The third edition of the "Scrolls" newsletter is live! https://shellsharks.com/scrolls/scroll/2025-02-14

For those new to Scrolls, it's a free weekly newsletter all about the #IndieWeb and the #Fediverse (with some #infosec / #cybersecurity stuff thrown in there for fun).

You can subscribe directly to the newsletter in your #RSS reader of choice using this link https://shellsharks.com/feeds/scroll-feed.xml.

Let me know if you like it!

Special thanks to this week's "contributors" - folks from across the Social Web who shared interesting stuff and now, I've compiled some of that stuff here. (Sorry for the mass-@'ing, but trying to give credit where credit's due!)

@iftas @me @philipp @WeirdWriter @stefan @beardedtechguy @altsocialmedianet @readbeanicecream @crisl_at @hello @sophie @BeamMeOut@deadsuperhero @sol2070 @CrazyBlue@puppygirlhornypost2 @squiblydoo @neauoire@atomicpoet @joel @jtk @shannonkay @mala @data0 @hongminhee @stage7 @mms @anubiarts @christopherkunz @adamshostack @frichetten @von @karpour @hamatti @st1nger @ringzer0 @mastodonmigration @daedalus @matthewguy

19yo son who studies biomedical science shared this and titled it etheriophage. 💯 #meme #computervirus #infosec

I recently saw an interesting thread elsewhere: someone expressing high frustration with two factor/multifactor authentication in their day to day life, and nearly every response being of agreement, sometimes very vehement. I don’t think most of these people worked in infosec or IT. Some were dealing with MFA on university systems, some on work systems. They all loathed it. But the why expressed by many for the loathing was what was really interesting. Sure, many expressed irritation about being interrupted multiple times a day by MFA prompts, some were annoyed that it was in place for what they saw as systems that “didn’t need to be that secure”, etc. The common refrains one hears from people in security awareness discussions and/or about less user friendly implementations. But the broadest sentiment?

That it didn’t matter because their PII - their SSNs, their credit card numbers, so on and so forth - had already been stolen so many times, that nothing was really being done to stop that from happening, that it was happening more and more and the companies responsible for losing the data weren’t being punished. In the face of all that, they didn’t want to have to keep dealing with the pain of being forced to use MFA when they felt it wasn’t helping anything,

#InfoSec#MFA