reshared this
nullagent, Aral Balkan and Darth Tiktaalik reshared this.
reshared this
Darth Tiktaalik reshared this.
reshared this
Easydor, Isaac Ji Kuo, GailWaldby@bsky.social, stuxโก, Florian Schmidt, Cory Doctorow, Space Catitude ๐, Coach Pฤแนini ®, Lenz Grimmer, Jonathan Beverley and Darth Tiktaalik reshared this.
They were warned that the delegation was going to be skeptical at the very least, and paid no heed.
youtube.com/watch?v=EIao2kkB7Gโฆ
'American Extortionists': Japan Leader's Roaring Speech Shocks Trump, U.S. Amid Tariff War
Japan opposition lawmaker Shinji Oguma of the Constitutional Democratic Party voiced sharp criticism of Trump tariffs, warning against capitulation to what h...YouTube
That's exactly what happened with Canada.
Asked clearly what we could do, no answer, no fucking clue, it was just for show.
Negotiating in Good Faith with a person who has a line of authority to make a deal is the foundation of negotiations. I'm not spitballing, I did this for a living.
Japan HAD to walk away. No one else should waste their time.
JonChevreau reshared this.
reshared this
Darth Tiktaalik and Charlie Stross reshared this.
Your donation means hope to us in these difficult times.
Please don't ignore us.๐
gofund.me/b485f196
Donate to Help Sehwel Family with their Medical treatment, organized by Mariam Shwel
Hello everybody, We are Munther Sahweel, we are here to ask you urgent asโฆ Mariam Shwel needs your support for Help Sehwel Family with their Medical treatmentgofundme.com
Darth Tiktaalik reshared this.
Gawd.. Do I wish I was wrong about #Trump
I remember people telling me not to call him a fascist or dictator
Where are they now?
Darth Tiktaalik likes this.
reshared this
Grant ๐บ๐ฆArmUkraine๐บ๐ฆ, SpaceLifeForm, Darth Tiktaalik, Lesley Carhart and Isaac Ji Kuo reshared this.
they duped you.
I too was warned not to use the correct true fact, he is a fascist.
they were never in denial.
they were either incredibly stupid, or more likely, actively rooting for him to be fascist.
Boost your social media page by this ๐
60 Motivational Luxury reels
"Unlock 60 high-quality Motivational Luxury Reels to elevate your brand! Perfect for entrepreneurs, influencers, and content creators looking to inspire and captivate their audience.Payhip
Darth Tiktaalik likes this.
reshared this
Darth Tiktaalik reshared this.
Darth Tiktaalik likes this.
reshared this
Darth Tiktaalik reshared this.
reshared this
Gordon J Holtslander, DoomsdaysCW, Calisti ๐ณ๏ธ๐๐ฆ, Cory Doctorow, No Gods , no Masters! RESIST, BrianKrebs, Claudius, Em and Darth Tiktaalik reshared this.
Black Maga Discovers Racism
youtube.com/watch?v=qcJv5d9iwZโฆ
FAFO season continues in the familiar streets of Black Maga. It was all fun and games waving the Maga hat and complaining about the plight of Black Conservatives before Trump was elected. It was all good just a week ago. But now..chickens have come home to roost and Leopards are eating faces. Racism you say? Not Maga!This Black Conservative TikToker now has put away her Black Maga hat to solicit help for her son who, as she calls it is dealing with 'racial injustice.' The kind they call us victims and snowflakes for pointing out.
#TrumpSupporters #maga #blackMaga #reeseWaters #fafo #LeopardsAteMyFace #racism
Black Maga Discovers Racism
FAFO season continues in the familiar streets of Black Maga. It was all fun and games waving the Maga hat and complaining about the plight of Black Conservat...YouTube
It is appearing very likely that #RationalWiki will be dissolved this year due to lack of legal representation (no pro bono lawyers came forward and we do not have funds to hire a lawyer). Meritless #defamation lawsuits were filed against us by "human biodiversity"/"scientific racism"/pro-eugenics plaintiffs. The plaintiffs are consequently likely to win their cases by default.
#law #racism #eugenics #slapp #nonprofit
rationalwiki.org/wiki/Racialisโฆ
Racialism
Racialism (also known as scientific racism) is a set of far-right pseudoscientific ideas which hold that humanity can at all be meaningfully divided into biological categories ("races") that are both broad (each category should include many humans, sโฆRationalWiki
reshared this
Darth Tiktaalik reshared this.
We have new batch of GOOD transgender news for you!
tapatalk.com/groups/crossdreamโฆ
#transgender #trans #LGBTQ #LGBTQIA
Crossdream Life-Good Transgender News
California Democrats on an Assembly committee blocked two bills Tuesday that would have banned transgender athletes from girlsโ sports, locker roomsCrossdream Life
reshared this
Darth Tiktaalik reshared this.
I totally missed #PortfolioDay, but I make a post anyway ๐
.
Hi, Iโm Daniela, Iโm an autistic comic artist from Berlin/Germany and I make comics about autism/neurodivergence, cozy fantasy art and cute/happy art!
โจโจwonderl.ink/@fuchskindโจโจ
#MastoArt #CozyArt #FantasyArt #Autism #DigitalArt
fuchskind
fuchskind ist bei Wonderlink, die ONE LINK ONLY Linkbaum-Lรถsung fรผr all Deine Sozialen Netze.Wonderlink
Darth Tiktaalik reshared this.
Every moment,nothing new is mentioned except the devastation & suffering we endure daily.
#Gaza #freepalestine #war #palestine
reshared this
Darth Tiktaalik reshared this.
reshared this
Democracy Matters, Isaac Ji Kuo, Rocketman, GailWaldby@bsky.social, Jyrgen N, stuxโก, Lenz Grimmer, Grant ๐บ๐ฆArmUkraine๐บ๐ฆ, ahimsa, Gordon J Holtslander, der.hans, SpaceLifeForm, Peter Lichota, Evan Prodromou, David J. Atkinson, JonChevreau, crossgolf_rebel - kostenlose Kwalitätsposts, Coach Pฤแนini ®, Em, Rokosun, Tinyrabbit โ , Dan Gillmor, Karl Voit, David Adler, CatSalad๐๐ฅ (D.Burch), Aral Balkan, Ghost of Hope ๐ณ๏ธโง๏ธ, lorax b. horne ๐, David August, beladona, Florian Schmidt, DoomsdaysCW, Till and Darth Tiktaalik reshared this.
It didn't start with Trump as you say.
Guantanamo is a more recent example.
sorry George
We need to make sure this will not happen again
It already happened to several US citizens and also to tourists who just loved the U.S. tourist folder pictures. And when ICE don't arrest you: beware because in the U.S. any idiot you meet in the street could be carrying a loaded gun.
RE
many people today will never connect the dots
RE #GeorgeTakei
"...send migrants to a prison camp without any due process, it can send U.S. citizens there, too. I know because this happened to me and my family in 1942."
โญConnect the dots, makes me think, what IF one reason to do this in 1942 was to get many balanced bilinguals to join the #OSS and be placed ALL OVER JAPAN #WW2
#officeofstrategicservices
en.m.wikipedia.org/wiki/Officeโฆ
en.m.wikipedia.org/wiki/Georgeโฆ
![Takei had several relatives living in Japan during World War II. Among them, he had an aunt and infant cousin who lived in Hiroshima and who were both killed during the atomic bombing that destroyed the city.
In Takei's own words, "My aunt and baby cousin [were] found burnt in a ditch in Hiroshima."
At the end of World War II, after leaving Tule internment camp, Takei's family was left without any bank accounts, home or family business; this left them unable to find any housing, so they lived on Skid Row, Los Angeles for five years.
He attended Mount Vernon Junior High School and served as Boys Senior Board President at Los Angeles High School. He was a member of Boy Scout Troop 379 of the Koyasan Buddhist Temple.
Upon graduation from high school, Takei enrolled in the University of California, Berkeley, where he studied architecture.
Later, he transferred to the University of California, Los Angeles, where he received a Bachelor of Arts in theater in 1960 and a Master of Arts in theater in 1964.
He also attended the Shakespeare Institute at Stratford-upon-Avon in England and Sophia University in Tokyo. In Hollywood, he studied acting at the Desilu Workshop.](https://nerdica.net/photo/preview/640/31747306 "Takei had several relatives living in Japan during World War II. Among them, he had an aunt and infant cousin who lived in Hiroshima and who were both killed during the atomic bombing that destroyed the city.
In Takei's own words, \"My aunt and baby cousin [were] found burnt in a ditch in Hiroshima.\"
At the end of World War II, after leaving Tule internment camp, Takei's family was left without any bank accounts, home or family business; this left them unable to find any housing, so they lived on Skid Row, Los Angeles for five years.
He attended Mount Vernon Junior High School and served as Boys Senior Board President at Los Angeles High School. He was a member of Boy Scout Troop 379 of the Koyasan Buddhist Temple.
Upon graduation from high school, Takei enrolled in the University of California, Berkeley, where he studied architecture.
Later, he transferred to the University of California, Los Angeles, where he received a Bachelor of Arts in theater in 1960 and a Master of Arts in theater in 1964.
He also attended the Shakespeare Institute at Stratford-upon-Avon in England and Sophia University in Tokyo. In Hollywood, he studied acting at the Desilu Workshop.")
Sensitive content
Being homeless, I have lost my "papers" yet again do to my house being stolen AGAIN. I'm done replacing them and just waiting for ICE to send me to Germany where one branch of my family came from about a century ago.
Oh, BTW, I swore to defend the US Constitution against foreign and domestic terrorism in THIS country.
[If you want to improve yourself and Learn how to make money and build character, in created many Ebooks!
Check it out.]
Here is link-
payhip.com/b/IKHeZ
Hope you understand, Thank youโค๏ธ
#Self-improvement #digitalproduct #MakeMoneyOnline #business #money #marketing #mastodon #viral
Normal vs Millionaire:Difference between Thinking and Action
What will you learn from this ebook-โ ๏ธThink of simple vs Millionaire personโ ๏ธActionsโ ๏ธFuturistic Thinkingโ ๏ธStudied RISKSโ ๏ธFearlessnessAnd many more...Grab it now in just $5.99Payhip
citizens, look up extraordinary rendition!
Who was D.B. Cooper?
Dive into the greatest unsolved heist in American history. The Sky Ghost: Unraveling the Legend of D.B. Cooper is a gripping true-crime read packed with mystery, theories, and new insights.
Get it now for just $2.99!
Truth or legend? You decide.
Just promoting
The Sky Ghost: Unraveling the Legend of D.B. Cooper
Why You Should Read This eBook:โข Unlock a Legendary Mystery: Explore the only unsolved air hijacking case in U.S. history with new insights and gripping storytelling.Payhip
It's the same law is it not, the "Alien Enemies Act" that the Trump regime is using to disappear "non-citizens" to the El Salvador prison?
The law that President Roosevelt used in 1942. It's from 1798.
youtu.be/bsq_FNcZTqo?si=_MJiFzโฆ
Watch this trailer ,you will love it!!
Just promoting โค๏ธ
๐ง๐ฟ๐๐ฒ ๐๐ฒ๐ฎ๐ฟ: ๐ฃ๐ฎ๐ฟ๐ ๐ญ | ๐จ๐ป๐น๐ฒ๐ฎ๐๐ต ๐๐ต๐ฒ ๐ก๐ถ๐ด๐ต๐๐บ๐ฎ๐ฟ๐ฒ โ๐ง๐ฟ๐ฎ๐ถ๐น๐ฒ๐ฟ | ๐๐ถ๐ฑ๐ฟ๐ถ๐ผ๐ฟ
๐ง๐ฟ๐๐ฒ ๐๐ฒ๐ฎ๐ฟ: ๐ฃ๐ฎ๐ฟ๐ ๐ญ | ๐จ๐ป๐น๐ฒ๐ฎ๐๐ต ๐๐ต๐ฒ ๐ก๐ถ๐ด๐ต๐๐บ๐ฎ๐ฟ๐ฒ โ๐ง๐ฟ๐ฎ๐ถ๐น๐ฒ๐ฟ | ๐๐ถ๐ฑ๐ฟ๐ถ๐ผ๐ฟDive into the chilling world of this horror game tr...YouTube
Under Trump It's not theory. They are already trying: x.com/BridgetCambria8/status/1โฆ
And if we consider domestic torture camps, it's not distant future, it's a signed decree right now called "wellness farms" open for anyone doing drugs, needs medicine or struggles with mental health. What this means? Bet "Trump Derangement Syndrome" will be in the next ICD: en.wikipedia.org/wiki/Trump_deโฆ
Scientific America has more about Wellness Farms: scientificamerican.com/articleโฆ
If we phrase it "(US) citizen put into (domestic _or_ foreign) camps by US government" - do I really need to go on? Guess everyone interested in the topic already has some bells ringing about current and past things going on. I'd even argue the war on minorities and activists isn't specifically a Trump thing, just the pace at which it happens and that the gov is so vocal about it.
Also there is a fun story from germany: Hungary asked for extradition of someone, court rules in first instance to extradite a german citizen. But as prison conditions are expected to be free of human rights it went to a higher court. Cops were informed that courts first instance decision isn't final but cops went up early that day to deport the woman - while in parallel the court was deciding that she can't be extradited. When she was there the word was "yea, sorry, too late, can't get her back no more". Meanwhile court ruled the extradition was illegal in first place. But has no consequences: tagesschau.de/inland/auslieferโฆ (german)
Why Is the Trump Administration Villainizing Mental Health Meds for Kids?
A federal commission to examine U.S. chronic disease could undercut real treatment for kids with depression, ADHD and other mental health challengesScientific American
An Ivermectin Influencer Died. Now His Followers Are Worried About Their Own โSevereโ Symptoms.
unmc.edu/healthsecurity/transmโฆ
An Ivermectin Influencer Died. Now His Followers Are Worried About Their Own โSevereโ Symptoms.
(Vice) Danny Lemoi took a daily dose of veterinary-grade ivermectin and told his thousands of followers to give the drug to children. He died of a common side effect of the medication. Just before โฆThe Transmission
Cubans the Latest Latinos For Trump to Find Out
youtube.com/watch?v=gbivs51Y0bโฆ
#TrumpSupporters #LatinosForTrump #maga #fafo #CubanImmigrants #VenezuelanImmigrants #DonaldTrump
Cubans the Latest Latinos For Trump to Find Out
Latinos for Trump this is your FAFO moment. Think Maga will come to your rescue? Marco Rubio? Trump? Instead, the Trump administration will be revoking the l...YouTube
reshared this
Darth Tiktaalik, Darth Tiktaalik, Lenz Grimmer, Blaise Pabón - controlpl4n3, TheConstructor (he/him), Easydor, der.hans and Florian Schmidt reshared this.
reshared this
Noam writes, Esther Payne, Eniko Fox, Infrapink (he/his/him), Dgar, DoomsdaysCW, alcinnz and Darth Tiktaalik reshared this.
'Segregated facilities' are no longer explicitly banned in federal contracts
Man votes Trump, wife gets arrested & imprisoned
youtube.com/watch?v=c6iq71Itcsโฆ
#donaldTrump #trumpvoters #trumpsupporters #ice
Man votes Trump, wife gets arrested & imprisoned
๐ป Sponsored by Aura: Try it free for 2 weeks! See if your data is safe at https://aura.com/pakman-- A man votes for Donald Trump and his Peruvian wife is su...YouTube
GOP state Sen. Justin Eichorn arrested on suspicion of soliciting sex with a 16-year old girl
So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.
Let me put the important words in uppercase.
So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.
[Edit with H/T: benjojo.co.uk/u/benjojo/h/cR4dโฆ]
blog.cloudflare.com/password-rโฆ
#cloudflare #password #cybersecurity
It feels quite uncomfortable that cloudflare is somewhat openly admitting to analysing login credentials that are going through the reverse proxy, and providing aggregated stats on it (without explicit consent of the user it appears?)Based on Cloudflare's observed traffic between September - November 2024, 41% of successful logins across websites protected by Cloudflare involve compromised passwords.
Don't get me wrong the results are actually pretty interesting, but I just cannot think of a ethical way of doing this, and it feels kind of jarring that they just "did that"blog.cloudflare.com/password-rโฆ
Password reuse is rampant: nearly half of observed user logins are compromised
Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.The Cloudflare Blog
reshared this
leyrer, mgorny-nyan (he) ๐๐๐ง, Meko #nowar, der.hans, stuxโก, Karl Voit, ๐ก RightToPrivacy & Tech Tips, Stefan Rother-Stübs, Florian Schmidt and Darth Tiktaalik reshared this.
As bad as the optics are on this one, they're doing the moral equivalent of github.com/DivineOmega/passworโฆ
They aren't storing people's passwords for their analysis, they queried the HIBP API with the first 5 hexits from the SHA1 hash of the user's password then check if the full SHA1 hash is returned. If it is, they report that it's compromised. If it isn't, they report that it isn't.
Is it alarming that they're in a position to do this for all the websites they protect? Oh, absolutely.
But CloudFlare was always MitM as a Service (the Service being "DDoS mitigation"). That's one reason why it's so actively distrusted.
GitHub - DivineOmega/password_exposed: ๐ Password Exposed Helper Function - Check if a password has been exposed in a data breach.
๐ Password Exposed Helper Function - Check if a password has been exposed in a data breach. - DivineOmega/password_exposedGitHub
Robert [KJ5ELX] :donor: (@0xF21D@infosec.exchange)
Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention.Infosec Exchange
wrote: "[...] something we technically knew was going on before but didn't consciously consider a threat, until now."
I've been warning for CDN's like Cloudflare and Fastly (and cloud providers in general) for a long time.
Here's a recent toot (in Dutch, the "translate" button should do the job): infosec.exchange/@ErikvanStratโฆ.
If you trust Google to translate it (guaranteed NOT error-free, it *may* work in other browsers than Chrome): infosec-exchange.translate.gooโฆ
P.S. Fastly knows your infosec.exchange login credentials.
#Cloudflare #MitM #AitM #Fastly #CDN #TLSinterception
Erik van Straten (@ErikvanStraten@infosec.exchange)
Attached: 1 image Risico Cloudflare (+Trump) ๐ฆ๏ธ Achter Cloudflare Steeds meer websites zitten "achter" het Amerikaanse bedrijf Cloudflare. Stel u opent https://pvv.Infosec Exchange
If your adblock is good enough you always see the captchas, so you always know when a thing is cloud flair.
Also, who's not doing single use email addresses? Every site is a sea of spammy notification/cart abandonment/special offer/watch list/privacy policy update/m&a mail... And thats before they get pwned or sell your details.
Who wants all that in one mail box?
I already get a bitcoin scam call every 2 weeks because i enabled sms 2fa one place and scammers got hold of the number. At this point they know i know and they know i know that, but the guys on the phone have a call/hour quota and they gotta pay rent i guess...
@EndlessMason @ErikvanStraten @malanalysis Cory Doctorow @pluralistic argued that hiding your email address from spambots is futile anyway so he doesn't worry when he publishes it regularly: theguardian.com/technology/201โฆ
He needs a good spam filter technique though. Afaik he is still using the same email address.
Keeping an email address secret won't hide it from spambots
The spam wars aren't going away soon but treating public email addresses as secret is of no benefitCory Doctorow (The Guardian)
@skaphle @EndlessMason @ErikvanStraten @malanalysis @pluralistic
A good promo for #Thunderbird , itโs a very good email client. I use it as well (not that my use is any recommendation whatsoever next to Coryโs :)
: Cloudflare is evil anyway.
Cloudflare reverse-proxies (or -proxied):
-
cloudflare.com.save-israelยทorg
-
ns.cloudflare.com.save-israelยทorg
-
albert.ns.cloudflare.com.save-israelยทorg
-
sydney.ns.cloudflare.com.save-israelยทorg
-
I don't know whether any of these domains were or are malicious, but such domain names are insane; expect evilness.
See also:
crt.sh/?Identity=save-israel.oโฆ
Tap "Alt" in the images for more info.
#CloudflareIsEvil #BigTechIsEvil #AitM #MitM #DV #DVCerts #DVCertsSuck #BrowsersSuck
![Screenshot from part of https://www.virustotal.com/gui/ip-address/188.114.96.0/relations
Visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by "[.]" to prevent accidental opening):
-
2025-03-17 0/94 Mandiant albert.ns.cloudflare.com.save-israel.org
-
2025-03-17 19/94 Mandiant allegro.pl-oferta5260043.shop
-
2025-03-17 19/94 Mandiant allegro.pl-ogloszenia78517.shop
-
2025-03-17 6/94 Mandiant allegrolokalnie.8124-4912-9124.rest
-
2025-03-17 17/94 Mandiant allegrolokalnie.d9llje3ubkij00gv.shop
-
2025-03-17 21/94 Mandiant allegrolokalnie.oferta-3156512.shop
-
2025-03-17 19/94 Mandiant allegrolokalnie.oferta-8681986.sbs
-
2025-03-17 19/94 Mandiant allegrolokalnie.ogloszenie-9908905.shop
-](https://nerdica.net/photo/preview/640/31307596 "Screenshot from part of https://www.virustotal.com/gui/ip-address/188.114.96.0/relations
Visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by \"[.]\" to prevent accidental opening):
-
2025-03-17 0/94 Mandiant albert.ns.cloudflare.com.save-israel.org
-
2025-03-17 19/94 Mandiant allegro.pl-oferta5260043.shop
-
2025-03-17 19/94 Mandiant allegro.pl-ogloszenia78517.shop
-
2025-03-17 6/94 Mandiant allegrolokalnie.8124-4912-9124.rest
-
2025-03-17 17/94 Mandiant allegrolokalnie.d9llje3ubkij00gv.shop
-
2025-03-17 21/94 Mandiant allegrolokalnie.oferta-3156512.shop
-
2025-03-17 19/94 Mandiant allegrolokalnie.oferta-8681986.sbs
-
2025-03-17 19/94 Mandiant allegrolokalnie.ogloszenie-9908905.shop
-")
![Screenshot from part of https://www.virustotal.com/gui/domain/cloudflare.com.save-israel.org/relations
Visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by "[.]" to prevent accidental opening):
-
Passive DNS Replication (2)
-
Date resolved Detections Resolver IP
-
2024-07-31 0/94 VirusTotal 172.67.169.79
-
2024-07-31 0/94 VirusTotal 104.21.87.91
-
Subdomains (1)
-
ns.cloudflare.com.save-israel.org 0/94 172.67.169.79 104.21.87.91
-
Siblings (2)
-
com.save-israel.org 0/94 172.67.169.79 104.21.87.91
-
www.save-israel.org 0/94 63.250.43.12 63.250.43.11
-](https://nerdica.net/photo/preview/640/31307598 "Screenshot from part of https://www.virustotal.com/gui/domain/cloudflare.com.save-israel.org/relations
Visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by \"[.]\" to prevent accidental opening):
-
Passive DNS Replication (2)
-
Date resolved Detections Resolver IP
-
2024-07-31 0/94 VirusTotal 172.67.169.79
-
2024-07-31 0/94 VirusTotal 104.21.87.91
-
Subdomains (1)
-
ns.cloudflare.com.save-israel.org 0/94 172.67.169.79 104.21.87.91
-
Siblings (2)
-
com.save-israel.org 0/94 172.67.169.79 104.21.87.91
-
www.save-israel.org 0/94 63.250.43.12 63.250.43.11
-")
![Screenshot from part of https://www.virustotal.com/gui/domain/ns.cloudflare.com.save-israel.org/relations
A bit more text than visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by "[.]" to prevent accidental opening):
-
Passive DNS Replication (2)
-
Date resolved | Detections | Resolver | IP
-
2024-07-31 | 0/94 | VirusTotal | 172.67.169.79
-
2024-07-31 | 0/94 | VirusTotal | 104.21.87.91
-
Subdomains (2)
-
albert.ns.cloudflare.com.save-israel[.]org 0/ 94 188.114.96.0 188.114.97.0 188.114.96.9 ...
-
sydney.ns.cloudflare.com.save-israel[.]org
0/94 188.114.96.0 188.114.97.0 188.114.96.9 ...
-
Siblings (2)
-
com.save-israel[.]org 0/94 172.67.169.79 104.21.87.91
-
www.save-israel[.]org 0/94 63.250.43.12 63.250.43.11
-](https://nerdica.net/photo/preview/640/31307600 "Screenshot from part of https://www.virustotal.com/gui/domain/ns.cloudflare.com.save-israel.org/relations
A bit more text than visible in the screenshot (using '-' on a line on itself as line separator, and replaced the last dot in domain names by \"[.]\" to prevent accidental opening):
-
Passive DNS Replication (2)
-
Date resolved | Detections | Resolver | IP
-
2024-07-31 | 0/94 | VirusTotal | 172.67.169.79
-
2024-07-31 | 0/94 | VirusTotal | 104.21.87.91
-
Subdomains (2)
-
albert.ns.cloudflare.com.save-israel[.]org 0/ 94 188.114.96.0 188.114.97.0 188.114.96.9 ...
-
sydney.ns.cloudflare.com.save-israel[.]org
0/94 188.114.96.0 188.114.97.0 188.114.96.9 ...
-
Siblings (2)
-
com.save-israel[.]org 0/94 172.67.169.79 104.21.87.91
-
www.save-israel[.]org 0/94 63.250.43.12 63.250.43.11
-")
I may have a suggested edit for them, for brevity's sake:
Keeping user accounts safe with Cloudflare
FUCKING BLOCK IT
it's long known that the cloudflare proxy in the free tier will terminate SSL at their servers and re-encrypt it on the way to your host. They can basically analyze everything sent through the proxy.
So I'm honestly not surprised at all that they do, in fact, analyze the data users willingly throw at them.
Personally I am using* CF for my domain and DNS as well, but without proxy because of that.
*Because sadly, they are the only ones having a proper API to get letsencrypt certs via DNS auth.
not sure if that is using the monitoring, or enabling the monitoring
HTTP only, opt-in.
You can (should) do this at home.
โOnce enabled, leaked credentials detection will scan incoming HTTP requests for known authentication patternsโฆโ
to be clear, the blog post states they got their data from a feature you need to enable and configure. So this shouldn't be a surprise to most cloudflare customers.
developers.cloudflare.com/waf/โฆ
developers.cloudflare.com/waf/โฆ
Leaked credentials detection ยท Cloudflare Web Application Firewall (WAF) docs
The leaked credentials traffic detection scans incoming requests for credentials (usernames and passwords) previously leaked from data breaches.Cloudflare Docs
my iPhone does this and itโs creepy AF. It will tell me if other people use similar passwords or if mine would be easy to guess. But it will also tell me if my password has been in a data breach which has been helpful because half of these data breaches I only find out about by seeing the notation in my iPhone password area.
Then google tries to force me to set up a โpasskeyโ which wonโt help me login to Google Voice on my computer to do two factor authentication if I ever lose my phone, so Iโm not real sure how I would get back to any of these things if I misplaced my phone. I canโt transfer the phone number attached to my phone to a new phone if I canโt get into the email, and I canโt get into the email if I canโt give them a code from the phone, which is why I wanted to use a Google Voice number for that stuff, but if I lose my phone I canโt get into the Google Voice.
It all just feels like a huge scam. Yesterday I tried to file a Small Claims Court case and it only gave me two court options so I chose the one closest to me. This morning they told me my filing was rejected because I chose the wrong jurisdiction, when I got someone on the phone they told me the right one should be there, and low and behold it was today.
But as I was going through refiling this morning all I could think about was this is how they lock us out of this stuff. You can only e-file small claims cases, and if I donโt have the option to choose the correct court when I e-file I canโt file. And when it gets to the point that no one is there to answer the phone to help us there will be no help to be had.
And at this point I think I have drifted far off topic and I apologize, but itโs possible I have circled right back around to the topic at hand because this is all the same problem at its core.
this toot is a bit misleading imo.
Saying it like like you did sounds like CloudFlare keeps a database of passwords people use on websites in order to compare them. However cloudflare only compares them to previously leaked passwords (through haveibeenpwned and other sources). This could theoretically be done without cloudflare ever having the password. I don't know how they do it though.
It doesn't change the fact that CloudFlare is an actual MitM and therefore a huge security risk.
In addition, remember that Cloudflare offers DNS resolvers at the 1.1.1.1 IPv4 anycast address.
Being in the position of the a users DNS resolver opens up all kinds of possibilities for manipulation of the returned resource records. (It's been a many years since I played with DNSSEC, so I am not sure whether DNSSEC could provide protection.)
Let me put further important words in uppercase:
One more reason why it's a REALLY GOOD IDEA to REALLY #UNPLUGTRUMP ASAP!
@0xF21D wrote:
So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.
Let me put the important words in uppercase.
So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.
blog.cloudflare.com/password-rโฆ
Password reuse is rampant: nearly half of observed user logins are compromised
Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.The Cloudflare Blog
They run half the internet all for free....
ยฏ\(ใ)/ยฏ
Cloudflare + MITM = Bullshit
Still any questions? Don't usw this shit!
What software is that guy using? It looks like people are repyling from mastodon. Is this a write.as? I didn't think it had that feature actually.
Anyway, this is nuts, and one person there saying he's fine with it because it's free: said the same thing when I joined gmail what, two decades ago? Really regret that now. We should care more about privacy. _I_ didn't sign up for this.
I'm American though. Used to it.
Leaked credentials detection ยท Cloudflare Web Application Firewall (WAF) docs
The leaked credentials traffic detection scans incoming requests for credentials (usernames and passwords) previously leaked from data breaches.Cloudflare Docs
So if you give your private key and certificate to a third party to MITM you, or you let them request their own certificate, they can MITM you?!
Who saw that coming?!
Microsoft will cause millions of computers dying this year, still people are fan of M$.
I'll give it a week and then nobody cares about Cloudflare either.
@schnur Wow. We knew this was possible and huge reason for all the anti cloudflare stance.
I recall a hearing w/gov said "you realize the access you have is very important".
Might have to cover this. Thanks for sharing.
@RTP @schnur This is why I call it "clownflare" .. That US company owns over 80% of the CDN market share, which makes it the world's largest >MITM< reverse proxy
Source: w3techs.com/technologies/histoโฆ
You would think that developers would know better to configure their own infrastructure, but nah.. they choose convenience, i guess it's a human nature..
Market share trends for reverse proxy services, March 2025
Changes in the market share of reverse proxy servicesw3techs.com
Admittedly I used to run the Mastodon instance sending this message through Cloudflare, but then I one day thought that they have far too much internet traffic about everyone already and switched to bunny.net to reduce that ever so slightly.
All this has done is convince me that I was right to do that.
It still isn't perfect because how I configured it basically means bunny.net effectively MitM nearly everything instead, but I would rather give a company in Slovenia my data than a US company which has something approaching some sort of weird monopoly at this point.
You can analyze whether hashed passwords are the same without looking at the original passwords.This is how password hashing works.
dashlane.com/blog/what-is-passโฆ
What Is Password Hashing? - Dashlane
What is password hashing? Discover how it works, the algorithms it uses, and why it's crucial for data security.Dashlane
no passwords in plain text and with first 5-digit oh Hashโ๏ธ
troyhunt.com/understanding-havโฆ
Understanding Have I Been Pwned's Use of SHA-1 and k-Anonymity
Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords [https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/] that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare.Troy Hunt
mike6ixgolf reshared this.
Any more reason to switch to FIDO2 with hardware tokens or #Passkeys.
The latter only if you trust the service providers and if you don't need protection against phishing. With Passkeys and their optional delegation feature you can be tricked into transferring to a hacker. ๐
With a #FIDO2 hardware token, you're really safe.
and back in 2017, cloudflare leaked passwords :D
pbs.org/newshour/science/cloudโฆ
Cloudflare data leak potentially exposed trove of passwords, personal information for months
Cloudflare, an internet services company that manages 10 percent of all web traffic, has been leaking assorted bits of customer information since a bug appeared in their code in September 2016.PBS News
#ClownFlare is a #RogueISP and their #MITM-based approach eould've always allowed that.
- Why is ANYONE here surprised of that?
#CloudFlare is a #RogueISP known to offer Services in #Russia and to #CyberCriminals...#ClownFlare is also a #ValueRemoving #rentseeker who's core product / service is essentially a #Racketeering Scheme and should not exist as any competent hoster offers #DDoS protection free of charge...
This is going around a lot, and isn't nearly as sinister as the Mastodon megabrain is assuming.
Cloudflare analyzed (via the system that it already has to check for bad passwords and signal the service they're connected to that a password should be changed because that's a service they provide that their users can opt-in to) passwords people are using to log in (via zero-knowledge proofs sent to Have I Been Pwned, a feature HIBP has that Cloudflare helped them build) to sites they protect and discovered lots of re-use.
In no piece of that story do the ideas "Cloudflare is storing your passwords" or "anyone at Cloudflare knows your password" enter into it. But it's easy to see how people arrive at that conclusion (becuase, well... Nobody knows how passwords work!).
If Cloudflare's guilty of anything, it's that they wrote a blogpost about this targeted at people of the level of tech-sophistication where they re-use passwords (i.e., they don't even know what a "hash" is) to tell them to stop doing that... And they didn't, in the same post, guard against the possibility that readers would assume they did the analysis in a way so stupid no professional security company would ever do that.
How is that even possible unless they store the passwords unsalted?
Oh no.
Ohhhhhh no.
So wait they stole everyone's passwords and saved them in plaintext?!
OK, cloudflare scanned credentials und geht damit offen um. Das ist zwar nicht schรถn, vermutlich machen das aber viele Anbieter, um sich / ihre Systeme und auch ihre Kunden zu schรผtzen. Und sie vergleichen "nur" die gespeicherten Passwordhashes mit den รผbertragenen Credentials.
Die Erlaubnis dafรผr holen sie sich im Kleingedruckten des kostenlosen "free plan"
"Our data analysis focuses on traffic from Internet properties on Cloudflareโs free plan, which includes leaked credentials detection as a built-in feature. Leaked credentials refer to usernames and passwords exposed in known data breaches or credential dumps ..."
blog.cloudflare.com/password-rโฆ
Password reuse is rampant: nearly half of observed user logins are compromised
Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.The Cloudflare Blog
blog.cloudflare.com/password-rโฆ
Im dort verlinkten DEV post steht:
"Note
Cloudflare does not store, log, or retain plaintext end-user passwords when performing leaked credential checks. Passwords are hashed, converted into a cryptographic representation, and then compared against a database of leaked credentials."
developers.cloudflare.com/waf/โฆ
Nicht schรถn, aber formal korrekt.
Password reuse is rampant: nearly half of observed user logins are compromised
Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.The Cloudflare Blog
Apparently DOD went through the web pages for Medal of Honor recipients and marked those of non-white dudes as "DEI", which also broke links.
The shameless racism is nakedly on display.
Darth Tiktaalik likes this.
reshared this
Coach Pฤแนini ®, Mark Newton, stuxโก, Florian Schmidt, DoomsdaysCW and Darth Tiktaalik reshared this.
Although the DoD won't share it, Gen Rogers' Wikipedia page has his Medal of Honor citation. He charged through multiple waves of incoming artillery fire to lead his men to repel an attack, and was seriously wounded TWICE in the process.
"DEI" should not be not a smear, but in this case, DEI my ass.
reshared this
Mark Newton, Coach Pฤแนini ®, Florian Schmidt and Ricki Crush Bandicute Tarr reshared this.
This racial discrimination also includes 21 MoH recipients from the #442nd RCT (Regimental Combat Team, Go for Broke) during WWII. The 442nd had most MoH recipients for a unit of just 4000 men.
โชSam Sethi said, on bsky:
> If the racists [sic] US Govt really want to dishonour their black or female veterans, odd they have not replaced the 404 image
Grabbed image while I could; great JPEG with full details!
Caption: U.S. Marine Corps Cpl. Ava Alegria, a combat photographer [...] , and Sgt. Kevin Cherry, a drill instructor with Lima Company, 3rd Recruit Training Battalion [...] Parris Island, S.C., Dec. 19, 2024. (U.S. Marine Corps Photo by Lance Cpl. Ayden Cassano)
@danmcd When I take the "dei" out of the URL I get what looks like a redirect response to the URL with the "dei" added back in and THEN I get a 404.
To test that it's not just my fancy browser doing it, I tried with links and got the same behavior.
@jef @danmcd Because it would mean that the people who actually have to upkeep this are taking steps to make it reversible at least. The website could actually be completely intact, this could be done in a reverse proxy.
Being unable to stop it from happening, this would be the next best thing. As soon as whoever needs to get their head out their ass to stop this does, they could put it back.
Also present at this link, but it is not a .gov site.
cmohs.org/recipients/charles-cโฆ
Charles Calvin Rogers | Vietnam War | U.S. Army | Medal of Honor Recipient
U.S. Army Lieutenant Colonel Charles Calvin Rogers was presented the Medal of Honor for military valor during the Vietnam War.Congressional Medal of Honor Society
Darth Tiktaalik likes this.
For the billionaires funding the end of American democracy, bigots are the perennially reliable voting bloc for fascists & Russian psyops.
The coded language of bigotry.
The CRT furor was funded by Koch, Putin, Sharon Virts, Dunn, Wilks, Ackman & Paul Singer.
The DEI and trans furor has the same funding.
thenation.com/article/politicsโฆ
jacobin.com/2022/09/wall-streeโฆ
cnbc.com/2021/11/10/critical-rโฆ
washingtonpost.com/technology/โฆ
thedailybeast.com/right-wing-aโฆ
Warmongers too:
desmog.com/2025/03/14/heritageโฆ
Heritage Foundation and Allies Discuss Dismantling the EU - DeSmog
The group that drafted a key blueprint for Donald Trumpโs second term convened a meeting in Washington D.C. this week to consider proposals for bulldozing the European Union (EU).Sam Bright (DeSmog)
The US government is at war with its own citizens.
It wasn't just about removing undocumented migrants, it was also about changing the status of existing American citizens.
It's shocking, but it's also a logical consequence of believing some people deserve to survive, thrive, and be happy, more than others.
Sexism, racism, homophobia, transphobia, religion, capitalism, supremacy, monarchy, patriotism, nationalism, fascism... it's a continuum.
web.archive.org/web/2025030516โฆ
Medal of Honor Monday: Army Maj. Gen. Charles Calvin Rogers
Army Maj. Gen. Charles Calvin Rogers worked for gender and race equality while in the service. But he's perhaps most well-known for his leadership during an intense battle in Vietnam, which earned himU.S. Department of Defense
I'd respect them just slightly more if they said what they mean
So many "free thinkers" love their code words to play lawyer
The once great USA looks like a tag-nut on the arse hairs of humanity these days.
Coming from less-than-great-Britain that seems like a terrible thing to say, and I apologise to my American friends who maybe don't see what's happening, for being so blunt.
The world is laughing at the American clown show (except those who are afraid, I guess).
Let's hope USA vomits its poison soon, and starts to recover...
Race breakdown of the US Army.
Would you join up if youโre non-white?
statista.com/statistics/214869โฆ
Distribution of race and ethnicity among the U.S. military 2019 | Statista
In the fiscal year of 2019, 21.39 percent of active-duty enlisted women were of Hispanic origin.Statista
See if the DoD marked some white guys as DEI too: that could happen if they used software to detect a face and a white guy's face was dark enough due to poor lighting to trick the software into classifying him/her as non-white.
It wouldn't surprise me if they didn't think anything through: their 1st priority is to generate those 5 sentences for Musk describing each thing they accomplished in a week.
Donโt tell them about Edward Carter Jr. but everyone should read about this American hero before their intern gets around to removing it too
Darth Tiktaalik likes this.
check out this heroโs story too: Army Pfc. William Henry Thompson
Darth Tiktaalik likes this.
Darth Tiktaalik likes this.
Darth Tiktaalik reshared this.
"Joining me today on the pod is someone I'm hoping to reach across the aisle to. Ladies and gentlemen, welcome Joseph Goebbels!"
RE: bsky.app/profile/did:plc:cd3uwโฆ
Darth Tiktaalik reshared this.
#illustration #comicart #history #art #death
Darth Tiktaalik reshared this.
Trump Deports a Legal US Resident to Censor Criticism of Israel
Hey welcome back to my new channel, Documenting the Collapse of US Democracy! I know this must be strange for those of you who preferred the old format of discussing science and critical thinking butRebecca Watson (Skepchick)
reshared this
Darth Tiktaalik reshared this.
258 cases of #measles. And yet:
"a health department spokesperson said it was withholding further information because 'these cases donโt pose a public health risk and to protect patient privacy.'"
Bullshit! Measles is very infectious and the unvaccinated and undervaccinated are at risk. Most of the people affected were unvaccinated.
Talk to your doctor about your vaccine status.
arstechnica.com/health/2025/03โฆ
Texas measles outbreak spills into third state as cases reach 258
Oklahoma says the cases โdonโt pose a public health risk.โโฆBeth Mole (Ars Technica)
Darth Tiktaalik reshared this.
Just because it's predictable for racist fascists to do this, doesn't make it any less infuriating, disgusting or reprehensible.
Black Lives Matter
apnews.com/article/black-livesโฆ
DC begins removing 'Black Lives Matter' plaza after pressure from GOP
Crews have begun work to remove the large yellow โBlack Lives Matterโ painted on the street one block from the White House. D.C. Mayor Muriel Bowser announced the change last week in response to pressure from activist Republicans in Congress.Ashraf Khalil (AP News)
reshared this
stuxโก, DoomsdaysCW and Darth Tiktaalik reshared this.
David Bowie - I'm Afraid of Americans (Official Music Video) [4K Upgrade]
The official 4K upgradde music video for David Bowie - I'm Afraid Of AmericansTaken from Bowie's 21st studio album 'Earthling' released in 1997, which featur...YouTube
@BlurryBits ๐ช
You should be & I miss Bowie.
I will add that the fascists & oligarchs should be scared of us, too. A few more Luigis...
that really is a great and efficient use of money, isn't it?
ARGH!!!!!!!!!!!!!!!!!
disgusting
Sir Rochard 'Dock' Bunson reshared this.
The rubble from the destruction of Black Lives Matter plaza tells the other side of that story. Fascism is rising, and they are on the upswing. But hold this rubble in your heart, for with its stones, we will destroy fascism again, and again, and every time they rise, we will pick up our rocks and go to war.
@JosephMeyer
firstamendment.mtsu.edu/articlโฆ
Worth a read.
Anti-Mask Laws | The First Amendment Encyclopedia
Opponents of mask bans and anti-mask laws typically invoke the First Amendment rights of association and anonymous speech.Deborah Fisher (Free Speech Center)
Crowds with banners in the street?
Does no one care in the US?
Sir Rochard 'Dock' Bunson reshared this.
@mndflayr Those are all very good and valid questions. ๐ช
We could really use a bunch of Mr. Meeseeks to fuck shit up.
Seems easier to help Jerry with his golf skills. ๐คท
Seriously though, here in Europe, in most countries there would be big protests already, probably right after the first DOGE action...
Darth Tiktaalik reshared this.
reshared this
Darth Tiktaalik, Riley S. Faelan and No Gods , no Masters! RESIST reshared this.
reshared this
Darth Tiktaalik, Coach Pฤแนini ® and Veda Dalsette reshared this.
In my case, one particular vote broke me: to increase death benefits for Gold Star widows of fallen servicemembers in Iraq and Afghanistan.
Post 9/11, yellow-ribbon-wearing, American flag-pinning, Toby Keith-blaring Republicans voted it down in party line.
inaniludibrio.com/2024/07/08/dโฆ
Do Nothing Kings
Fun & Rewarding The most fun and rewarding job in my career was the two years I spent in Chicago doing opposition and vulnerability research for local, state, and federal campaigns. I never madโฆInani Ludibrio
Automakers warn that Trump tariffs will hike vehicle prices as much as 25%
Many in the industry warn that the tariffs will disrupt the integrated supply chain across North America that has been in place for more than 25 years.David Shepardson (The Japan Times)
reshared this
Darth Tiktaalik reshared this.
Aral Balkan
in reply to Black Aziz Anansi • • •