July 26, 2025
Do not download the app, use the website idiallo.com
Apps often demand excessive permissions, accessing your contacts, location, and more. Discover why sticking to your browser offers better privacy and control.
Absolutely agreed, there's no need for a dedicated app in many cases.
July 22, 2025
The EU can be shut down with a few keystrokes www.bitecode.dev
On a QWERTY keyboardEurope has excellent infrastructure but lacks sovereignty regarding Operating Systems, SaaS platforms, and Chips.
We dug ourselves into a dark dependency hole with those, and now the US can turn off the light at any time if it feels like it.
It's time to do things ourselves again.
July 20, 2025
Using leaked data to examine vulnerabilities in SMS routing and SS7 signalling medium.com
Every day, millions of two-factor authentication codes travel the globe, securing access to bank accounts, email inboxes, dating profiles and encrypted chats. These SMS messages are designed to keep people’s accounts safe, yet rely on a sprawling, opaque and unregulated industry of intermediaries to reach their devices. A new leak obtained by Lighthouse Reports exposes just how vulnerable that system is.
I learned a lot how SMS messages are delivered and how vulnerable this system is. 2FA should absolutely not use SMS, rather use OTP for example.
June 30, 2025
Reading NFC Passport Chips in Linux – Terence Eden’s Blog shkspr.mobi
The NFC chip in a passport is protected by a password. The password is printed on the inside of the physical passport. As well as needing to be physically close to the passport for NFC to work, you also need to be able to see the password. The password is printed in the "Machine Readable Zone" (MRZ) - which is why some border guards will swipe your passport through a reader before scanning the chip; they need the password and don't want to type it in.
May 21, 2025
O2 VoLTE: locating any customer with a phone call | mastdatabase.co.uk mastdatabase.co.uk
Privacy is dead: For multiple months, any O2 customer has had their location exposed to call initiators without their knowledge.
When looking behind the curtain to see how things actually work, it's often pretty interesting (and concerning).
May 18, 2025
A First Glimpse of the Starlink User Ternimal | DARKNAVY www.darknavy.org
During device initialization, if the system identifies itself as a user terminal, the initialization script automatically writes 41 SSH public keys into /root/.ssh/authorized_keys. Notably, port 22 on the UTA remains open to the local network at all times. Having such a large number of unknown login keys on a user product certainly raises eyebrows.
I wouldn't feel safe when I would have to use Starlink for Internet access.
May 15, 2025
Vulnerability Database euvd.enisa.europa.eu
EU Vulnerability Database (EUVD) - the official EU repository for timely, curated cybersecurity vulnerability intelligence and remediation guidance.
Tags
#ai
#app
#bash
#debian
#devex
#dns
#fun
#geo
#github
#history
#internet
#iot
#kde
#libvirt
#linux
#llm
#location
#microsoft
#musings
#network
#notes
#obsidian
#opendata
#opinion
#people
#performance
#perl
#policy
#privacy
#python
#security
#self-hosting
#shell
#social
#sovereign
#story
#tool
#vm
#vulnerability
#work
#writing
#youtube