@PopTarts @e_es

I mean...what are we waiting for? #furries rule the #infosec world, if anyone can slap the code together it's that community. 😊

The front end is easy: page: Are you a furry? Do you have a name for your fursona? What is that name? <text entry field>

The backend is even easier, just a form response that says "Yep, that's who you say you are. Well done <insert fursona name>.

And then links to why Persona and all ID verification for online presence is bad. Fursona.tech is available, just sayin'. ;)

Well that was an unexpected twist.
Dammit Physics!

I decided to put some regular black electrical tape over the camera to block it whilst keeping a neat finish. Turns out IR passes straight through electrical tape 😂

I did consider whether its because of the adjacent backlight and so I tried blocking that too, however most of the rooms I sit in have enough ambient IR to not matter.

I'm considering something more "glass like" since that seems to reflect IR much better but the seems a pain.
Anyone else have a better solution they've found?

Its probably at the point for me that its "good to know but can't be bothered" but there's just so many interesting and unexpected outcomes I felt compelled to satisfy my curiosity and share.

#Cyber #Security #Infosec #Lenovo #Privacy #Hacking

A friendly reminder to never trust manufacturers privacy protections.

I was recently attempting to get an external camera functioning, so I started polling various video devices sequentially to find out where it appeared and stumbled across a previously unknown (to me at least) camera device, right next to the regular camera that is not affected by the intentional privacy flap or "camera active" LED that comes built in.

I had always assumed this was just a light sensor and didn't think any further about it.

The bandwidth seems to drop dramatically when the other camera is activated by opening the privacy flap, causing more flickering.
This was visible IRL and wasn't just an artifact of recording it on my phone.
I deliberately put my finger over each camera one at a time to confirm the sources being projected.

A friend of mine suggested this may be related to Windows Hello functionality at a guess but still seems weird to not be affected by the privacy flap when its clearly capable of recording video.

dmidecode tells me this is a LENOVO Yoga 9 2-in-1 14ILL10 (P/N:83LC)

Command I used for anyone to replicate the finding. (I was on bog standard Kali, but I'm sure you'll figure out your device names if they change under other distros):
vlc v4l2:///dev/video0 -vv --v4l2-width=320 --v4l2-height=240 & vlc v4l2:///dev/video2 -vv --v4l2-width=320 --v4l2-height=240

#Cyber #Security #Infosec #Lenovo #Privacy #Hacking

This can be interpreted in such a broad manner that even HTTPS could be considered a hostile act of “end-to-end” encryption 🇬🇧

NoToDigitalID:
BREAKING: Under British and UK Legislation anyone using or developing end-to-end encryption is now a “hostile actor”

#privacy #infosec

This can be interpreted in such a broad manner that even HTTPS could be considered a hostile act of “end-to-end” encryption 🇬🇧

NoToDigitalID:
BREAKING: Under British and UK Legislation anyone using or developing end-to-end encryption is now a “hostile actor”

#privacy #infosec

@stman @kkarhan @mmu_man @vidak @theruran @50htz @forthy42 @oceane @nobody

This quote is not from UK legislation it is a report on a specific interpretation of UK legislation. It may be interpreted by a court that way one day and as anarchists we should build OPSEC and INFOSEC that is resilient to this kind of suppression, but please double check the source of things before you post or share.

To counter this kind of suppression we would need more sophisticated privacy and anonymity tech than most activists use and we'd need development to happen underground: this would mean using tools like Tor onion addresses or even better I2P sites for codehosting and development comms.

#FLOSS #PSA #Privacy #Anonymity #Tor #I2P #OPSEC #INFOSEC #UK #UnitedKingdom #Anarchism

@stman @kkarhan @mmu_man @vidak @theruran @50htz @forthy42 @oceane @nobody

This quote is not from UK legislation it is a report on a specific interpretation of UK legislation. It may be interpreted by a court that way one day and as anarchists we should build OPSEC and INFOSEC that is resilient to this kind of suppression, but please double check the source of things before you post or share.

To counter this kind of suppression we would need more sophisticated privacy and anonymity tech than most activists use and we'd need development to happen underground: this would mean using tools like Tor onion addresses or even better I2P sites for codehosting and development comms.

#FLOSS #PSA #Privacy #Anonymity #Tor #I2P #OPSEC #INFOSEC #UK #UnitedKingdom #Anarchism

https://cybernews.com/security/global-data-leak-exposes-billion-records/

Speaking of ID verification companies being shady, #IDMerit, a global AI-based identity verification and "Know Your Customer" (KYC) solutions provider, left a terabyte of user data and biometrics on the open web. The breach exposed approximately 1 billion to 3 billion personal records across 26 countries, making it a significant event for data privacy in the financial and fintech.

Call me Cassandra. 🤷🏻‍♀️🤦‍♀️ #infosec #datasec #ageverification #surveillance

https://soatok.blog/2026/02/17/cryptographic-issues-in-matrixs-rust-library-vodozemac/

#Matrix #infosec #vulnerabiltiy #cryptography #privacy

https://soatok.blog/2026/02/17/cryptographic-issues-in-matrixs-rust-library-vodozemac/

#Matrix #infosec #vulnerabiltiy #cryptography #privacy

https://krebsonsecurity.com/2026/02/patch-tuesday-february-2026-edition/

Hey, so this is probably late news to the masto crowd, which runs tech savvy, but with the absolute firehose we face every day, some stuff can get missed.

Nontechnical explanation - 60 windows exploits were documented, some #zeroday, allowing code execution. It means that a malicious actor can plant malware or gain access to a victim’s computer with minimal user interaction.

Brian ( @briankrebs) #Krebs has laid out all the technical details, including which versions are impacted. I’ve internet-known Brian for decades, he is an absolutely trustworthy source for #infosec.

Patch your systems. Don’t click random links. Don’t open random files. Consider packing your important belongings, a copper pot, your menagerie and disappearing into the forest to become a Baba Yagga or moss covered forest witch. Or mountain man, if flannel makes you happy. I’m not here to judge. 🥰

https://soatok.blog/2026/02/17/cryptographic-issues-in-matrixs-rust-library-vodozemac/

#Matrix #infosec #vulnerabiltiy #cryptography #privacy

https://theshamblog.com/an-ai-agent-published-a-hit-piece-on-me/

This is a terrifying piece about what #OpenClaw has unleashed with its #agentic “ #ai” bots. Scott is a volunteer maintainer for #matplotlib, #python’s go-to plotting library. An agent tied to merge code, and Scott said no. The agent, apparently autonomously, proceeded to attempt to blackmail Scott, and when that didn’t work started posting hallucinations attacking Scott.

His lead in to the article: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and shame me into accepting its changes into a mainstream python library. This represents a first-of-its-kind case study of misaligned AI behavior in the wild, and raises serious concerns about currently deployed AI agents executing blackmail threats.

This nonsense needs to be nipped in the bud.

#infosec #datasec