The entire tech industry right now

I went back to the Nerd Reich website to see who in infosec was defending the Nazi salute, and wasn't super surprised to see Florian Roth. He's spent the last few months posting pro-AfD (German Neo-Nazi party) propaganda and interacting with AfD accounts in his replies. Just a heads up for those of you who work with him.

I don’t think I’ve ever seen a more perfect reading of Biden’s statement where he waited until the last day of his presidency to tell everyone that they live in an oligarchy

Why You Probably Don't Need A VPN To Stay Secure On Public Wi-Fi You've probably heard advice about how hackers can steal all your sensitive information if you don't use a VPN on public Wi-Fi, but is that actually true? In this video I'll walk through some of the major risks of public Wi-Fi such as Man-In-The-Middle Attacks, Rogue Access Points, SSL Stripping, and TLS Downgrades, as well as discuss how modern security measures prevent them.

None of this feels like the result of any technical limitations. I'm pretty sure they're just trying to maximize their engagement metrics at the expense of Mastodon. IMO Threads should be defederate until they "figure out" how to implement actual federation.

Learn a new language? No thanks, I already work in cybersecurity.

It’s wild how little Meta has changed in 15 years. They spent an entire year ignoring users’ requests for features that would make Threads usable, then when people started leaving for Bluesky, they tried to get them back by copying Bluesky. Unfortunately, the only feature they can’t copy that matters is not being Meta or having Mosseri in charge.

Someone has been flooding Bluesky with bots that use ChatGPT to respond to random posts, disagreeing with whatever the author says in a polite but annoying way. I have no idea what the goal is, but it kind of just makes it feel like Twitter before generative AI

A hill I’ll die on every time: NAT is a security feature. It wasn’t intended as one, it shouldn’t be used as one, but it IS one. If I go into my router and disable the firewall, then do the same on every device I own, not a single extra device on my network becomes publicly exposed. That is security. It makes it hard for users with poor cybersecurity awareness to accidentally expose devices to the entire internet. If we disabled uPNP by default, we’d see a huge drop in automated exploitation.

This year I'll be featuring in TryHackme's Advent Of Cyber! Every day until Christmas they'll be releasing a cool new Cybersecurity challenge. It's free to join and there's over $100k in prizes to be won!

TryHackMe

TryHackMe | Cyber Security Training

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!