sueden.social ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Eine Community für alle, die sich dem Süden hingezogen fühlen. Wir können alles außer Hochdeutsch.

Serverstatistik:

2 Tsd.
aktive Profile

#sim

5 Beiträge5 Beteiligte0 Beiträge heute

Ya esta disponible @speed_dreams_official 2.4.1.

Esta nueva versión trae cambios muy jugosos:

* Se ha mejorado el gestor de descargas
* Ahora al chocar contra los muros, la vuelta sera invalidada, y así quedara reflejado en el Master Server, sobre todo de cara a los campeonatos
* 4 nuevas categorías
* 4 nuevas pistas
* Ahora disponible en formato AppImage
* Simplificado el código fuente
* etc.

Info: speed-dreams.net/es/blog/relea

Descargas: speed-dreams.net/en/downloads

speed-dreams.netLanzamiento de la versión 2.4.1 | SPEED DREAMSGrav is an easy to use, yet powerful, open source flat-file CMS
#linuxgaming#floos#racing
Antwortete im Thread

@dave_andersen @AVincentInSpace personally I consider any "#KYC" a risk-factor, and @signalapp has proven their ability and willingness to restrict functionality (i.e. their #Shitcoin-#Scam #MobileCoin) based off said #PhoneNumbers (Cuban, Russian and North Korean Numbers were excluded) which are in fact #PII (even if one doesn't have to #ID for obtaining a #SIM, they are circumstantial PII)...

  • They have neither "legitimate interest" nor legal mandate to collect said data (or to integrate a scammy Shitcoin for that matter) as the discontinuation of #ChatSecure / #TextSecure has eliminated the "technical necessity" to have those.

Either way they either have to yeet #Hegseth as client and/or stop collecting PII like PhoneNumbers - they gotta have to do something

#ITsec is a different story, but unlike #Signal these do not depend on a #PhoneNumber and work through @torproject / #Tor.

  • And I've been using Tor for almost 15 years daily now...

Para nuestra sorpresa, y después de casi 9 años, hay una nueva versión de #TORCS

Para quien no lo conozca, TORCS (The Open Racing Car Simulator), es un simulador de carreras que empezó en 1997, y del que salieron varios forks, como Speed Dreams.

La lista de cambios es larga: muchas correcciones, actualización de varias dependencias, soporte para mandos actuales, etc.

Descargar:
sourceforge.net/projects/torcs

Lista de cambios: sourceforge.net/p/torcs/code/c

sourceforge.netTORCS - The Open Racing Car Simulator - Browse Files at SourceForge.netTORCS, The Open Racing Car Simulator is a highly portable multi platform car racing simulation. It is used as ordinary car racing game, as AI racing…
#linuxgaming#floss#sim

That's Not How A SIM Swap Attack Works

shkspr.mobi/blog/2025/04/thats

There's a disturbing article in The Guardian about a person who was on the receiving end of a successful cybersecurity attack.

EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did so immediately. Twenty-four hours later, my mobile stopped working and money was withdrawn from my bank account.

With their alien sim, the ­fraudster infiltrated my handset and stole details for every account I had. Passwords and logins had been changed for my finance, retail and some social media accounts.

(Emphasis added.)

I realise it is in the consumer rights section of the newspaper, not the technology section, and I dare-say some editorialising has gone on, but that's nonsense.

Here's how a SIM swap works.

  1. Attacker convinces your phone company to reassign your telephone number to a new SIM.
  2. Attacker goes to a website where you have an account, and initiates a password reset.
  3. Website sends a verification code to your phone number, which is now in the hands of the attacker.
  4. Attacker supplies verification code and gets into your account.

Do you notice the missing step there?

At no point does the attacker "infiltrate" your handset. Your handset is still in your possession. The SIM is dead, but that doesn't give the attacker access to the phone itself. There is simply no way for someone to put a new SIM into their phone and automatically get access to your device.

Try it now. Take your SIM out of your phone and put it into a new one. Do all of your apps suddenly appear? Are your usernames and passwords visible to you? No.

There are ways to transfer your data from an iPhone or Android - but they require a lot more work than swapping a SIM.

So how did the attacker know which websites to target and what username to use?

What (Probably) Happened

Let's assume the person in the article didn't have malware on their device and hadn't handed over all their details to a cold caller.

The most obvious answer is that the attacker already knew the victim's email address. Maybe the victim gave out their phone number and email to some dodgy site, or they're listed on their contact page, or something like that.

The attacker now has two routes.

First is "hit and hope". They try the email address on hundreds of popular sites' password reset page until they get a match. That's time-consuming given the vast volume of websites.

Second is targetting your email. If the attacker can get into your email, they can see which sites you use, who your bank is, and where you shop. They can target those specific sites, perform a password reset, and get your details.

I strongly suspect it is the latter which has happened. The swapped SIM was used to reset the victim's email password. Once in the email, all the accounts were easily found. At no point was the handset broken into.

What can I do to protect myself?

It is important to realise that there's nothing you can do to prevent a SIM-swap attack! Your phone company is probably incompetent and their staff can easily be bribed. You do not control your phone number. If you get hit by a SIM swap, it almost certainly isn't your fault.

So here are some practical steps anyone can take to reduce the likelihood and effectiveness of this class of attack:

  • Remember that it's OK to lie to WiFi providers and other people who ask for your details. You don't need to give someone your email for a receipt. You don't need to hand over your real phone number on a survey. This is the most important thing you can do.
  • Try to hack yourself. How easy would it be for an attacker who had stolen your phone number to also steal your email address? Open up a private browser window and try to reset your email password. What do you notice? How could you secure yourself better?
  • Don't use SMS for two-factor authentication. If you are given a choice of 2FA methods, use a dedicated app. If the only option you're given is SMS - contact the company to complain, or leave for a different provider.
  • Don't rely on a setting a PIN for your SIM. The PIN only protects the physical SIM from being moved to a new device; it does nothing to stop your number being ported to a new SIM.
  • Finally, realise that professional criminals only need to be lucky once but you need to be lucky all the time.

Stay safe out there.

Terence Eden’s Blog · That's Not How A SIM Swap Attack Works
Mehr von Terence Eden
#2fa#CyberSecurity#MFA

🆕 blog! “That's Not How A SIM Swap Attack Works”

There's a disturbing article in The Guardian about a person who was on the receiving end of a successful cybersecurity attack.

EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did …

👀 Read more: shkspr.mobi/blog/2025/04/thats

#2fa #CyberSecurity #MFA #security #sim

Terence Eden’s Blog · That's Not How A SIM Swap Attack Works
Mehr von Terence Eden

If you change your #phone #sim temporarily, i.e. use a new phone number, #Signal keeps working as before. #WhatsApp stops working if you change your sim i.e. phone number. Signal knocks the socks off whatsapp for staying in touch while travelling, when your normal sim and phone number have malfunctioned (my new #telekom cellular provider cancelled my old SIM & provider & sent me their new SIM for new contract: while I was abroad, without asking me if this date suits). Signal rocks. Use signal.

Antwortete im Thread

@bob_zim yeah. Seen it. in the writeup by @micahflee ...

I just hope to find any that ain't #NetLock'd / #SimLock'd to #Verizon and that these support more than #US-#LTE bands...

  • Not shure if it needs a valid #SIM or just an #ICCID + #Ki on a #SIM to get going (cuz in #Germany it's hard [imported #SIM] to illegal [domestic SIMs] to get an anonymous SIM since 07/2017.

I just wish @eff wouldn't expect everyone to use #centralized, #SingleVendor & #SingleProvider services like @signalapp in the age of #CloudAct, cuz neither I nor anyone I'd trust would submit #PII to them like a #PhoneNumer as a matter of principle!

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)Inhaltswarnung: Rant re: Signal Shills being dangerous Tech Illiterates