faebudo

joined 2 years ago
sorted by: new top controversial old
BYU study: Why some people choose not to use artificial intelligence in c/hackernews@lemmy.bestiver.se
[–] faebudo@infosec.pub 2 points 1 week ago

Unfortunately many people don't like to think themselves (not that AI would do it).

Is there a way to avoid those holes? in c/3dprinting@lemmy.world
[–] faebudo@infosec.pub 3 points 1 month ago

You can set the minimum extrusion width to a small value (20-25%) for better fill. You could also use classic mode with gap fill. You can use ironing for both to improve the results.

Is there a way to avoid those holes? in c/3dprinting@lemmy.world
[–] faebudo@infosec.pub 8 points 1 month ago (3 children)

Does your slicer have Arachne slicing mode? It will use variable extrusion width which will help to prevent most of those gaps.

Did you know that if a spammer uses your email address as the FROM: address, which is easy to do, all the bounce messages will go to your email address? If the spammer really hates you, they will send in c/cybersecurity@fedia.io
[–] faebudo@infosec.pub 1 points 2 months ago

Ah yes. But you can just reject NDR messages with "550 5.7.509: Access denied, sending domain example.net does not pass DMARC verification and has a DMARC policy of reject" now.

Did you know that if a spammer uses your email address as the FROM: address, which is easy to do, all the bounce messages will go to your email address? If the spammer really hates you, they will send in c/cybersecurity@fedia.io
[–] faebudo@infosec.pub 1 points 2 months ago (3 children)

Yes, however RFC7208 says not to send NDR when sender authentication fails (=when SPF/DMARC is correctly set up it will fail) So you will get massively less backscatter. There will still be some providers sending NDRs however not the big ones, they will instead inform you via DMARC reporting which is easier to ignore.

Generating non-delivery notifications to forged identities that have
   failed the authorization check often constitutes backscatter, i.e.,
   nuisance rejection notices that are not actionable.  Operators are
   strongly advised to avoid such practices
Did you know that if a spammer uses your email address as the FROM: address, which is easy to do, all the bounce messages will go to your email address? If the spammer really hates you, they will send in c/cybersecurity@fedia.io
[–] faebudo@infosec.pub 5 points 2 months ago (5 children)

You want DMARC to protect the header From. This will protect you from backscatter due to out of office replies etc. Bounces go to the envelope from and are due to rejected mails.

TL;DR Implement SPF to not get bounces and implement DMARC to not get backscatter.

IBM orders US sales to locate near customers, RTO for cloud staff, DEI purge in c/hackernews@lemmy.bestiver.se
[–] faebudo@infosec.pub 3 points 2 months ago* (last edited 2 months ago)

This is great. I already have seen this with some bigger companies that are work from home. Vendors go to their office and use the meeting rooms so they can talk to the employees which work from home.

So now to have IBM as your supplier will cost you more than the competition because you have to provide office space (which you eliminated for your own employees) to them.

I always like it when big companies put stones in their own way with their bad policies.

Philip K. Dick: Stanisław Lem Is a Communist Committee in c/hackernews@lemmy.bestiver.se
[–] faebudo@infosec.pub 2 points 2 months ago (2 children)

Probably because it has almost nothing to do with hacking.

Scammers set up domains with instructions to ignore email security failures on their emails via a DMARC record and Google et al. deliver their obvious dangerous spam to you. I thought, "how stupid" to in c/cybersecurity@fedia.io
[–] faebudo@infosec.pub 1 points 2 months ago

Yes, when setting up their own domain they can as well set the dmarc policy to reject and add valid spf and dkim records. They also do this sometimes.

Hyundai to buy 'thousands' of Boston Dynamics robots in c/hackernews@lemmy.bestiver.se
[–] faebudo@infosec.pub 1 points 3 months ago

Why? The US will soon pay you if you take anything from them if they continue like this.

Questions about Argon2id and authentication handling overall in c/cybersecurity@sh.itjust.works
[–] faebudo@infosec.pub 2 points 3 months ago

Use the recommemded parameters: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-argon2-04#page-11

Also consider WebauthN/Passkeys. They are much less ressource intensive on the server but useless to an attacker when the database is leaked and as such don't rely on slowing down the crypto operations.

Tesla sues EU over tariffs on electric vehicles from China in c/europe@feddit.org
[–] faebudo@infosec.pub 53 points 5 months ago (8 children)

"The company currently exports Model 3 vehicles from Shanghai to the EU, while it produces the Model Y in Berlin."

It's right there in the article if anyone would care to read it.

view more: next ›