GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)'s status on Thursday, 02-Jan-2025 11:14:12 JST Lesley Carhart :unverified: Lesley Carhart :unverified:

    I am a human least likely to be impacted by pornography legislation, and the new US porn ID checks are stupid, ineffective, and dangerous to cyber security and privacy. A big database of ID info is always a target, and socially engineering people to install malicious evasive tools is way too easy.

    In conversation about 4 months ago from infosec.exchange permalink
    • Alexandre Oliva (moving to @lxo@snac.lx.oliva.nom.br) likes this.
    • Rich Felker repeated this.
    • Embed this notice
      Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)'s status on Thursday, 02-Jan-2025 13:06:41 JST Lesley Carhart :unverified: Lesley Carhart :unverified:
      in reply to

      Anyone who’s worked in a SOC can tell you how many people use their work computers for porn while traveling to those states…

      In conversation about 4 months ago permalink
      Rich Felker repeated this.
    • Embed this notice
      Mike Enos (mike_enos@mastodon.online)'s status on Thursday, 02-Jan-2025 13:06:51 JST Mike Enos Mike Enos
      in reply to

      @hacks4pancakes I remember being shocked how many military people used .mil email for Ashley Madison.

      In conversation about 4 months ago permalink
      Rich Felker repeated this.
    • Embed this notice
      cR0w :cascadia: (cr0w@infosec.exchange)'s status on Thursday, 02-Jan-2025 13:06:53 JST cR0w :cascadia: cR0w :cascadia:
      in reply to
      • Mike Enos

      @Mike_Enos @hacks4pancakes Ashley Madison was my final "Well, I guess literally no one gives a fuck" moment. It's when I shifted from caring about the immediately impacted individuals to the downstream impacts only.

      In conversation about 4 months ago permalink
    • Embed this notice
      LeighC2 (leighc2@mastodon.social)'s status on Thursday, 02-Jan-2025 13:11:38 JST LeighC2 LeighC2
      in reply to

      @hacks4pancakes you never really know someone until you’ve read their browser history. Then be prepared to never look at them the same way again.

      In conversation about 4 months ago permalink
      Rich Felker repeated this.
    • Embed this notice
      Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)'s status on Thursday, 02-Jan-2025 13:11:38 JST Lesley Carhart :unverified: Lesley Carhart :unverified:
      in reply to
      • LeighC2

      @leighc2 I think that's even more, "you don't know the state of humanity, until you see a lot of browser histories..."

      In conversation about 4 months ago permalink
    • Embed this notice
      j_angliss (j_angliss@fosstodon.org)'s status on Thursday, 02-Jan-2025 13:12:48 JST j_angliss j_angliss
      in reply to

      @hacks4pancakes I think what a lot of folks miss from the news is that pornhub hasn't been banned from various states, but those states have mandated age verification. Pornhub has decided that the execution of such to meet policies is dumb and insecure, so it essentially blocks people from those states so it doesn't have to follow those badly implemented rules.

      They [hub] have stood for privacy and security in how the verifications work, which is good. More news websites need make this clear.

      In conversation about 4 months ago permalink
    • Embed this notice
      jay_chi (jay_chi@mastodon.social)'s status on Thursday, 02-Jan-2025 13:13:28 JST jay_chi jay_chi
      in reply to

      @hacks4pancakes can you please tell my employer "a big database of id info is always a target"?

      (as they outsource every HR function to dinky 30-employee PE-owned companies with techs in China)

      In conversation about 4 months ago permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Jan-2025 13:15:22 JST Rich Felker Rich Felker
      in reply to
      • Greg Bell

      @hacks4pancakes @ferrix Too many people think "lol that'd be embarrassing for those dumb fucks" and not enough think "extremely elevated success rate honey traps" against ppl in power leading to us all getting fucked over.

      In conversation about 4 months ago permalink
      Alexandre Oliva (moving to @lxo@snac.lx.oliva.nom.br) likes this.
    • Embed this notice
      Greg Bell (ferrix@mastodon.online)'s status on Thursday, 02-Jan-2025 13:15:23 JST Greg Bell Greg Bell
      in reply to

      @hacks4pancakes could they just publish the database to all hackers immediately, buy everyone 3 years of placebo credit monitoring and save us the trouble of waiting?

      In conversation about 4 months ago permalink
    • Embed this notice
      Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)'s status on Thursday, 02-Jan-2025 13:15:23 JST Lesley Carhart :unverified: Lesley Carhart :unverified:
      in reply to
      • Greg Bell

      @ferrix I want the list of pormhub ids attached to viewing habits please

      In conversation about 4 months ago permalink
    • Embed this notice
      Eleanor Saitta (dymaxion@infosec.exchange)'s status on Friday, 03-Jan-2025 18:51:59 JST Eleanor Saitta Eleanor Saitta
      in reply to

      @hacks4pancakes So, the way I'd guess they would like this to play out:

      1. Successful state porn ID requirements are a model for a federal requirement passed later this month.

      2. The federal requirement is a global requirement on US companies, meaning that if you want to host porn, you can't have a US company in the stack.

      3. The definition of porn is expanded to include all material that discussed queer and trans people, probably in stages, as well as abortion, contraception, and general reproductive health, at a minimum.

      4. It's made clear that the same standard must be met for personal and non-commercial sites, including offline and paper storage, providing an easy avenue for targeted prosecution, especially of queer folks with kids.

      5. A requirement is added that all logs must be forwarded to the government for compliance checks, which then provides reasonable for device searches during any other routine interactions with authority, like traffic stops and border crossings.

      6. The definition of obscenity (which is what this is — bringing back Comstock is a stated goal) is expanded to include seditious materials, aka left-of-center political material, "critical theory", "DEI", etc., again with the onus placed on companies to positively prove they are not hosting it illegally — again, globally, regardless if the content is legal in the country the company operates in.

      It's another looming disaster even if the database is never breached and malware groups never take advantage of it (which they will, obviously).

      In conversation about 4 months ago permalink

      Attachments


      Alexandre Oliva (moving to @lxo@snac.lx.oliva.nom.br) likes this.
      Rich Felker repeated this.
    • Embed this notice
      Eleanor Saitta (dymaxion@infosec.exchange)'s status on Friday, 03-Jan-2025 19:12:57 JST Eleanor Saitta Eleanor Saitta
      in reply to

      Oh, and obvs this is just fallout from this set of laws. There will be other pushes, too — one I'm particularly worried about, once a standard for obscenity is set, is the destruction of paper archives of queer and trans history (many of which are not digitized), and attacks on US-held digital archives. They mean to erase queer and trans culture by whatever means are necessary, and erasing history is a critical component of that. This has happened before, and it must not happen again.

      In conversation about 4 months ago permalink
      Alexandre Oliva (moving to @lxo@snac.lx.oliva.nom.br) likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.