@zak @zenbrowser : a still unfixed vulnerability: if NOT using Touch ID, on some websites you may be able to sign in using a passkey WITHOUT authenticating locally - using biometrics or your passcode (screen unlock code).

‍ This vulnerability also exists WITH Touch ID set up, provided that "Password Autofill" is disabled.

BTW this vulnerability also permits access to:
• https://icloud.com
• https://account.apple.com
(When asked to provide your fingerprint, tap the X at the top right and tap in the "Email" field one more time).

This is a HUGE risk for people who do not want to use biometrics: if a thief grabs their iPhone when unlocked, or watches them enter their passcode and later steals their iPhone, the thief can use ALL of the owner's passwords and some of their passkeys stored in the "Passwords" app (formerly known as iCloud Keychain).

This increases the risks of theft as shown by WSJ's Joanna Stern in https://youtube.com/watch?v=QUYODQB_2wQ.

In addition, a (grand) child or anyone else who (shortly) borrows your iPhone/iPad may have access to more of your cloud-accounts than you're aware of.

Workaround if you don't want to use biometrics to unlock your iPhone/iPad (this does not fix any problem if a thief learns (or successfully guesses) your passcode (screen unlock PIN or password):

• Set up a Touch ID anyway, for example for your left pinky finger (if you're righthanded)

• Disable "iPhone Unlock" in "Touch ID and Passcode" (visible in the first screenshot).

• Use a safer password manager (such as KeePassium) than the Apple "Passwords" app (iCloud KeyChain).

In any case:

• Make sure that "Password Autofill" (in settings -> "Touch ID and Passcode") is set to ENABLED;

• When you enter your passcode in a public place (such as a bar, bus or train), make very sure that nobody gets to see you enter it.

@dutchnewsnl :

I *never* boost toots that contain one or more "shortened URL's" (if a third party is involved). It would be great if erveryone did like me.

A "make internet safer" request: please stop using "URL shorteners".

They are not necessary, they invade the privacy of people who click such links (such services sell "visitor" behaviour"), "visitors" do not know to which website they will be sent AND NEITHER DO YOU (it may work for you today, but there are no guarantees - at all).

More info (in Dutch) in https://www.security.nl/posting/879514/rant+-+onveiliginternetten_nl.

Mastodon.social (like "my" instance) truncates the readable alternative of long URLs in a smart way, as can be seen in a toot from Dan Gillmor
(@dangillmor@mastodon.social) below (tap "Alt" for textual info "behind" the image).

There is NO REASON whatsoever (unless buff.ly pays you, which wil lead to even more Mastodonts hating you) to use *inherently risky* third party URL-shorteners.

As an alternative, you could set up a shortened URL service on your own website, like NOS.nl does. For example:

https://nos.nl/l/2558946

which actually is (readable but not clickable):

https:⧸⧸nos.nl/l/2558946

It opens:

https:⧸⧸nos.nl/liveblog/2558946-vs-en-israel-polsten-oost-afrikaanse-landen-over-gazaplan-trump

(I replaced https:// by https:⧸⧸ in the non-clickable links to prevent Mastodon from shortening those URL's).

@dangillmor@mastodon.social

@DeGroene : hou alsjeblieft op met die stomme URL-verkorters, omleidingen via een club die persoonsgegevens verkoopt. URL-verkorters zijn 100% privacy-onvriendelijk en vormen simpelweg een beveiligings-risico. Jullie zouden beter moeten weten!

Post gewoon de link: https://www.groene.nl/artikel/duitsland-trotseert-aanval-op-democratie

Why the concern about #Drones? As drones become more sophisticated and weapons become smaller, drones could be a potential threat. Or perhaps just used for surveillance. But still...

#Russian #Drones Spotted over #NuclearPlants in #NATO Country

by Theo Burnman
Published Aug 23, 2024

"#Germany is investigating drone flights, suspected to be Russian #surveillance drones, flying over key nuclear infrastructure in the north of the country.

"The drones, which have not yet been identified, have been spotted flying over nuclear power facilities in #Brunsbüttel, a city north of Hamburg near the coast of the North Sea, according to German newspaper Bild.

"The tabloid reported that the Flensburg public prosecutor's office, which opened an investigation into the drone flights, said that they were looking for 'agent activity for sabotage purposes in connection with repeated drone flights.'

"The Schleswig-Holstein state criminal police agency suspects that the drones are Russian Orlan-10s, previously used by Russia for surveillance and espionage, Bild said.

"The airspace over Germany's nuclear infrastructure is a no-fly zone [the US has no laws against drones]. However, internal German police documents have revealed the zone has been breached several times in the last month.

"Newsweek contacted the Flensburg public prosecutor's office and the Russian Ministry of Defense for more information.

"Germany has taken increasing action against sabotage in recent months. On August 14, it temporarily closed off part of a military base in Cologne after an unknown suspect broke in and tampered with the water supply. There is still no indication as to who broke into the base and what their motives were."

https://www.newsweek.com/russia-drones-germany-nato-nuclear-plant-1943384
#RethinkNotRestart #NuclearPlants #NuclearPowerPlants #SecurityRisk

From a month ago...

Drones spotted flying near #NuclearPowerPlants in #SalemCounty

News 12 Staff
•

Dec 15, 2024

"A drone sighting was reported Saturday night near two PSE&G nuclear power plants in Salem County.

"A company spokesperson made a statement in response to the incident. It read in part, 'PSE&G is aware of reports of drones flying over the Salem and #HopeCreek Nuclear Generating Stations. We have contacted the appropriate authorities.'

"The spokesperson also said, 'the safety and security of our employees, customers and communities are our top priority and we will continue to work with authorities.'"

https://longisland.news12.com/drones-spotted-flying-near-nuclear-power-plants-in-salem-county
#HopeCreekNuclearPlant #SalemNuclearPlant #OregonNuclearPlants #RethinkNotRestart #NuclearPlants #NuclearPowerPlants #SecurityRisk #PSGE

#RedWing Police Respond After #NuclearPowerPlant Reports #Drones

Andy Brownell
Published: January 9, 2025

#RedWingMinnesota (KROC-AM News) - "A southeastern Minnesota law enforcement agency is reporting an encounter with mysterious drones.

"A news release issued Thursday afternoon by the Red Wing Police Department indicates Goodhue County Sheriff's Office dispatchers received a report around 6:30 PM Wednesday from the #PrairieIslandNuclearPowerPlant. The report indicated four to five drones had been seen flying around the area of the #XcelEnergy facility.

"The news release says Red Wing Police and officers from the #PrairieIsland #TribalPolice Department responded to the report and observed two drones flying around the power plant and the nearby Lock and #Dam3 on the #MississippiRiver. It states that the officers monitored the drones until they were no longer seen in the area."

https://krocnews.com/red-wing-police-respond-after-nuclear-power-plant-reports-drones/
#RethinkNotRestart #NuclearPlants #NuclearPowerPlants #SecurityRisk

#Drones were spotted over a #NuclearPlant. #JeffLandry wants state authority to take them down.

BY ALYSE PFEIL | Staff writer Jan 10, 2025

"Landry said Friday that drone activity over a nuclear plant in Louisiana occurred within the past several days, though he declined to provide greater detail.

"#Entergy confirmed Friday that drone sightings occurred at the company's #RiverBendStation nuclear power plant in early January.

"'While drones are not a substantial risk nor a threat to safety, we have reported the sightings to the appropriate law enforcement officials,' a statement from Entergy said. 'Our nuclear team, including our security professionals, follow industry safety protocols and best practices to continue keeping our employees, communities and plants safe.”

“The safety and security of our employees, our plants and our communities are our top priority," the statement said.

"On Friday, the West Feliciana Parish Sheriff’s Office said in a news release that parish authorities are 'investigating a rash of unidentified drone sightings reported over the last two weeks.'"

Read more:
https://www.nola.com/news/crime_police/louisiana-nuclear-plant-drones-landry/article_0ce5c37a-cf87-11ef-9985-9703ba481b9e.html
#RethinkNotRestart #NuclearPlants #NuclearPowerPlants #SecurityRisk

Tulsi Gabbard’s Own Ex-Staffers Expose Her as a Russian Stooge
https://newrepublic.com/post/189066/tulsi-gabbard-russian-media-stooge

* Trump2 pick as Dir. National Intelligence regularly consumed Russian propaganda

Gabbard's views on Russia shaped in part by Kremlin propaganda outlet say ex-aides
https://abcnews.go.com/US/gabbards-views-russia-shaped-part-kremlin-propaganda-outlet/story?id=116430097

#TulsiGabbard #DNI #DirNatSec #NatSecDir
#Trump2 #GOP #Project2025 #fascism #authoritarianism #Putinism #FarRight
#disinformation #RussianInterference #NationalSecurity #SecurityRisk
#Christofascism #transgenocide