://infosec.exchange/@0xF21D" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@0xF21D</a> : Cloudflare is evil anyway.Cloudflare reverse-proxies (or -proxied):- cloudflare.com.save-israel·org - ns.cloudflare.com.save-israel·org - albert.ns.cloudflare.com.save-israel·org - sydney.ns.cloudflare.com.save-israel·org -I don't know whether any of these domains were or are malicious, but such domain names are insane; expect evilness.See also: <a href="https://crt.sh/?Identity=save-israel.org" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://crt.sh/?Identity=save-israel.org</a>Tap "Alt" in the images for more info.<a href="https://infosec.exchange/@malanalysis" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@malanalysis</a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudflareIsEvil</a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BigTechIsEvil</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DV</a> <a href="https://infosec.exchange/tags/DVCerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVCerts</a> <a href="https://infosec.exchange/tags/DVCertsSuck" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DVCertsSuck</a> <a href="https://infosec.exchange/tags/BrowsersSuck" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BrowsersSuck</a>

Recent searches

Search options

Administered by:

Server stats:

#dv