scytale

They were probably replying to you on mastodon hence the @.

Tilda, because I like how I can drop it down my screen anytime by pressing one key if I need to use it.

I was gonna say this as well. You can go 2 opposite directions. You can go for a country like Switzerland which has a lot of privacy rules in place. It generally protects you from malicious non-state actors. But you can also go the other way with a developing country whose government does not have the means or capability to monitor you. The tradeoff is your data on government systems is probably already compromised, just not by the government itself.

One of the servers I’m in requires a phone number in order to post and comment. Glad I never added my number in the first place. OP, I hope you can eventually get your number removed.

Yup, there’s a reason there aren’t a ton of FOSS or small DDoS prevention/protection tools/services out there, and even large tech companies that may have the resources to develop their own rely on providers like Cloudflare instead. Also, to re-iterate another comment in this post, you don’t necessarily need to allow cloudflare to see your encrypted traffic if you just want DDoS protection.

It’s essentially a way to get your foot through the door if you’re trying to get into the security field. I guess if you’re planning to switch roles within your current org it’s not really necessary vs trying to get hired at a new company. I haven’t checked how much they cost, but maybe you can try some of the Cisco certs as well?

The SANS ICS courses are the only ones I know that specifically focus on ICS; but yes, do not spend your own money to get expensive certs like those. Your employer should be paying on your behalf. Security+ is worth it if you’re making a lateral move to security.

Same for me. I also have ClearURLs, Facebook container, and use Multi-account containers to isolate specific sites.

The statement about people trust corporations, not people is valid; that’s why I stopped using the “don’t have doors” and “let me see your phone” argument because people will think it’s different in that you personally know them, instead of some faceless corporation collecting your data.

It got me thinking of a better example, and the one I came up with is baby monitors and home/door cctv cameras. A lot of companies providing those services lack any kind of security in that anyone can potentially see your camera live feed on the internet. Not that anyone’s watching, but someone could if they wanted. So if you’re not hiding anything, would you be fine that your baby monitor can potentially be used for whatever reason even though no one in your social circle can’t “see” it?

Wow Bunsenlabs. Now that’s a distro I haven’t heard in a while. lol. I used to have it on an old laptop many many years ago.

I used Deezer for several years before they removed regional pricing. Sound quality was better than Spotify IMO, and I like their UI more. It’s cleaner and less cluttered. The fact that you get lossless included by default now is definitely a plus too. You can also upload your own wav/mp3 files if you can’t find it in their catalog. Never tried Tidal so I don’t have an opinion about it.

I think they weren’t implying it’s the best option, just that it’s the lesser evil. You can definitely go for some other foss options or a separate satnav entirely, but Apple Carplay works on most cars without requiring additional software or tools. Obviously OP will have to buy an iPhone.

It would be a good idea to explore Linux if you care about all the telemetry Windows collects. There are distros out there that are so user friendly that someone using Windows their entire life can hit the ground running, like Linux Mint.

As others have said, it doesn’t have to be black or white. 100% anonymity/privacy on the internet is almost virtually impossible for most use-cases for accessing the internet in the first place, but that doesn’t mean you just let go and let it happen. You can still take steps with protecting as much as you can while at the same time still use the internet comfortably, even if it means having to maintain some non-foss apps just to keep in touch with friends/family and have accounts with major platforms. Just do as much as you reasonably can with what you can influence and control.

I don’t have the document on hand while writing this, but I believe ISO27001 and most other certs have controls around regular pentests on an organization’s infrastructure and applications, and they ask for evidence that those are done regularly and ask for proof of remediation of findings during audits. While they don’t directly ask if “company survived a 5 day red team exercise”, the control processes they check for indirectly checks for those. And yes, it largely depends on how technical and how deep the auditor wants to go.

This applies to lift-and-shift migrations too. “We need to migrate this now, let’s fix it as a next phase”, then it never gets fixed; instead of taking the opportunity to fix stuff as you build on a clean slate.

Saw him in person at Defcon years ago. He was very personable and was happy to talk to anyone. RIP

It’s the first step of installation, making a bootable usb/CD. Most non-technical people can’t be arsed to create a bootable drive, then go into the bios boot settings to run it. I haven’t used Windows in a long time so I don’t know how it’s installed these days, but the fact that it comes installed out-of-the-box when people buy a computer lets them skip the first and biggest step to running linux, which is getting it installed in the first place.

Distros have come a long way that a Windows user trying Linux Mint can hit the ground running. It’s no longer about the learning curve for USING linux, it’s INSTALLING linux that’s the problem.

Is faster. I don’t care about the extra bells and whistles, and I want a straightforward functioning system that allows me to do what I need to do. I also like that I can customize my desktop experience to my heart’s desires. I can literally change the way my system looks if I get bored of it. Most importantly, the lack of tracking/telemetry and being a smaller target on the web.

Me reading this post on an alpha app on testflight: chuckles I’m in danger.

Kidding aside, I used a dedicated email (and password) for my account and don’t plan to post any personal info on here.