President Trump’s former national security adviser John Bolton alleges in his forthcoming book that the president explicitly told him "he wanted to continue freezing $391 million in security assistance to Ukraine until officials there helped with investigations into Democrats including the Bidens," the New York Times first reported.
The revelations present a dramatic 11th hour turn in Trump’s Senate impeachment trial. They directly contradict Trump’s claim that he never tied the hold-up of Ukrainian aid to his demands for investigations into his political opponent Joe Biden.
##Submissions that may interest you
|Democrats demand Bolton testimony after report his book says Trump tied Ukraine aid to Biden probe||nbcnews.com|
[... keep reading on reddit ➡
Edit: Thank you all, guys!!
My coworker, and absolute hero, maliciously complied at security on one of our subcontractor jobs. The customer was a manufacturer for high end electronic components. Security was tight as a small 4" x 6" box could contain $250,000 worth of microchips. Our team was installing equipment in their facility for one week. A security checkpoint had to be passed every trip in or out of the building.
Mr. Security guard, Chad maybe, decided my coworker, Steve probably, was more suspicious than the other 4 techs. So every trip in or out, not only was Steve made to dump his entire contents of his backpack out on the table and go through it, Chad required Steve to show him the last 5 pictures taken on his phone "to prove he wasn't stealing secrets."
This is all fine, except Chad let's everyone else through without any sort of inspection. Steve is trying to stay positive, but obviously this is eating away at him. Steve tries to be overly positive and also a bit snarky with comments like "t... keep reading on reddit ➡
Hey all, I’m relatively new to the online/digital security game. I use to be the guy that had 2 basic passwords shared across multiple sites all with a gmail username. SACRILEGE, I KNOW. I’m pleased to report I’ve considerably upped my game in the last few months, and was hoping the community could give me some pointers on what I’m doing right or could be doing better. This is all with the assumption that I’m willing to reasonably sacrifice convenience for security. But I’m not interested in becoming JJ Luna; there is a point where it is too much and you now have a part time job in order to be 99% invisible, that’s not what I’m going for. I’m 80% concerned with security 20% privacy. Bottom line, I just don’t want to be SIM-swapped or have my identity stolen (even though I have full restoration insurance). I’ll be as brief as possible.
I have strong, long, randomly generated passwords from a password manager, or 3-5 word pass phrases separated with numbers for all accounts. I keep seei... keep reading on reddit ➡
Story is that company I contacting for has a infrastructure component and we found a pretty serious bug with the way OAuth works, which in certain situtations could very serious. We built a way to work around this issue but it created quite a lot of extra work. It was promised to be fixed in later release and we have just found out while upgrading to latest version this issue is still not fixed over a year later.
This product is used by larger companies around the world and even banks and I'm pretty sure many has not identified this issue and not been informed by the vendor.
Should I make this information public as the vendor seem to ignore the issue? If yes, where could I do this in a controlled manner?
So I rent a flat in London and started to notice my stuff was moving around my locked room. I thought I’d get a cheap webcam (didn’t want to invest in something I wasn’t 100% sure of) and connected it to my laptop to run while I was at work. Not to my surprise, my nosey landlord used the spare key to get into my room when I was at work, she went through all of my opened letters, underwear draw, wardrobe, and even took my hoodie (what an asshole). I went to the police station and, long story short, technically I’m a lodger so I had no right to keep her out. They said it would be better if I left, so i did. It took me a week to find a new place, it’s more expensive but worth it for the privacy...but you never know!
While I looked for a new place I got 2 books that were actually book safes and kept my private letters and other stuff in them.
More info here https://safenetwork.tech/roadmap/
For those that have been following Maidsafe and their SAFE Network build, these are very exciting times!
I was activating 2FA on one of my online accounts and the usual happens, a QR code appears and you go into your 2FA app and scan it (I use Authy). It occurred to me if someone had access to my computer or was behind my screen couldn't someone snag my QR code?
With authy you can turn off multiple devices but what if someone was using a different app and we both scanned the QR code? Are QR codes only good for one device, or can they be used on multiple on different apps? I don't know if I am making any sense but yeah.
It just seemed inherently safe in itself that a large QR code is sitting out in the open on my PC, and if someone had access to my PC could whip our their phone and just scan it real fast, or if someone was behind me in real life they could do similar.
Now I am paranoid if my PC was to be compromised we are both using the same QR code on different apps and an attacker could use it somehow.
For a computer security course, but also out of personal interest, I created a website with a few password security questions. It would be great if you could take a minute to answer them.
My organization follows NIST's guidelines for their best practice security settings. We mostly comply with their recommended settings, however, we deviate from several of their recommended settings. We have to do this because of our environment. My question is, can we still say we follow best practice? Or is this a black and white type thing?
Greetings everyone, first time poster here.
First of all, I've read the rules and I'm still not sure if my topic is valid. If not, please give me directions or another subreddit where I can find help.
Back in my college days I was very interested in DevOps security and security in general. Both my bachelor thesis and my masters thesis were security topics, but somehow I ended up in development.
Anyhow, I live in a small town and people here (let's be honest, also people in general) are not familiar with security, digital signatures, encrypting emails and so on. Because of that, I am planning to make a presentation in the town library about how to make yourself more secure and private on the internet.
In the intro of my presentation, I want to make 2 or 3 showcases of about how easy is to do something malicious, like send an spoofed email with a fake sender or see your password in wireshark if not using HTTPS; the idea is to make people aware that you don't have to be some kind of... keep reading on reddit ➡
A few years back I bought a marine VHF radio for recreational boating use, and requested an MMSI number through one of the private providers, as directed by FCC - it's the last one, usps.org (not related to postal service). Site required some basic personal info like name/address, and I used unique email address and password. Since my MMSI number is tied to that site I kind of have to keep using that site.
This year I started receiving extortion scam emails to that address, which included my password in plain text (to prove that they "hacked" me). You know, those email that ask you to send bitcoins to avoid a recording of you being shared with friends. Due to using a unique email and password, I'm 100% certain that the data was leaked from usps.org.
On the website I could see two issues right away (no usage of https, and displaying plain text passwords when you're logged in). This leads me to believe they don't take security seriously at al... keep reading on reddit ➡
I recently saw this this post from humans of New York and this qoute stood out to me >So apparently you have to be dead poor or incredibly rich to find an apartment
It seems this carries across alot of things in the us like qualifying for Medicare etc - people poor but not poor enough fall through the gaps and are hit hard. What do you think?