kiding 🧑💻
@kiding.bsky.social
Dongsung "Donny" Kim
make break software
📣 IT-Security Expert / DEF CON Speaker
🏢 Security Office
🎙 kiding
🏠 https://kidi.ng
make break software
📣 IT-Security Expert / DEF CON Speaker
🏢 Security Office
🎙 kiding
🏠 https://kidi.ng
@rmondello.com Hi, Ricky! I have a passkey-related question if it's alright to ask. Would it be okay to implement passkey that would not require an OTA even if set up (I've seen here and there), and if so, what would be the rationale and/or the attack models it protects against? Thanks in advance!
December 8, 2025 at 8:04 AM
@rmondello.com Hi, Ricky! I have a passkey-related question if it's alright to ask. Would it be okay to implement passkey that would not require an OTA even if set up (I've seen here and there), and if so, what would be the rationale and/or the attack models it protects against? Thanks in advance!
Reposted by kiding 🧑💻
Here’s my Spotify Wrapped 🎵✨
December 3, 2025 at 4:51 PM
Here’s my Spotify Wrapped 🎵✨
Reposted by kiding 🧑💻
After we published this story, Kohler has removed all mentions of "end-to-end encryption" from its website.
Company PR said: "We used the term with respect to the encryption of data between our users (sender) and Kohler Health (recipient)."
Company PR said: "We used the term with respect to the encryption of data between our users (sender) and Kohler Health (recipient)."
NEW: Your "end-to-end encrypted" poop pictures taken by this $599 (+ subscription) smart toilet camera are actually not end-to-end encrypted.
¯\_(ツ)_/¯
techcrunch.com/2025/12/03/e...
¯\_(ツ)_/¯
techcrunch.com/2025/12/03/e...
‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted | TechCrunch
Kohler, the makers of a smart toilet camera, can access customers' data stored on its servers, and can use customers’ bowl pictures to train AI.
techcrunch.com
December 5, 2025 at 4:25 PM
After we published this story, Kohler has removed all mentions of "end-to-end encryption" from its website.
Company PR said: "We used the term with respect to the encryption of data between our users (sender) and Kohler Health (recipient)."
Company PR said: "We used the term with respect to the encryption of data between our users (sender) and Kohler Health (recipient)."
12월 3일을 기억합니다.
새벽에 우리가 모였던 국회 앞에서는 쓰레기를 버리는 사람, 돌을 던지는 사람, 경찰차에 올라가는 사람, 차 유리를 깨는 사람, 화염병을 던지는 사람은 단 하나도 없었다. 나뒹구는 소주병 뚜껑 속에 서로가 서로에게 건네는 것은 방금 을지로에서 잔뜩 뽑아온 피켓과 따뜻한 일회용 손난로, 그리고 단 하나의 목표, 연대. 이것은 지난 동지들의 피와 목숨으로 얻은 시위 문화였다.
December 3, 2025 at 1:10 AM
12월 3일을 기억합니다.
27일 개최되는 유럽 최대 보안 컨퍼런스 39C3(39. Chaos Communication Congress)에는 한국과 관련된 세션이 두가지 준비되어 있습니다.
Learning from South Korean Telco Breaches
- Shinjo "peremen" Park (@pheremen.bsky.social)
- Yonghyu Ban (@perillamint.pds.witchcraft.systems)
Learning from South Korean Telco Breaches
- Shinjo "peremen" Park (@pheremen.bsky.social)
- Yonghyu Ban (@perillamint.pds.witchcraft.systems)
December 2, 2025 at 2:50 AM
27일 개최되는 유럽 최대 보안 컨퍼런스 39C3(39. Chaos Communication Congress)에는 한국과 관련된 세션이 두가지 준비되어 있습니다.
Learning from South Korean Telco Breaches
- Shinjo "peremen" Park (@pheremen.bsky.social)
- Yonghyu Ban (@perillamint.pds.witchcraft.systems)
Learning from South Korean Telco Breaches
- Shinjo "peremen" Park (@pheremen.bsky.social)
- Yonghyu Ban (@perillamint.pds.witchcraft.systems)
Reposted by kiding 🧑💻
The Doctor is right and correct
Always love to see great talent using their platform for unabashed good.
'F*** Off And Let People Be': David Tennant Doubles Down On Support For Trans People
"People are trying to create division... and it's so f***ing unnecessary."
www.huffingtonpost.co.uk
November 29, 2025 at 12:51 PM
The Doctor is right and correct
Studies have not ruled out the possibility that drinking water causes autism...
The CDC website now disseminates disinformation about vaccines, claiming erroneously that infant vaccines might cause autism, when we know conclusively that they do not. It is difficult to overstate just how dangerous this is. www.cdc.gov/vaccine-safe...
November 21, 2025 at 6:00 AM
Studies have not ruled out the possibility that drinking water causes autism...
트랜스젠더 추모의 날입니다. 그럭저럭 지내는 줄 알았는데 어느 순간부터 글이 올라오지 않다가 부고를 전해듣게 된 여러 명을 추모합니다. 그들을 위해서라도 지금 살아있는 우리는 꼭 자연사하길 바랍니다.
November 20, 2025 at 12:43 PM
트랜스젠더 추모의 날입니다. 그럭저럭 지내는 줄 알았는데 어느 순간부터 글이 올라오지 않다가 부고를 전해듣게 된 여러 명을 추모합니다. 그들을 위해서라도 지금 살아있는 우리는 꼭 자연사하길 바랍니다.
Reposted by kiding 🧑💻
Silksong’s fascination with religion is obvious from the beginning. But only in examining the game’s conclusion(s) does its perspective become clear — this is a story about the apocalyptic finish line, a story about the end of stories. And it is also about what comes after.
youtu.be/Rp-gPD_-RM4
youtu.be/Rp-gPD_-RM4
November 19, 2025 at 4:31 PM
Silksong’s fascination with religion is obvious from the beginning. But only in examining the game’s conclusion(s) does its perspective become clear — this is a story about the apocalyptic finish line, a story about the end of stories. And it is also about what comes after.
youtu.be/Rp-gPD_-RM4
youtu.be/Rp-gPD_-RM4
옆집 포스트모템만큼 흥미진진한 것도 없지요… 언제나 그렇지만 Cloudflare의 최대 강점은 본사 레벨의 투명성에서 오는 것 같습니다. 무슨 일이 일어나도 곧 길고 긴 블로그 글이 올라올 것이며 뭘 어쨌고 어떻게 고칠 건지 설득할 거라는 믿음. 그래서 이런 일이 터져도 신뢰할 수 있는 것 같습니다. 그 기조가 지사에도 내려왔으면 참으로 좋겠지만…
On November 18 Cloudflare experienced a service outage. Here's a detailed breakdown of what happened. https://cfl.re/43Bw8AI
Cloudflare outage on November 18, 2025
Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.
blog.cloudflare.com
November 19, 2025 at 1:28 AM
옆집 포스트모템만큼 흥미진진한 것도 없지요… 언제나 그렇지만 Cloudflare의 최대 강점은 본사 레벨의 투명성에서 오는 것 같습니다. 무슨 일이 일어나도 곧 길고 긴 블로그 글이 올라올 것이며 뭘 어쨌고 어떻게 고칠 건지 설득할 거라는 믿음. 그래서 이런 일이 터져도 신뢰할 수 있는 것 같습니다. 그 기조가 지사에도 내려왔으면 참으로 좋겠지만…
Reposted by kiding 🧑💻
We can no longer trust that survey responses are coming from real people.”
A Researcher Made an AI That Completely Breaks the Online Surveys Scientists Rely On
We can no longer trust that survey responses are coming from real people.”
www.404media.co
November 17, 2025 at 8:15 PM
We can no longer trust that survey responses are coming from real people.”
I love Passkeys, and I hope one day Safari would authenticate me with my Apple Watch...
November 13, 2025 at 2:39 AM
I love Passkeys, and I hope one day Safari would authenticate me with my Apple Watch...
Reposted by kiding 🧑💻
NEW: Cybersecurity firm Deepwatch laid off around 80 people citing AI the reason.
CEO John DiLullo said the company “is aligning our organization to accelerate our significant investments in AI.”
A current employee said: “they’re doing something with AI and agentic AI but it sounds like bullshit.”
CEO John DiLullo said the company “is aligning our organization to accelerate our significant investments in AI.”
A current employee said: “they’re doing something with AI and agentic AI but it sounds like bullshit.”
Cybersecurity firm Deepwatch lays off dozens, citing move to "accelerate" AI investment | TechCrunch
Deepwatch’s CEO told TechCrunch that the layoffs allow the company to accelerate investments in “AI and automation.”
techcrunch.com
November 12, 2025 at 8:08 PM
NEW: Cybersecurity firm Deepwatch laid off around 80 people citing AI the reason.
CEO John DiLullo said the company “is aligning our organization to accelerate our significant investments in AI.”
A current employee said: “they’re doing something with AI and agentic AI but it sounds like bullshit.”
CEO John DiLullo said the company “is aligning our organization to accelerate our significant investments in AI.”
A current employee said: “they’re doing something with AI and agentic AI but it sounds like bullshit.”
Reposted by kiding 🧑💻
Immensely refreshing read
November 10, 2025 at 10:21 PM
Immensely refreshing read
여러분의 회사 컴퓨터는 어떻게 관리되고 있나요?
블스에 투표 기능이 없어서 부득이 트위터입니다...
블스에 투표 기능이 없어서 부득이 트위터입니다...
kiding 🧑💻 on X: "여러분의 회사 컴퓨터는 어떻게 관리되고 있나요? (1/6)" / X
여러분의 회사 컴퓨터는 어떻게 관리되고 있나요? (1/6)
x.com
November 10, 2025 at 5:56 AM
여러분의 회사 컴퓨터는 어떻게 관리되고 있나요?
블스에 투표 기능이 없어서 부득이 트위터입니다...
블스에 투표 기능이 없어서 부득이 트위터입니다...
Reposted by kiding 🧑💻
Tax the churches.
November 8, 2025 at 7:27 PM
Tax the churches.
Removed the X app from my phone and slapped a PWA on the home screen. Push notifications work, ad blockers work. Now finally it feels like a glorified RSS reader, as it should be.
November 9, 2025 at 11:21 PM
Removed the X app from my phone and slapped a PWA on the home screen. Push notifications work, ad blockers work. Now finally it feels like a glorified RSS reader, as it should be.
Reposted by kiding 🧑💻
I gave an opening keynote at the FIDO Alliance’s “Authenticate” conference a few weeks ago! My goal was to explain, as clearly as I can, why passkeys are important and how we should use them to reduce the harm that passwords cause. [1/2]
YouTube link: www.youtube.com/watch?v=otOb...
YouTube link: www.youtube.com/watch?v=otOb...
Authenticate 2025 Keynote | Ricky Mondello, Apple | Get the Most Out of Passkeys
YouTube video by FIDO Alliance
www.youtube.com
November 7, 2025 at 1:51 PM
I gave an opening keynote at the FIDO Alliance’s “Authenticate” conference a few weeks ago! My goal was to explain, as clearly as I can, why passkeys are important and how we should use them to reduce the harm that passwords cause. [1/2]
YouTube link: www.youtube.com/watch?v=otOb...
YouTube link: www.youtube.com/watch?v=otOb...
@hankgreen.bsky.social When I search for "Focus Friend," the first result feels off. It has screenshots, detailed description & FAQ, even embeds your video, but somehow the app can edit photos with prompts? I'm assuming this is simply farming ad revenue, but can you confirm this is not legit?
November 8, 2025 at 7:25 AM
@hankgreen.bsky.social When I search for "Focus Friend," the first result feels off. It has screenshots, detailed description & FAQ, even embeds your video, but somehow the app can edit photos with prompts? I'm assuming this is simply farming ad revenue, but can you confirm this is not legit?
Reposted by kiding 🧑💻
X and TikTok accounts are dedicated to posting AI-generated videos of women being strangled.
OpenAI’s Sora 2 Floods Social Media With Videos of Women Being Strangled
X and TikTok accounts are dedicated to posting AI-generated videos of women being strangled.
www.404media.co
November 7, 2025 at 3:58 PM
X and TikTok accounts are dedicated to posting AI-generated videos of women being strangled.
Reposted by kiding 🧑💻
Apple’s App of the Day is our app for using apps less! A small win in an admittedly losing battle, but I’ll still celebrate it!!
November 7, 2025 at 9:55 PM
Apple’s App of the Day is our app for using apps less! A small win in an admittedly losing battle, but I’ll still celebrate it!!
Reposted by kiding 🧑💻
NEW, by me: Researchers have discovered an Android spyware that specifically targeted Samsung Galaxy phones during a nearly year-long hacking campaign. The spyware relied on a zero-day bug triggered by sending a victim a malware-laced photo via a messaging app. Victims are likely in the Middle East.
'Landfall' spyware abused zero-day to hack Samsung Galaxy phones | TechCrunch
A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch.
techcrunch.com
November 7, 2025 at 12:13 PM
NEW, by me: Researchers have discovered an Android spyware that specifically targeted Samsung Galaxy phones during a nearly year-long hacking campaign. The spyware relied on a zero-day bug triggered by sending a victim a malware-laced photo via a messaging app. Victims are likely in the Middle East.
Reposted by kiding 🧑💻
“0% woke shit”
a black man with a physical disability leads an environmental terrorist cell trying to save the planet from mega-billionaires and you play as a cross dressing twink femdomed by two different women ending and the final boss against the gayest angel of all time
a black man with a physical disability leads an environmental terrorist cell trying to save the planet from mega-billionaires and you play as a cross dressing twink femdomed by two different women ending and the final boss against the gayest angel of all time
November 7, 2025 at 7:59 PM
“0% woke shit”
a black man with a physical disability leads an environmental terrorist cell trying to save the planet from mega-billionaires and you play as a cross dressing twink femdomed by two different women ending and the final boss against the gayest angel of all time
a black man with a physical disability leads an environmental terrorist cell trying to save the planet from mega-billionaires and you play as a cross dressing twink femdomed by two different women ending and the final boss against the gayest angel of all time
Reposted by kiding 🧑💻
스카이 뉴스의 조사에 따르면 X의 알고리즘은 머스크와 같은 유저를 선호하며 우익 및 극단적인 콘텐츠를 증폭시킨다고 말함.
정치적 성향(좌, 우, 중립)에 따라 분류된 9명의 새로운 X 사용자의 For You 피드에 표시된 게시물을 분석한 결과, 사용자 선호도에 관계없이 정치 콘텐츠의 60% 이상이 우익인 것으로 나타났음
정치적 성향(좌, 우, 중립)에 따라 분류된 9명의 새로운 X 사용자의 For You 피드에 표시된 게시물을 분석한 결과, 사용자 선호도에 관계없이 정치 콘텐츠의 60% 이상이 우익인 것으로 나타났음
"The X algorithm prioritises sending new users right-wing leaning content", a Sky News Data and Forensics investigation reveals
news.sky.com/story/the-x-...
news.sky.com/story/the-x-...
Elon Musk is boosting the British right - and this shows how
Elon Musk is boosting the British right - and this shows how
news.sky.com
November 6, 2025 at 1:57 PM
스카이 뉴스의 조사에 따르면 X의 알고리즘은 머스크와 같은 유저를 선호하며 우익 및 극단적인 콘텐츠를 증폭시킨다고 말함.
정치적 성향(좌, 우, 중립)에 따라 분류된 9명의 새로운 X 사용자의 For You 피드에 표시된 게시물을 분석한 결과, 사용자 선호도에 관계없이 정치 콘텐츠의 60% 이상이 우익인 것으로 나타났음
정치적 성향(좌, 우, 중립)에 따라 분류된 9명의 새로운 X 사용자의 For You 피드에 표시된 게시물을 분석한 결과, 사용자 선호도에 관계없이 정치 콘텐츠의 60% 이상이 우익인 것으로 나타났음