#Information security
Text
Do NOT send pictures of your ID card to discord bots!!!!
Or, like, any online rando.
I ran into a server that wanted to make sure that members are over 18 years old. They wanted to avoid the other thing I've heard of, which is asking you to verify your age by sending pictures of your ID card to a moderator. Good! Don't do that!
However, ALSO don't do this other thing, which is using a discord bot that would "automatically verify" you from a selfie and a photo of your ID card showing your birthday. The one they used is ageifybot.com. There's a little more information on its top.gg page. Don't like that! Not using that!
Why not? It's automatic! Well, let me count the ways this service skeeves me out:
How does the verification process work? There is no information on this. Well, okay, if you had more info on what kind of algorithms etc were being used here, that might make it easier for people to cheat it. Fair enough. But we need something to count on.
Who's making it? Like, if I can't understand the mechanics, at least I'd like to know who creates it - ideally they'd be a security professional, or at least a security hobbyist, or an AI expert, or at least someone with some kind of reputation they could lose if this turns out to not be very good, or god forbid, a data-stealing operation. However, the website contains nothing about the creators.
The privacy policy says they store information sent to them, such as your selfie and photo of an ID card, for up to 90 days, or a year if they suspect you're misleading them. It sure seems like even if they're truly abiding by their privacy policy, there's nothing to stop human people from looking at your photos.
The terms of service say they can use, store, process, etc, any information you send them. And that they can't be held accountable for mistakes, misuse, etc. And that they can change the bot and the ToS at any times without telling you. The terms of service also cut off midway through a sentence, so like, that's reassuring:
In conclusion, DO NOT SEND PICTURES OF YOUR ID CARD TO RANDOM DISCORD BOTS.
Yes, keeping minors out of (say) NSFW spaces is a difficult problem, but this "solution" sucks shit and is bad.
Your ID card is private, personal information that can be used by malicious actors to harm you. Do not trust random discord bots.
#light writes#discord#internet so strange#internet safety#personal safety#information security#cybersecurity#discord bot
155 notes
·
View notes
Text
He's making a database. He's sorting it twice. SELECT * from contacts WHERE behavior = 'nice' SQL Clause is coming to town. 🎄🎅
582 notes
·
View notes
Text
If you have Windows 11, please turn off the Recall feature unless you have Bitlocker on your computer. This is because it takes screenshots of your PC and stores them in such a way that the screenshots could be stolen and passwords etc. taken. (It can be encrypted automatically by Bitlocker, so if you do have that enabled, turning Recall off is optional).
If you want to turn off Recall, please do the following:
Please open "Settings".
Next, please click on "Privacy & Security".
Select the "Recall & Snapshots" page.
Turn off the “Save snapshots” toggle switch.
Do this for every account on the computer (the setting is saved per account).
This will completely turn off the Recall option on the account.
If you use Windows 10 or earlier, you can put your feet up and relax - Recall isn't available on these operating systems. Obviously, it's a non-issue on non-Windows computers too.
#windows 11#could someone please introduce microsoft to 21st century security practises#recall#tech support#information security
35 notes
·
View notes
Text
idk when they did it, but I logged on to my youtube account today to see that Google had CHANGED MY FLIPPING ACCOUNT NAME from the one I CHOSE for it to some unholy amalgamation of numbers and the fakename I used to make that account and I am Annoyed >:( >:( >:(
anyway I spent the morning fiddling with personal info to try and get it to display the account name instead but idk -_- -__- Obvsl there's SOME way to get it back cuz other ppl have old-style pseuds but either it's through some other method or it takes awhile for google to update their unholy spyware cuz my comments are still displaying under that stupid appellation. Gods, I cant imagine how frustrating that must be to ppl who used their actual assigned names when making gmail accounts 15 fucking years ago; the info I put there isn't even 'real' and it STILL feels like a violation X| WHO THE FUCK IS GOOGLE TO DECIDE HOW I SHOULD BE SEEN BY OTHERS?!?!?!
#Google#The Corporate Internet#Pseudonymity#Information Security#Privacy#Outing#Agency#cantankerous posts
39 notes
·
View notes
Text
Fortunately for affected customers though, it appears that only personal information was stolen during this attack and financial information wasn’t accessed.
Oh, nice. Apparently data breaches have become so commonplace that “only personal information was stolen” is regarded as A-OK now. 🙄
6 notes
·
View notes
Text
The most undervalued, misunderstood job in software is security. If the security team is doing their job right, then the only visible effect is that they'll make features slower to develop, slower to run, more expensive, and sometimes so prohibitively difficult that you have to scrap parts of the feature. If that's the case, then your security team deserves a raise for how much hard work they're doing. When it comes to security, anything noticeable happening is VERY BAD.
#codeblr#progblr#information security#the second most undervalued job is ux#but at least its relatively easier to understand their contributions#except for a11y work#when you make an app usable for blind people or people with mobility issues#the only people who notice the improvement are blind people and people with mobility issues#product owners are not checking how things sound on a screen reader or testing if it works without a mouse
15 notes
·
View notes
Text
I don’t want to hear this BS about asexuals being immune to honeypots. The sexual honeypot is just one form of social engineering, and you are not immune to the power of friendship. If you work with sensitive information, which includes any personally identifying information, be wary of ANY relationship where someone tries to get you to talk about more than you should, or in more detail than you should. You need to set firm boundaries and uphold them if someone tries to cross them.
You are not immune to social engineering. No sexuality can make you immune to social engineering.
5 notes
·
View notes
Text
reminder that if, like me, you used to use LastPass and moved to a new password manager, go delete your LastPass account.
33 notes
·
View notes
Text
Cybersecurity in the Digital Age
This image portrays a figure standing in a futuristic virtual environment, reminiscent of a scene from a sci-fi thriller. The silhouette of a person dressed in a long coat and holding what appears to be a mobile device stands in the foreground. They are facing a vibrant digital interface that displays a variety of cyber-themed icons and holographic projections. Key among these is a prominent digital lock symbol, representing the concept of cybersecurity. The cool neon blue and green color palette suggests a digital world, underlining themes of technology, security, and the challenges of protecting information in the contemporary digital landscape. The environment is filled with flowing data streams and digital wave patterns, suggesting the constant flow of information across global networks. The person's stance implies they are an orchestrator or guardian in this space, wielding the tools and knowledge necessary to navigate and safeguard this complex digital realm.
#cybersecurity#Digital Age#Technology#Sci-Fi#Information Security#Holographic Interface#Data Protection#Virtual Environment#Network Security#Digital Encryption#Futuristic#Tech Thriller#Data Streams#Cybernetic#Secure Access
2 notes
·
View notes
Text
BTSARMY Security Awareness Edition
Securing Mobile Devices Part 1: Identifying Fake Apps (with Mister World Wide Handsome Kim Seokjin)
Contributors:
ddaengsec
emandro1d
ArmyCompsci
Devika⁷
btsarmysafety
ManelleBTS
#bts#btsarmy#bts jin#kim seokjin#cybersecurity#security#securityawareness#infosec#mobile security#mobile hacking#security awareness training#infographic#information security#malware#adware#malvertising#bloatware#apple ios#android#cell phones
12 notes
·
View notes
Text
Microsoft Windows software and machines behave as if they were natively designed to leak information into negative dimensions.
2 notes
·
View notes
Text
A Complete Guide to Mastering Microsoft Azure for Tech Enthusiasts
With this rapid advancement, businesses around the world are shifting towards cloud computing to enhance their operations and stay ahead of the competition. Microsoft Azure, a powerful cloud computing platform, offers a wide range of services and solutions for various industries. This comprehensive guide aims to provide tech enthusiasts with an in-depth understanding of Microsoft Azure, its features, and how to leverage its capabilities to drive innovation and success.
Understanding Microsoft Azure
A platform for cloud computing and service offered through Microsoft is called Azure. It provides reliable and scalable solutions for businesses to build, deploy, and manage applications and services through Microsoft-managed data centers. Azure offers a vast array of services, including virtual machines, storage, databases, networking, and more, enabling businesses to optimize their IT infrastructure and accelerate their digital transformation.
Cloud Computing and its Significance
Cloud computing has revolutionized the IT industry by providing on-demand access to a shared pool of computing resources over the internet. It eliminates the need for businesses to maintain physical hardware and infrastructure, reducing costs and improving scalability. Microsoft Azure embraces cloud computing principles to enable businesses to focus on innovation rather than infrastructure management.
Key Features and Benefits of Microsoft Azure
Scalability: Azure provides the flexibility to scale resources up or down based on workload demands, ensuring optimal performance and cost efficiency.
Vertical Scaling: Increase or decrease the size of resources (e.g., virtual machines) within Azure.
Horizontal Scaling: Expand or reduce the number of instances across Azure services to meet changing workload requirements.
Reliability and Availability: Microsoft Azure ensures high availability through its globally distributed data centers, redundant infrastructure, and automatic failover capabilities.
Service Level Agreements (SLAs): Guarantees high availability, with SLAs covering different services.
Availability Zones: Distributes resources across multiple data centers within a region to ensure fault tolerance.
Security and Compliance: Azure incorporates robust security measures, including encryption, identity and access management, threat detection, and regulatory compliance adherence.
Azure Security Center: Provides centralized security monitoring, threat detection, and compliance management.
Compliance Certifications: Azure complies with various industry-specific security standards and regulations.
Hybrid Capability: Azure seamlessly integrates with on-premises infrastructure, allowing businesses to extend their existing investments and create hybrid cloud environments.
Azure Stack: Enables organizations to build and run Azure services on their premises.
Virtual Network Connectivity: Establish secure connections between on-premises infrastructure and Azure services.
Cost Optimization: Azure provides cost-effective solutions, offering pricing models based on consumption, reserved instances, and cost management tools.
Azure Cost Management: Helps businesses track and optimize their cloud spending, providing insights and recommendations.
Azure Reserved Instances: Allows for significant cost savings by committing to long-term usage of specific Azure services.
Extensive Service Catalog: Azure offers a wide range of services and tools, including app services, AI and machine learning, Internet of Things (IoT), analytics, and more, empowering businesses to innovate and transform digitally.
Learning Path for Microsoft Azure
To master Microsoft Azure, tech enthusiasts can follow a structured learning path that covers the fundamental concepts, hands-on experience, and specialized skills required to work with Azure effectively. I advise looking at the ACTE Institute, which offers a comprehensive Microsoft Azure Course.
Foundational Knowledge
Familiarize yourself with cloud computing concepts, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
Understand the core components of Azure, such as Azure Resource Manager, Azure Virtual Machines, Azure Storage, and Azure Networking.
Explore Azure architecture and the various deployment models available.
Hands-on Experience
Create a free Azure account to access the Azure portal and start experimenting with the platform.
Practice creating and managing virtual machines, storage accounts, and networking resources within the Azure portal.
Deploy sample applications and services using Azure App Services, Azure Functions, and Azure Containers.
Certification and Specializations
Pursue Azure certifications to validate your expertise in Azure technologies. Microsoft offers role-based certifications, including Azure Administrator, Azure Developer, and Azure Solutions Architect.
Gain specialization in specific Azure services or domains, such as Azure AI Engineer, Azure Data Engineer, or Azure Security Engineer. These specializations demonstrate a deeper understanding of specific technologies and scenarios.
Best Practices for Azure Deployment and Management
Deploying and managing resources effectively in Microsoft Azure requires adherence to best practices to ensure optimal performance, security, and cost efficiency. Consider the following guidelines:
Resource Group and Azure Subscription Organization
Organize resources within logical resource groups to manage and govern them efficiently.
Leverage Azure Management Groups to establish hierarchical structures for managing multiple subscriptions.
Security and Compliance Considerations
Implement robust identity and access management mechanisms, such as Azure Active Directory.
Enable encryption at rest and in transit to protect data stored in Azure services.
Regularly monitor and audit Azure resources for security vulnerabilities.
Ensure compliance with industry-specific standards, such as ISO 27001, HIPAA, or GDPR.
Scalability and Performance Optimization
Design applications to take advantage of Azure’s scalability features, such as autoscaling and load balancing.
Leverage Azure CDN (Content Delivery Network) for efficient content delivery and improved performance worldwide.
Optimize resource configurations based on workload patterns and requirements.
Monitoring and Alerting
Utilize Azure Monitor and Azure Log Analytics to gain insights into the performance and health of Azure resources.
Configure alert rules to notify you about critical events or performance thresholds.
Backup and Disaster Recovery
Implement appropriate backup strategies and disaster recovery plans for essential data and applications.
Leverage Azure Site Recovery to replicate and recover workloads in case of outages.
Mastering Microsoft Azure empowers tech enthusiasts to harness the full potential of cloud computing and revolutionize their organizations. By understanding the core concepts, leveraging hands-on practice, and adopting best practices for deployment and management, individuals become equipped to drive innovation, enhance security, and optimize costs in a rapidly evolving digital landscape. Microsoft Azure’s comprehensive service catalog ensures businesses have the tools they need to stay ahead and thrive in the digital era. So, embrace the power of Azure and embark on a journey toward success in the ever-expanding world of information technology.
#microsoft azure#cloud computing#cloud services#data storage#tech#information technology#information security
6 notes
·
View notes
Text
I guess while we were slacking off during the holiday, some chose to pick up the slack. No pun intended. 😆
5 notes
·
View notes
Text
The Ongoing Need for Cybersecurity Education in Families
Our homes are no longer physical spaces but extended into cyberspace. Every gadget we introduce into our homes-whether smartphone, tablet, or smart refrigerator-opens an entry point to a perilous world. This is not new, but what needs emphasis is that digital threats are not just technological but psychological and emotional, especially as far as families are concerned.
The Digital Realm: A…
#awareness#cybersecurity education#data privacy#digital security#Family#importance#information security#internet threats#knowledge#Online Safety#protection#youth
0 notes
Text
Government Imposes Strict Ban on Social Media Use by Civil Servants
Islamabad: The government has imposed a significant ban on the use of social media by civil servants, prohibiting them from using any media platforms without explicit permission. This new regulation was communicated through an official directive from the Establishment Division, instructing federal secretaries and other relevant authorities to ensure strict compliance.According to the directive,…
#civil servants#disciplinary action#Establishment Division#Government ban#information security#official directive#Pakistan government#public sector regulations#social media policy#social media restrictions
0 notes
Last Seen Blogs
