abucci
anthony.buc.ciHi, I'm Anthony and I'm a computer scientist
more than 90% of all AWS service API endpoints do not support IPv6
Sounds like AWS is instituting an IPv4 tax soon.
Oops, let a SSL certificate expire.
↳
In-reply-to
»
How is everyone finding GitHub CoPilot? 🤔 Good / Bad ? 🤔
⤋ Read More
- It’s criminal: Copilot was only possible because of massive theft of other peoples’ work (no compensation or even acknowledgement to any of the developers whose code was used to create Copilot)
- It’s positioned to put software developers out of work or so fully de-skill them that they no longer know how to code anything but prompts (after which come corporate-justified salary and benefits decreases)
Don’t use it. No one should ever use it. You’re destroying your own future as a software developer by leaning on and supporting these things.
How Google Authenticator made one company’s network breach much, much worse | Ars Technica
🤦‍♂
WHY are these big companies treated as though they are the be all and end all of infosec? These are rookie mistakes Google’s making, at scale.
Unfortunately Google employs dark patterns to convince you to sync your MFA codes to the cloud, and our employee had indeed activated this “feature”. If you install Google Authenticator from the app store directly, and follow the suggested instructions, your MFA codes are by default saved to the cloud. If you want to disable it, there isn’t a clear way to “disable syncing to the cloud”, instead there is just a “unlink Google account” option.
Like, never ever put your multi-factor tokens into a single cloud storage location! The whole point of this being “multi” factor is that there is a separate, independent physical factor involved in the authentication process. If the authenticator app on your phone puts the tokens in the cloud, then it reduces the security that comes from having a second factor. This is basic stuff.
Of course, never ever use Google Authenticator. All it does is generate TOTP and HOTP codes, which you can do with any OTP app, preferably an open source one that’s been vetted.
USENET, the OG social network, rises again like a text-only phoenix
The USENET management committee has reconvened and there are green shoots of growth in the original, pre-World Wide Web social network.
↳
In-reply-to
»
Turned half a century old today. Boy I'm tired.
⤋ Read More
@movq@www.uninformativ.de oops, forgot to say thank you for the birthday wishes!
↳
In-reply-to
»
Turned half a century old today. Boy I'm tired.
⤋ Read More
@lyse@lyse.isobeef.org Thank you!
↳
In-reply-to
»
Turned half a century old today. Boy I'm tired.
⤋ Read More
@movq@www.uninformativ.de If you’ve got it, own it!