by /u/___Nelson___ · 2024-05-06 21:37:00 in /d/OpSec
0 votes · 13 comments
by /u/___Nelson___ · 2024-04-05 22:21:00 in /d/OpSec
0 votes · 6 comments
- /u/___Nelson___ 6th May, 2024 - 21:57 WordPress Complianz – GDPR/CCPA Cookie Consent Plugin <= 6.4.4 is vulnerable to Cross Site Request Forgery (CSRF) See: CVE-2023-33333
by /u/2b-root · 2024-05-06 17:52:00 in /d/hacking
0 votes · 7 comments
- /u/___Nelson___ 6th May, 2024 - 21:54 Sorry to break it to you. If you have a cellular phone, you are being tracked. If you truly do not want to be tracked loose the phone. Did you know Google know when you are walking, sleeping,driving a vehicle, being a passenger in a vehicle, getting in a vehicle, getting out a vehicle, where the phone may be located on your person for example back left pocket. The sensors on modern devices coupled with the data sets and algorithms means they know you more than anyone else. I mean who would you share you full browser history with? Who would you share every photo taken on your phone with? Who would you tell where you are 24hours a day? Who would you give access to the camera and the audio of your device every second of the day? Belive it or not Google knows you better than your spouse, your parents and your best friend. 🤬
by /u/wompywomp · 2024-05-06 19:54:00 in /d/hacking
0 votes · 17 comments
- /u/___Nelson___ 📢 6th May, 2024 - 23:10 In terms of what? Hard disks encrypted with vms that are also encrypted in a unknown place with automatic shutdown on tamper and remote notifications of motion plus I also have 24hr remote video feed of the surrounding area as I installed the security at this location for a client. My thinking is that if the servers ip is compromised the location wouldn't be. And when LE go snooping u can see onbthe cctv. If they by chance find the server which will be literally 0.5% chance it will be shut down and encrypted before they access the hardware. I would also have a remote kill switch. Something like a esp32 that kills power over a network command If I only need to visit once a month then my thinking is if LE have tried locating the server I will know and not return. Shut down the power and by this time have redundancy in place. I'm now always scouting out options for alternative locations just for that.
by /u/___Nelson___ · 2024-05-06 21:37:00 in /d/OpSec
0 votes · 13 comments
- /u/___Nelson___ 📢 7th May, 2024 - 00:16 My greatest concern with a VPS is keeping the physical database secure. Too many servers have been compromised by LE and its the database that is the golden treasure. Although LE gaining access to the database would not affect my opsec on its own, it could be extremely bad for users who haven't used PGP or used weak passwords. I want to have an option that is more long term in security, and anonymity, I want an alternative that may just switch up how hidden services are hosted. I'm a great out of the box thinker. But for my peace of mind i dont think putting everything on separate VPS's across separate hosting providers and just hoping that, if the host is compromised the database VPS can be shut down, is an option for me. I want something that can be another selling point to the market.
by /u/___Nelson___ · 2024-05-06 21:37:00 in /d/OpSec
0 votes · 13 comments
- /u/___Nelson___ 📢 6th May, 2024 - 23:38 Indeed I plan to. It may not be the best or last idea I've had. I'm all open to suggestions. I've laid out a reasonable argument for an alternative to VPS / self hosting. If I've failed somewhere in researching this option at least advise me what points In my logic I have overlooked or misunderstood
by /u/___Nelson___ · 2024-05-06 21:37:00 in /d/OpSec
0 votes · 13 comments