Single sourced story so far, good to keep an eye on. "Sol-Ark OEM reportedly disables all Deye [solar panel] inverters in the US"
https://solarboi.com/2024/11/17/sol-ark-oem-disables-all-deye-inverters-in-the-us/
@bert_hubert@fosstodon.org Good time to remind people Naomi Wu was forced to stop her social media activities shortly after exposing a Chinese manufacturer's keyboard spyware. @SexyCyborg@mastodon.social
"For years she has called attention to this problem, in which people were using apps like Signal to protect their privacy but typing on a keyboard that could be recording every keystroke and sending it to the developer, Tencent..."
The spyware was independently verified, #TenCent denied it, and then the govt paid Wu a visit.
https://skepchick.org/2023/08/maker-naomi-wu-is-silenced-by-chinese-authorities-and-why-i-blame-elon-musk/
Its odd how we expect society to be pro-literacy, but then in IT we constantly make arguments against computer literacy because checking things like addresses gets in the way of instant, constant gratification. So most of you get upset when I suggest that YOU should remind users to actually check the spelling of who the f*ck they are actually accessing.
But no, that's too much rocket science.
"Oh but the domain spelling doesn't matter because..." stupid excuse consisting of exceptional incidents. Or saying that users can't know the difference between microsoft.com and edge-update.com. Or suggesting that we'll get the phishing problem licked one day without any bothersome checks by the user β this is literally impossible on an open network, so your ultimate solution would have to be the equivalent of closing the net and/or converting all endpoints to dumb terminals.
π
I now return you to our regularly scheduled phishing stories...
Today's #infosec weather:
A dense fog of misguided expert opinion about Https:, followed by a hailstorm of successful #phishing attempts.
Tech status: Upgrading OS and dealing with unpatched bugs that were fixed upstream 2ya.
The current state of #Linux quality is looking pretty dank.
#fedora #debian #gnu #kde
You can shop for #VPN services that are audited for #privacy. Doing that with ISPs is basically impossible.
Edit: Some VPNs I consider to be decent are Mullvad, Nordvpn and Protonvpn.
Some to be avoided are PIA, Expressvpn and Cyberghost.
#mullvad #protonvpn #nordvpn
Its odd how we expect society to be pro-literacy, but then in IT we constantly make arguments against computer literacy because checking things like addresses gets in the way of instant, constant gratification. So most of you get upset when I suggest that YOU should remind users to actually check the spelling of who the f*ck they are actually accessing.
But no, that's too much rocket science.
"Oh but the domain spelling doesn't matter because..." stupid excuse consisting of exceptional incidents. Or saying that users can't know the difference between microsoft.com and edge-update.com. Or suggesting that we'll get the phishing problem licked one day without any bothersome checks by the user β this is literally impossible on an open network, so your ultimate solution would have to be the equivalent of closing the net and/or converting all endpoints to dumb terminals.
π I now return you to our regularly scheduled phishing stories...
Today's #infosec weather:
A dense fog of misguided expert opinion about Https:, followed by a hailstorm of successful #phishing attempts.
bert hubert πΊπ¦
πͺπΊ
πΊπ¦
wyngman