The technical infrastructure that underpins #Telegram is controlled by a man whose companies have collaborated with Russian intelligence services.

https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle #Espionage #FSB #MitM #rotzland

Hey @hetzner I just registered as customer and clicked a virtual server on your site. The whole process was seamless and unbelievably quick!

When setting up an OS image could you please display the #SSH server key in the Hetzner console? I couldn’t find it anywhere and https://www.reddit.com/r/hetzner/comments/tsvrir/how_to_verify_ssh_host_key_fingerprint_when/ reads like others have the same problem, too.

I try really hard not to skip host key checking and eventually booted Ubuntu Live ISO and read my SSH host key manually.

On we go with pwn.college's orange belt journey "Intro to Cybersecurity" with the "Intercepting Communications" module now finished. Lessons learned include old (nc, tcpdump/tshark) and new (scapy) friends ending in a MITM proxy where this year's experience from Potsdam Cyber Games was very helpful.

#ctf #cybersecurity #nft #scapy #mitm #arppoisoning #tcp #udp #networking #tcpip #pwncollege #pwn.college

HIGH severity: COROS PACE 3 (≤3.0808.0) downloads firmware via unencrypted HTTP on WLAN, enabling sniffing/MitM. No known exploits yet, but risk is real in shared/corp networks. Restrict to secure WLANs & disable auto-updates until patch. CVE-2025-32880 https://radar.offseq.com/threat/cve-2025-32880-na-c9409404 #OffSeq #IoT #MitM #Security

"If your reports don't feel safe, they won't tell you" — This is one of the clearest and most important pieces of advice I've heard for managers.

It's a perfect illustration of the "monster in the middle dilemma for navigating both social and organizational/authoritative power dynamics as a manager. Power dynamics are the monster in the middle — and if a manager doesn't actively work to mitigate that, they will fail to operate effectively as a manager.

It's not something anyone can fix or prevent, it's an inevitable, inescapable aspect of the management threat model.
#mitm

@neil OFC it isn't technically feasible wothout #MITM'ing every connection and even then if people do proper #E2EE they can still do nefarious shit.

• The problem are what people do to other people, not that they use the Internet for it!

Lately I've been using Google messages on my android phone. I know, silly of a privacy focused person to do, but whatever.
Anyway, lately, when discussing taboo topics in my group chats such as web pen testing, or guns, messages sent to the chat are being dropped. I didn't receive a message with an SQL injection and I didn't receive a picture of an AK-47. I'm certain the rest of the group received these messages. I find it fundamentally wrong to have communications intercepted and dropped. In no way should Google determine whether or not I should receive information.
#fuckgoogle #mitm #unethical

surely one of you #infosec peers has a guide or article on why #VPN services aren't the privacy silver bullet they often advertise themselves to be. something that mentions you're paying co-conspirators to #mitm your own traffic in addition to lowering the reputation to that of your new address space?

@cR0w @troyhunt @dangoodin @benjojo @Viss @matthew_d_green

Seriously, #ClownFlare are at best a #ValueRemoving #MITM and more often than not a #RogueISP who's business model is a #RacketeeringScheme that should not exist to begin with.

• There is no legitimate reason to use #Cloudflare!

Eavesdropping on Black-box Mobile Devices via Audio Amplifier’s EMR

https://www.ndss-symposium.org/wp-content/uploads/2024-240-paper.pdf

https://arcanechat.me server reached 1500 users!!!

the server is using around 1GB of RAM, CPU is almost unused, and only 1.4GB of storage used for encrypted user volatile data, that is around 1MB per user on average!

the cost of self-hosting a #chatmail server for #ArcaneChat / #DeltaChat is really low! and you don't even need to trust the server operator or even the VPS provider if you are selfhosting since all is #e2ee and safe against #mitm thanks to the green checkmark in chats

Pros, cons and potential alternatives to Cloudflare for the #selfhost or #homelab.

https://blog.k3can.us/index.php?post/2025/02/Cloudflare-for-the-Selfhoster