Do the "Ernest needs to add more maintainers to KBin!" comments remind anyone else of the xz social engineering malarkey? by Canard in c/kbinMeta@kbin.social
[-] Canard@fedia.io 0 points 5 months ago

I saw the term "threadiverse" being used to group all Reddit alternatives interoperable with the Fediverse.

Updates on Interstellar kbin app: account login, voting, subscriptions, and more by Canard in c/kbinMeta@kbin.social
[-] Canard@fedia.io 0 points 9 months ago

What about F-Droid?

1
Webauthn Attestation and OpenSource Keys (fy.blackhats.net.au)
submitted 9 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

Webauthn (Passkeys) are only going to become more important in the future and as this grows, deployments with higher security risks and criticality are going to need to start to understand and embrace attestation of their keys.

In their current form, almost all software products and IDM's today allow you to enroll any cryptographic authenticator. It doesn't matter what make or model it is, it will be allowed.

However, not all authenticators are made equal. They each have different properties, security features, and some even have security issues affecting their hardware or software. Because webauthn is a self contained multiple factor authenticator, this means we need to be even more careful to ensure these devices are secure.

1
AutoSpill attack steals credentials from Android password managers (www.bleepingcomputer.com)
submitted 9 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation.

1
Microsoft’s Windows Hello fingerprint authentication has been bypassed (www.theverge.com)
submitted 10 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

Windows laptop manufacturers will likely need to fix this one.

Firefox 120.0 released by Canard in c/firefox@fedia.io
Firefox 120.0 released by Canard in c/firefox@fedia.io
[-] Canard@fedia.io 1 points 10 months ago

This version was supposed to bring WebAuthn passkeys support as this source mentioned: https://connect.mozilla.org/t5/ideas/support-webauthn-passkeys/idc-p/39321/highlight/true#M22887
Sadly this is not part of the release notes. I’m disappointed but I hope this will be implemented soon in Firefox.

1
What the !#@% is a Passkey? (www.eff.org)
submitted 10 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

A new login technique is becoming available in 2023: the passkey. The passkey promises to solve phishing and prevent password reuse. But lots of smart and security-oriented folks are confused about what exactly a passkey is. There’s a good reason for that. A passkey is in some sense one of two (or three) different things, depending on how it’s stored.

2
Clever malvertising attack uses Punycode to look like KeePass's official website (www.malwarebytes.com)
submitted 11 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

Threat actors are doubling down on brand impersonation by using lookalike domain names.

1
What is a passphrase? Comparing passwords vs. passphrases | Proton (proton.me)
submitted 11 months ago by Canard@fedia.io to c/cybersecurity@fedia.io
0 comments fedilink

Passphrases are a great way to protect your online accounts and digital identity. But what is a passphrase?

2
Modernizing and improving PGP security | Proton (proton.me)
submitted 1 year ago by Canard@fedia.io to c/cybersecurity@fedia.io
1 comments fedilink

Daniel Huigens, the head of Proton’s cryptography team, explains how the latest crypto refresh makes PGP more secure.

Canard

joined 1 year ago