• chevron_right

      SBF tries to revise bail conditions after judge noted suspicious VPN use / ArsTechnica · Thursday, 2 March, 2023 - 17:27 · 1 minute

    SBF tries to revise bail conditions after judge noted suspicious VPN use

    Enlarge (credit: Bloomberg / Contributor | Bloomberg )

    A few weeks ago, disgraced FTX founder Samuel Bankman-Fried was in danger of losing his bail package and potentially being jailed until October. The court was fed up with trying to monitor Bankman-Fried’s online activity, and United States district judge Lewis Kaplan decided that the only option left was for Bankman-Fried to recommend independent experts who could help the court set appropriate bail conditions to limit any suspicious online activity.

    Kaplan gave Bankman-Fried until this Friday to find experts who could help the court determine precisely what tech privileges needed to be revoked to ensure that Bankman-Fried would be incapable of compromising the court’s investigation into the criminal fraud case, Bloomberg reported . Yesterday, Bankman-Fried officially submitted his recommendations, naming two tech consultants he believes are qualified to advise on his bail conditions: Edward Stroz and Michael McGowan.

    Bankman-Fried supplied resumes for both candidates. Stroz was an FBI agent in the 1980s and 1990s, specializing in major international financial crimes. During that time, he created New York City’s Computer Crime Squad and investigated hundreds of cases alleging bank fraud. Since then, he has spent the past two decades managing an international consulting firm, Aon, where his duties include overseeing digital forensics investigations for corporate clients, trial counsel, and civil litigants.

    Read 6 remaining paragraphs | Comments

    • chevron_right

      Report: More Twitter drama after Slack shutdown; employees play hooky / ArsTechnica · Friday, 24 February, 2023 - 21:31

    Report: More Twitter drama after Slack shutdown; employees play hooky

    Enlarge (credit: Anadolu Agency / Contributor | Anadolu )

    On Wednesday and Thursday, Twitter’s internal Slack channels were suddenly shut down. Platformer reported that the company manually shut services off. Before that was confirmed, a Twitter employee posting on the anonymous workplace chat app Blind had speculated that it was also possible that Twitter had shut down employee access because it had stopped paying its Slack bills.

    Whatever the reason driving Twitter’s decision to remove Slack access, it resulted in a very unproductive work day for some Twitter employees who were suddenly unable to communicate, Platformer reported. At the same time that employees lost Slack access, they also couldn’t access Jira, a tracking software that Platformer said engineers use to ship code and monitor progress on new features. Rather than being equipped to go “hardcore,” some decided to just take the day off. Other employees took two days off.

    Apparently, Twitter told employees that the Slack channel was down for “routine maintenance,” but a Slack employee told Platformer that was “bullshit.”

    Read 12 remaining paragraphs | Comments

    • chevron_right

      First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) / ArsTechnica · Thursday, 5 January, 2023 - 23:04

    Shot of a person looking at a hacking message on her monitor reading


    In the past 24 hours, the world has learned of serious breaches hitting chat service Slack and software testing and delivery company CircleCI, though giving the companies' opaque wording—“security issue” and “security incident,” respectively—you'd be forgiven for thinking these events were minor.

    The compromises—in Slack’s case, the theft of employee token credentials and for CircleCI, the possible exposure of all customer secrets it stores—come two weeks after password manager LastPass disclosed its own security failure : the theft of customers’ password vaults containing sensitive data in both encrypted and clear text form. It’s not clear if all three breaches are related, but that’s certainly a possibility.

    The most concerning of the two new breaches is the one hitting CircleCI. On Wednesday evening, the company reported a “security incident” that prompted it to advise customers to rotate “all secrets” they store on the service. The alert also informed customers that it had invalidated their Project API tokens, an event requiring them to go through the hassle of replacing them .

    Read 12 remaining paragraphs | Comments

    • chevron_right

      Qui protège le mieux vos messages privés entre TikTok, Messenger, WhatsApp, Twitter et les autres ? / Numerama · Monday, 28 November, 2022 - 07:25

    Protonmail mail chiffré chiffrement

    Les applications et les réseaux sociaux fournissent des niveaux de sécurité variables pour les messages privés. De base, il y a toujours du chiffrement pour sécuriser les discussions pendant leur transport sur Internet. Mais pour ce qui est du chiffrement de bout en bout, c'est très hétérogène. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité

    • chevron_right

      Comment ajouter des émojis personnalisés sur Slack ? / Numerama · Friday, 20 May, 2022 - 15:01

    Vous avez envie d'avoir l'air super cool auprès de vos collègues sur Slack ? Ajoutez des émojis personnalisés ! Voilà comment faire. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité

    • chevron_right

      Helpful advisory in job description

      debacle · Thursday, 27 May, 2021 - 08:00 edit

    In some work environments it is - unfortunately - not yet possible to avoid the use of certain shady, non-free services. Even in the area of #freesoftware. Of course, many of us would prefer not to use #Zoom or #Slack etc.

    Still, many #job description do not contain any hint, that such tools are used at work. (I'm not looking for a job, so I might have missed a new trend here.) Therefore kudos to #OTS (Open Tech Strategies) for including this warning in their job posting on the #Debian jobs mailing list:

    Please note that some of our clients use proprietary communications tools, e.g., Zoom, Google Docs, Slack, etc, and therefore applicants need to be willing to use such tools when interacting with those clients.


    • Li chevron_right

      Update Your Slack Passwords Now, Android Users / LifehackerAustralia · Tuesday, 9 February, 2021 - 20:37 · 1 minute

    Over the weekend, some Slack Android users received a seemingly random email urging them to update their passwords. The email claims a bug in the Android app incorrectly logged password data as plaintext that could be easily scooped up by hackers.

    I don’t blame you if you ignored the email — it has many signs of a phishing scam — but it’s legit. Android Police confirmed with multiple Slack representatives that the emails originated from Slack, the security issues are real, and the links within the message are safe to click. While there’s no evidence passwords have been stolen or accounts hacked, Slack is proactively asking users to update their passwords.

    Slack’s email includes instructions for changing your password and clearing your app cache, but it’s unclear if all affected users were alerted, so it’s wise for anyone using Slack on Android to follow the company’s suggestions, even if they didn’t get the email. Here’s what you need to do:

    First, update your password with the link in Slack’s email, or under your account settings on Slack’s website.

    Next, make sure you have the right version of Slack installed. This part is simple: If Slack works on your phone, you have the right version; if not, you can safely download the latest build from Google Play. Google removed the bugged version of the app from Google Play, which also disabled it on devices that had previously downloaded it, so there’s no risk in using the app anymore.

    With the correct version of Slack installed on your device, the last step is to clear the app’s data cache to ensure the improperly-stored password data is removed. There are two ways to do this:

    ( Note: Clearing the app cache logs you out of Slack, so make sure you sign back in afterward.)

    1. In your Android settings, g o to Settings > Apps > Slack > Storage and select “ Clear Data or Storage .
    2. Long-press the Slack icon from your app launcher. Tap App Info , then Storage , then select “Clear Data or Storage.”

    The post Update Your Slack Passwords Now, Android Users appeared first on Lifehacker Australia .

    • chevron_right

      Movim: alternativa a Facebook / hispanos · Sunday, 31 January, 2021 - 07:12 edit

    Movim es una red social y chat parecida a #Facebook pero #libre, descentralizada, con soporte para comunidades, foros, blogs/páginas, grupos de chats integrados con las salas de #XMPP / #Jabber, stickers, gif animados, bolita verde para saber quien está online, saber quien está escribiendo, reaccionar a los mensajes con cualquier emoji, también puedes encontrar contenido adulto, memes, puedes usar apps como para chatear, puente entre tu cuenta de #Movim y #Telegram, #Discord, #Slack, #RocketChat, etc.

    Lee el artículo completo aquí:

    • chevron_right

      Slack Privacy Policy

      Timothée Jaussoin · Wednesday, 6 January, 2016 - 07:37 edit · 1 minute

    For every teams that are using Slack. Be sure that you are ok with the Privacy Policy of the platform.

    We may employ third party companies or individuals to process personal information on our behalf based on our instructions and in compliance with this Privacy Policy. For example, we may share data with a security consultant to help us get better at preventing unauthorized access or with an email vendor to send messages on our behalf. We may also share data with hosting providers, payment processors, marketing vendors, and other consultants who work on our behalf.

    We may also share aggregated or de-identified information with our partners or others for business or research purposes. For example, we may tell a prospective Slack customer the average number of messages sent within a Slack team in a day or may partner with research firm or academics to explore interesting questions about workplace communications. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.

    All the communication made with Slack are saved on their servers in a way that they can have access to everything in a quite simple way (including conversation history, files…).

    And to clarify the last sentence in bold, if I understand correctly (correct me if I'm wrong) : "this policy allow the disclosure and use of aggregated or identified data (with our partners)".