fsebugoutzone.org:9999

       Post AwA9RtUXpAVnJuYGau by Suiseiseki@freesoftwareextremist.com
 (DIR) More posts by Suiseiseki@freesoftwareextremist.com
 (DIR) Post #AwA9Rqjg4RpmlyboGW by briankrebs@infosec.exchange
       2025-07-15T14:34:21Z
       
       0 likes, 0 repeats
       
       ICYMI (I did) from the death-by-shite-security dept. For the next time you need a case study in how poor security can actually lead to human deaths, even executions: &quot;A recent audit from the U.S. Department of Justice has exposed severe vulnerabilities in the FBI&#39;s cybersecurity measures, highlighting how these weaknesses directly contributed to the deaths of key informants in the high-profile El Chapo investigation.&quot;According to the report, a hacker affiliated with the Sinaloa drug cartel in Mexico was able to access sensitive communications between FBI officials and law enforcement, ultimately leading to the tragic loss of life.&quot;https://www.secureworld.io/industry-news/fbi-breach-deaths-el-chapo
       
 (DIR) Post #AwA9RrxtV4ngaMGg40 by markvonwahlde@mastodon.world
       2025-07-15T16:15:16Z
       
       1 likes, 0 repeats
       
       @briankrebs Second-best argument against governmental backdoors is chronic inability of government to keep data secure.
       
 (DIR) Post #AwA9RtUXpAVnJuYGau by Suiseiseki@freesoftwareextremist.com
       2025-07-15T16:17:30.800972Z
       
       0 likes, 0 repeats
       
       @markvonwahlde @briankrebs The government does not need to request backdoors - manufacturers implement it for them without asking most of the time and then the government can command that those be used for their interest.
       
 (DIR) Post #AwA9RuerUIMIwCO1JY by briankrebs@infosec.exchange
       2025-07-15T14:45:13Z
       
       0 likes, 0 repeats
       
       BTW here&#39;s the report, which is somewhat heavily redacted of the potentially interesting bits. But overall, the report laments the modern reality of &quot;ubiquitous technical surveillance,&quot; which the FBI defines to mean &quot;the widespread collection of data and application of analytic methodologies for the purpose of connecting people to things.&quot; Specifically, the FBI names five &quot;vectors&quot; for this pernicious and omnipresent threat:1) visual and physical (identification of people or objects tied to an operation through cameras or physical surveillance2) electronic signals (use of electronic devices such as mobile phones)3) financial -- transactional financial records with unique identifiers linked to a specific account holder4) travel -- records that include unique identifiers for hotel stays, border crossings, plane reservations, etc.5) online - advertising data from web browsing and social media use.https://oig.justice.gov/sites/default/files/reports/25-065_t.pdf
       
 (DIR) Post #AwAHbPqtg3G9vM3fnM by markvonwahlde@mastodon.world
       2025-07-15T17:03:24Z
       
       0 likes, 0 repeats
       
       @Suiseiseki @briankrebs How does that work for cryptographic systems?
       
 (DIR) Post #AwAHbQUxH7InvanfEW by Suiseiseki@freesoftwareextremist.com
       2025-07-15T17:48:55.994844Z
       
       0 likes, 0 repeats
       
       @markvonwahlde @briankrebs Usually the manufacturer library implementing it is backdoored, or the NSA pays 10 million to use a backdoored CSPRNG; https://en.wikipedia.org/wiki/Dual_EC?useskin=monobook#Weakness:_a_potential_backdoorWhen it comes to free software cryptographic systems, you&#39;re safe provided the implementation is correct.