Why I'm Leaving Facebook and You Should Too

Why I’m Leaving Facebook and You Should Too.

Earlier this month, Facebook acknoweldged that data from over 50,000,000 users had been illicitly obtained by data mining and political consulting firm, Cambridge Analytica. The data, while legally obtained by the social media site, Facebook, had been taken from friends of friends who did not consent to the collection by Cambridge Analytica. After the breach of trust was disclosed to Facebook, the company failed to notify affected users, instead opting to allow Cambridge Analytica to promise to delete the illicitly obtained information.
While a loss of data may not seem like an issue of great importance to some, the fact remains that Facebook identified the loss of data and took steps to conceal the breach, and failed to insure that the illicit data was destroyed.
This breach of public trust is a symptom of a much larger issue among Facebook’s higher-ups, best illustrated by Facebook CEO Mark Zuckerberg’s previous statement about users.

“They trust me. Dumb fucks.”

Mark Zuckerberg, Facebook CEO, when asked why users submitted data to the website.

LibWebP (CVE-2023-4863)

Here is a non-exhaustive list of possible mitigations to prevent the exploitation of CVE 2023-4863 in the LibWebP library. This library has a heap buffer overflow available across all operating systems, most browsers, an exceptional number of Electron framework applications. This CVE is rated a 10 after previously being rated 8.8. This was due to an original disclosure from Google stating that Chrome was the only effected application. After investigation, it was discovered that all instances of the LibWebP library were vulnerable across all platforms. A similar CVE ( 2023-5217 ) is pending analysis for the VP8 webstream video format (a sister library to libwep.) As working proof-of-concepts are generally available to the public and Google and Apple both acknowledge threat actors and spyware vendors making use of the vulnerability, it is essential that you begin reviewing and patching all business critical applications. Patch Browsers, All of them All major and minor browsers acr

Show And Tell

Once a week, our security team gathers everyone into a meeting and shares the last week’s worth of security related news and any new security initiatives. This one hour may be the most valuable meeting we attend and has the greatest impact on successful security outcomes. What is it? We call ours a Security Show & Tell. (You can call it whatever fun and exciting name fits your corporate culture.) Regardless of the name, the goal is to set aside an hour each week to share three kinds of security stories and our response to them. Stories that are in the news. Stories that impact our work. Stories that impact our lives. Author’s Note: There’s some helpful tips below on how to gather these stories. Why you should do it There’s a lot of great reasons to do this, but I want to drive home a few really important ones. How many times has this happened to you? You wake up, open infosec.exchange , and begin scrolling only to find out that $Vendor has a nasty zero-day and organiza

Savory Dutch Babies

Ingredients: 1/4 Stick butter 1/2C AP flour 3/4C room temp milk 3 room temp eggs Salt pepper mace nutmeg allspice etc if you want it Blend it or whisk it until homogeneous Put a castiron in a cold oven at 425°. Remove when preheat finishes and melt in a 1\4 stick of butter. Pour in batter. Top with parm and fresh herbs. Cook 15m.

All Good Men

Search This Blog