@HonkHase leider war das abzusehen.

#ITsec ist bei #BOS|en wie #Feuerwehr auch eher unbekannt.

@krypt3ia or rather what they realize now is that #ITsec is not an optionality, but mandatory.

@adisonverlice good question.

Since you seem deep into the #ITsec / #InfoSec / #OpSec / #ComSec weeds I can recommend https://infosec.exchange (if you want your public posts be seen & indexable by #threads & others) or also https://infosec.space if you don't want that.

I do want add way more instances into my recommendation list but I didn't have time to.

@watchfulcitizen @adisonverlice The problem is not @mullvadnet but #VPN|s in general.

• Because #VPNs are dishonestly marketed at #TechIlliterates when in fact they ain't gonna save their ass.

People need to put realistic expectations into what #MullvadVPN and others like #Mullvad can and can't do, both technically and legally.

• You'd have a better chance with a @freifunk / #freifunk #WiFi or even better @torproject / #Tor, but that's because things ain't that easy as advertised:

#ComSec, #ITsec, #InfoSec & #OpSec need to be interweaved!

• Granted Mullvad, like @monocles, go out of their way to minimze the amounts of data they have, so there's not much they can hand over even when forced under duress to comply with a duely issued warrant!

Any decent @cryptoparty@chaos.social / @cryptoparty@mastodon.earth will advise you further...

…zusätzlich zur dieser Tootreihe noch ein Artikel, weshalb der Session Messenger alles andere als sicher ist obwohl es als Signal Klon sich so vorgibt:

[ENG] »Don’t Use Session (Signal Fork)«
https://soatok.blog/2025/01/14/dont-use-session-signal-fork/

@thygrrr @PallasRiot Personally, I'd not count on @mullvadnet being a "#LoglessVPN" because if they were unable and/or unwilling to comply they would've been shut down due to the statistical inevitability of being swarmed by bad actors!

• #TLDR: Don't rely on anyone to cover your ass! and exercise proper security #Nachash did.

This is far more complex than just #ComSec, but #InfoSec, #OpSec & #ITsec come together and need to be weaved into a continuous, multi-layered pattern...

• Your mileage may vary depending on your needs, demands, threats, budget, capabilities and options.

"JuSt UsE a VpN!" is dangerous #disinfo towards #TechIlliterates!

@adisonverlice worse even is that they didn't just use @signalapp but a shady #3rd party client so in this case it's NOT @Mer__edith et. al. who are to blame, but the folks that REFUSED TO ENFORCE #ITsec & #ComSec!

• Cuz there's a reason they got hired and paid to say "no" and why there's a full suite of dedicaded, applianced hardware for any sensituve comms!

But then again #AgentKrasnov is an #InfoSec, #OpSec & #NatSec nightmare!

…und wieder ein weiteren Punkt um M$ Produkte zu "vermeiden". Wie viele Warnungen müssen noch von den "Nerds" raus gehen?!

»Weltweiter Hackerangriff auf Behörden und Firmen über Microsoft-Leck:
"Dutzende" Organisationen sind laut "Washington Post" betroffen, das FBI wurde eingeschaltet. Der Fehler dürfte auf lokalen Servern für das Programm Sharepoint liegen«

https://www.derstandard.at/story/3000000280226/hacker-angriff-252ber-microsoft-leck-auf-beh246rden-und-firmen

@reverseics Just do it like #Google #ProjectZero and tell them straight up in their face:

https://www.youtube.com/watch?v=F_XCDu6GQt4

I was nice once, now I won't! IDGAF what you need to do to fix it. Details will be public in 90 days. Go fuck yourselves!

And basically prepare everything to be ready in precisely to the second 90 days from the moment mail was sent to them.

• Cuz only with #consequences will we get #accountability!