shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

271
active users

#credentials

0 posts0 participants0 posts today

If you use #Gmail, you need to know about this #phishing attack, as described by Malwarebytes Labs: "Cybercriminals are abusing Google’s infrastructure, creating emails that appear to come from Google ... to persuade people into handing over their Google #account #credentials." tinyurl.com/47y6pvus

Malwarebytes · All Gmail users at risk from clever replay attackAll Google accounts could end up compromised by a clever replay attack on Gmail users abusing Google infrastructure.

There are lots of #plugins/services that allow you to sync your #browser saved website #credentials across multiple devices; even #sync between ecosystems (chrome/google account <--> Microsoft acc).

But - leaving aside "password sharing is Baaaad" and "probably violates a TOS somewhere" issues - does anyone know of a plugin/service that allows you to share a saved login with a trusted other?

e.g. share an newspaper #subscription account with a partner _without_ a shared google account.

Anyone know someone at #JetBrains to report a #PyCharm #issue to?

Basically it's a #softlocking that happens on the #snap version of #PyCharmCommunity / #PyCharmCE that makes it somehow half-forget #credentials like #GitHub, #Gitlab, #Codeberg, #BitBucket, #Gitea, #git etc. and not allowing to just delete & re-add them as the settings saving just becomes unresponsive.

  • Mind you this isn't with like dozens of accounts - just one on each platform - and it's not easily fixable (or at least not in a good way by manually yeeting the #XML files for said logins from $HOME/.config/PyCharmCE****/... and randomly coming back after a few days or weeks.

Whether this also conflicts with #SettingsSync which should only sync #configs, not #credentials (and AFAICT doesn't!) is also a question I can't confidently answer.

  • Needless to say it's really annoying, espechally at work and is the main reason I've not considered paying for JetBrains' products as of now!

#ElonMusk staff Have #Infiltrated Another #Government Agency - Elon Musk’s former employees are trying to use [are using] #WhiteHouse #credentials to access General Services Administration #GSA tech, giving them the potential to remote into #laptops, read #emails, and more, sources say. mass #cybercrime attack against the federal government #infosec this #cybersecurity breach by non government agents is a crime. the damage will be irreparable. wired.com/story/elon-musk-lack fed staff locked out of work

WIRED · Elon Musk’s Friends Have Infiltrated the General Services AdministrationBy Makena Kelly
Replied in thread

@ploum instead of @signalapp which also falls under #CloudAct and is also a #Proprietary, #SingleVendor & #SingleProvider solution, consider #XMPP+#OMEMO for real #E2EE with #SelfCustody of all the keys!

#email#chat#ads

With all the fake content and identities around, this is a very ineresting paper:
"Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to distinguish who is real online". It seems like the same what the EU is building with digital identity/wallet. Although i am not sure the details of implementation are as privacy preserving as this proposal ? 🤔
arxiv.org/pdf/2408.07892
#AI #fake #digitalidentity #credentials #ZKP #privacy #AI