Yeah2206

joined 2 years ago
sorted by: new top controversial old
2FA Auth not showing? in c/infosecpub@infosec.pub
[–] Yeah2206@infosec.pub 1 points 2 years ago* (last edited 2 years ago) (1 children)

Supposedly, if you click on the 2FA link on a mobile, it will launch your 2FA app to capture the info. But if that doesn't happen, you can right click on the button, and copy the secret to create a record in your 2FA app manually. The app has to support SHA-256, so I think pretty much Authy, Microsoft Authenticator, Google authenticator, etc. are out. Supporting apps include 2FAS and Aegis.

If this can't be done, you should click Remove 2FA and save. Otherwise, you might loose your account. On some instances and on Firefox, you may want to do this with all the extensions disabled. Some extension seems to somehow get you logged out clicking refresh.

Silver lining: Lemmy.World hacked so I found an instance I like more! in c/lemmy@lemmy.ml
[–] Yeah2206@infosec.pub 6 points 2 years ago

XSS vulnerbility hack. From a mod:

https://lemmy.blahaj.zone/post/766402

Cockie in c/lemmyshitpost@lemmy.world
[–] Yeah2206@infosec.pub 3 points 2 years ago

Topped with lots of cream?

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 0 points 2 years ago

Thank you. That's a very nice summary.

Oldest Human Coprolite in c/damnthatsinteresting@lemmy.ml
[–] Yeah2206@infosec.pub 3 points 2 years ago (1 children)

When it's auctioned, it would become the most valuable small pile of s... in the world.

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 3 points 2 years ago (3 children)

Thx for replying. Would you expand on the idea why VPN wouldn't help with increasing the person's privacy?

BTW, I have tried logging in using Tor. It pretty much works normally but slightly more slowly. Of course, Tor throws more fits depending on how the connection is created, so you are right, I personally would hate having to use it regularly.

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 1 points 2 years ago (1 children)

Thx for the reply. For the sake of discussions here, if someone think they can increase the privacy by always using Tor to access all the fediverse accounts, and let's just assume they don't ever miss (for me, this probably is unlikely). How do you think this increases linkability to their ... ?

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 0 points 2 years ago

Thanks for the reply. Yeah, I think this makes sense when you trust your VPN provider more than your ISP/government.

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 1 points 2 years ago (1 children)

Thx for the reply. I probably wouldn't want discuss anything indicating illegal activities or political activism on the Fediverse. I think Reddit was just demanded to turn over some (subset?) of discussions about copyright piracy. They might get away without the subpoena altogether on the fediverse arguing the data is already public.

Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? in c/asklemmy@lemmy.ml
[–] Yeah2206@infosec.pub 0 points 2 years ago (3 children)

Also, isn't onion service pretty much used to hide the server's IP, but doesn't do much about hiding anything for the end users?

35
Probably should assume everything will be leaked, anyone using Tor/VPN for Fediverse apps? (infosec.pub)
 

Hello,

Since your Lemmy posts, comments, related activities, and your basic profile information will be stored in the databases across the fediverse, possibly never to be deleted (or kept by somebody who can), do you:

  1. Always use Tor/VPN with a fediverse app?
  2. Recommend others do the same?

If you feel that it is unnecessary, why do you feel that way? If you think it is necessary, why so?

Thanks. I am trying to get a feel of what I should do. For example, if my instance loses its data (due to a hack, sale, vulnerability, etc.), I am pretty sure all the information is lost (including my IP addresses). If other instances lose their data, or keep the data for their own purposes, then my posts/comments/related activities are lost (maybe excluding some of my profile information, my settings, and my IP addresses).

I look forward to hearing your thoughts.

Only this one room in particular has a no smoking sign. in c/mildlyinteresting@lemmy.world
[–] Yeah2206@infosec.pub 1 points 2 years ago

Maybe if the expected phenomena don't take place, then some weeds may help.

Clever crows... in c/dadjokes@lemmy.world
[–] Yeah2206@infosec.pub 10 points 2 years ago* (last edited 2 years ago)

Damn it, I thought it was a real story ending suspiciously. The community name is definitely not the first thing you see here. Thanks, dad.

4
What do people do to keep track of posts/comments (infosec.pub)
submitted 2 years ago* (last edited 2 years ago) by Yeah2206@infosec.pub to c/lemmy_support@lemmy.ml
2 comments fedilink
 

I have questions about the native web interface.

What do you do to keep track of posts you have seen? i.e. You like the post, would like to see more discussions, how to keep track of them? On Reddit, you can click the Bell button and be notified/emailed about the follow-ups. On Lemmy, I've been hitting the save button to go back and look.

What do you do to keep track of comments? On Reddit, you can "Follow" the comment and be notified/emailed about the responses. On Lemmy, ~~I can't keep track of them, except via the Save button for the entire post above~~ there is a save button on each comment as well..

Thanks!

edited: there is save button on each comment.

Partial solution: use Save button for Post or Comment, and sort the comments by whichever way to let you see new/interesting comments.

view more: next ›