Xeno Danger Evil @XenoDangerEvil@dpw.social

Your call is unimportant to us. We get tons of calls, basically all the time

X’s new terms steer lawsuits to Texas court where judge owns Tesla stock

X terms specify Northern District, where Judge Reed O'Connor is a Tesla investor.

https://arstechnica.com/tech-policy/2024/10/xs-new-terms-steer-lawsuits-to-texas-court-where-judge-owns-tesla-stock/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

The world’s largest #InternetArchive is under siege — & fighting back

There are few organizations dedicated to the gargantuan task of preserving the vast, ever-shifting record of human activity that is the #internet. The largest such record belongs to a #nonprofit based in an old church in San Francisco that operates on a smaller annual budget than the DC Public Library.

It is currently under siege.

#tech
https://www.washingtonpost.com/nation/2024/10/18/internet-archive-hack-wayback/

Robert Stern: "If you are turned away at the polls because your name is not on the register, don't walk away. Say this: "I REQUEST A PROVISIONAL BALLOT AS REQUIRED BY LAW." Don't let them steal your vote." copy: @KamalaHarrisWin #politics #voting #votingrights

I would encourage every Fediverse software project to implement a “dead-man switch" on registrations: if nobody with moderator permissions has been active in the last week, then disable new account creation.

The Fediverse has a significant number of abandoned instances that are used by bad actors to create accounts and send spam.

We implemented this in Mastodon (https://github.com/mastodon/mastodon/pull/29318) and it has been highly effective.

Today, my Administration approved student debt cancellation for over 60,000 public service workers – that means 1 million folks have now had their debt cancelled thanks to Public Service Loan Forgiveness on my watch.

I will never stop working to make higher education affordable.

I just live hacked Arlene Dickinson
(Dragons' Den star - Canada's Shark Tank) by using her breached passwords, social media posts, an AI voice clone, & *just 1 picture* for a deepfake live video call. Thank you Elevate Conference and Mastercard for asking me to demo these attacks live!

https://www.youtube.com/watch?v=ysu7vEkZdN0

What are the takeaways from this Live Hack video with Arlene?

1. Stop reusing passwords - when you reuse your password and it shows up in a data breach, I can then use that password against you everywhere it's reused online and simply log in as you stealing money, access, data, etc.

2. Turn on multi-factor authentication (MFA) - turning on this second step when you log in makes it more obnoxious for me to takeover your accounts. I then have to try and steal your MFA codes from you (or if you use a FIDO MFA solution like a Yubikey etc, I'm likely just plain out of luck and have to move on to another target)!

3. Recognize that AI has made attacks more believable and scalable - will every or even most hacks involve AI? Nope! Most attacks are simple and leverage your breached passwords to log in as you or they attack via phishing over email, text, call, etc.
That being said, it's important to realize that some attackers will attempt to leverage AI, especially if you have an high threat model. Arlene is a star with millions of followers around the world, because of this she has to be extra politely paranoid about those that reach out with sensitive requests!
If someone with a high threat model (in the public eye, job is to wire money, lots of followers on social media, activist/being targeted, etc) receives a call and they're requesting sensitive info or a wire transfer, recognize that the attacker could believably use a voice clone in that call and could even build a believable deepfake for a live video call.
This is not how all attacks work but it's especially important for those with elevated threat models to recognize that AI can be leveraged in attacks to up the believability with voice clones, deepfake video, etc.

What do I mean "be politely paranoid" in this video?
I recommend verifying that people are who they say they are before taking sensitive actions.
- If you have a high threat model and someone calls you and asks for a wire transfer, use another method of communication to confirm it's them before taking action. Chat them, signal message, email, call them back to thwart spoofing using the number you have on file. This catches me 9 times out of 10 when I'm hacking! This is relevant for your work, when you're buying a house, pretty much anytime you need to send money!
- If you receive an email from a board member asking for a copy of a sensitive document, verify that board member is who they say they are with another method of communication before sending over a document with sensitive work details listed on it.

Stay politely paranoid, folks!

Updates from @brewsterkahle about the DDOS attacks on Internet Archive:

I'm pretty sure Mastodon is the first social network I've been on that didn't immediately ask me to betray all of the people in my address book.

"The lady at the charity shop today told me she wishes ppl wd clear out their kids' old toys in the lead up to Xmas rather than after because she always sees parents in the days before Xmas looking for toys for their little ones who might be strapped for cash. She said there's rarely anything in before, but they get many toys after.
If you know your child is going to get lots of presents for Xmas this year, by clearing out early you could make another child's Xmas a lot more special."

new sweatshirt, “rage against the machine learning”

You are conclusion shopping.

You'd think after Firefly getting axed halfway through it's first season over twenty years ago, that we'd get better at dealing with good amazing stories being cut off in their prime for non-sensical reasons. Or because some pissant misogynists can't neither handle reality nor fantasy.
But nope.
Pisses me off every time.

I bet they say that to all their clients…

#MissedConnections #cybertruck #etiquette #gesture

My original plan did begin with "fuck around", but the second part was supposed to be "have fun".

And then we stirred up shit on the internet, as was the style at the time.