Pinned toot

Privacy, like security, requires technology that can be examined, reviewed, studied, vetted and modified. It's also a personal consideration

We need a full free and open technology stack: software, devices, data and society

is everything you think necessary for your personal freedom, privacy and security ( even things we have not yet created )

FLOX - Free Libre Open X(everything)

I might seem all over the place, but I've actually been very singular in my focus towards distributed, rich virtual worlds for over a decade. It's just a lot of work to get there:

- MediaGoblin lead to ActivityPub
- ActivityPub is a distributed social system
- Liberated Pixel Cup gave us base graphical assets
- XUDD, 8sync, Goblins are all actor experiments so I can understand the technical foundation
- Datashards lets us securely distribute assets
- Ocaps bring us security

The Free Software Stammtisch is this Tuesday at 19:00
Boulders on Southern, 1010 W Southern Ave,

gettogether.community/series/1

LuftHans.com/Free_Software_Sta

Next month there is a job networking event before Stammtisch

Thursday is PLUG's security meeting

Topic: passiveDNS For fun and Profit (part2)

phxlinux.org/index.php/meeting

gettogether.community/series/1

Last night our other speaker was one of our panelists from Space Night, so I brought it up when it my time for my presentation :)

youtube.com/watch?v=bnxge96YO3

That's from a couple years ago. One of the attendees was one of Austin's employees on JPL projects. We might have Space Night II in the planning!

Seriously, verify your systems after an update. Only continuous monitoring of security features will make sure you don't expose people to insecure systems over time.

github.com/containous/traefik/

This morning I had to notice that my traefik setup decided to downgrade its defaults to SSLv3 due to a bug in the go TLS library.

So yeah, if you run anything server-side that provides TLS and is build with go 1.12.x you might want to verify it.

#infosec #security #TLS #SSL #go #golang #traefik

SeaGL cfp responses were sent out. If you submitted a talk, please check to see if it was accepted

If it was accepted and you haven't yet confirmed, please do so, thx!

osem.seagl.org/conferences/sea

See you in this for

WordPress version 5.2.3 is now out which is a security release. It fixes a bunch of XSS problems and some sanitization problems. Debian packages soon.

wordpress.org/news/2019/09/wor

#wordpress #infosec #foss #debian

SeaGL talk acceptances have gone out, as have declines

Check your email if you submitted a cfp

Already a couple reports of accepted talks popped up in on

Looking forward to the conference in

SeaGL accepted my "Debian Software Management" talk for November's conference

Looking forward to another great !

See you in

Shout out to all those who can't code, but spend time helping people and answering questions for #foss applications!

find . \( -name '*.txt' -o -name '*.md' \) \! -empty # Find .txt or .md files under the current directory that are not empty (> 0 bytes).

Imperva Firewall customer data from 2017 exposed

looks like passwords, api keys and SSL certs that might have been in use for last two years were compromised for Imperva Cloud Web Application Firewall (WAF)

threatpost.com/imperva-firewal

krebsonsecurity.com/2019/08/cy

RT @computerfact@twitter.com
notice to everyone using their face as a password: due to a data breach we would like to ask you to please reset your face. we apologize for any inconvenience.

I was like, hm, I'm going through a lot of dehydrated ingredients... I wish I had a dehydrator so I don't have to buy them pre-dehydrated!

I wasn't thinking about it, but I have an oven (and with a convection feature as a bonus)... that already *is* a dehydrator hunker.com/12002263/how-to-use

Show more
FLOSS.social

For people who care about, support, or build Free, Libre, and Open Source Software (FLOSS).