buc.ci is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Admin email
abucci@bucci.onl
Admin account
@abucci@buc.ci

Search results for tag #securitytheater

AodeRelay boosted

[?]Em :official_verified: » 🌐
@Em0nM4stodon@infosec.exchange

Facial Recognition is slowly
getting embedded in most systems in the name of security.

This needs to stop.

Not only it will not help, but it will definitely harm a lot of innocent people: Identity theft and doxing when the inevitable data breaches happen. False positives, which can be very high and even higher for people of color. Normalized discrimination for many.

We collectively need to
refuse each time facial recognition is requested, and we need to write to our public representatives to demand better legislation against it.

If we do not refuse to participate and
we do not fight for our privacy rights collectively, we will lose them.

Here's how it works for airports in the US: gizmodo.com/senators-say-tsas-

    3 ★ 3 ↺

    [?]Anthony » 🌐
    @abucci@buc.ci

    Slack's signin procedure is the digital equivalent of boarding an airplane, "security"wise.

    One of my favorite "security challenges" is the "verify your email" one. By this point my email has been verified so many times it should have top secret clearance.


      2 ★ 2 ↺

      [?]Anthony » 🌐
      @abucci@buc.ci

      What kind of janky, bottom-shelf robot would not be able to identify motorcycles and crosswalks in pictures?


        2 ★ 2 ↺

        [?]Anthony » 🌐
        @abucci@buc.ci

        If Cloudflare really is "verifying" that I'm human with its obnoxious widget, why does it do this for multiple web sites and over and over again for a given web site? Shouldn't it be able to verify I'm human once and for all? What exactly are they doing with their sprawling control of all these web sites if not adding value through economy of scale?


          4 ★ 4 ↺

          [?]Anthony » 🌐
          @abucci@buc.ci

          A web site just blocked me because I solved one of those sliding jigsaw puzzle captchas too quickly.


            2 ★ 1 ↺

            [?]Anthony » 🌐
            @abucci@buc.ci

            Meanwhile, LLM prompt injection attacks are everywhere, and easy to exploit. The companies responsible for them are not taking steps to close the glaring security holes. It may not be possible.

            Security theater. In fact I think "security" is really about control, and nowadays when I encounter a security challenge I think of it in terms of who is trying to control my behavior and to what ends. I think it's clear by now that many internet "security" controls, at least those deployed by large tech companies, are not good faith efforts to protect users; that's a secondary concern.


              2 ★ 2 ↺

              [?]Anthony » 🌐
              @abucci@buc.ci

              In 2025 the web has more security checkpoints than an American airport.


                6 ★ 2 ↺

                [?]Anthony » 🌐
                @abucci@buc.ci

                Is it just me, or has the number of captcha challenges significantly increased over the past few months? Nowadays I feel like I'm being hit with captchas all day every day, where before it was relatively rare. It is especially noticeable on sites I visit frequently, have accounts with, and presumably have cookies for.


                  about this site - powered by snac/2.86