I keep getting this email occadionally:
Your iCloud storage is almost full
Now for various reasons, I don’t want my children to be using iCloud to store data, files, photos or any of the sort. They’re free to use iMessages, and other Apple services like the App Store, etc, but not storage.
So I’ve set about blocking iCloud Storage API(s) via AdGuard Home tonight as well as ensuring that my local network (client users) cannot bypass DNS policies and get out other sneaky ways, because some applications will just use other DNS servers, or DOH or DOT.
My Recon Automation Found an Email Confirmation Bypass
How a simple parameter led to a complete authentication bypass
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/my-recon-automation-found-an-email-confirmation-byp … ⌘ Read more
Gmail will no longer support checking emails from third-party accounts via POP
Article URL: https://support.google.com/mail/answer/16604719?hl=en
Comments URL: https://news.ycombinator.com/item?id=45439670
Points: 649
# Comments: 366 ⌘ Read more
Earlier this year, I used Purelymail until I switched back to a self-hosted email server. Today, I found out that Purelymail was sold shortly after I closed my account due to health reasons. The new owner has pledged to continue the service in the same spirit as its founder, who always provided excellent support when I needed it. My reason for switching wasn’t due to any dissatisfaction with Purelymail; I simply wanted more control and to host my data in Europe again. I wish Purelymail all the best and hope it conti … ⌘ Read more
↳
In-reply-to
»
@movq Right now I'm basically just blocking entire ASN(s) at this point and large blocks of IP(s) from Anthropic, OPenAI, Microsoft and others.
⤋ Read More
@prologic@twtxt.net I’m doing that now as well, but I don’t think this is a good solution. This is going to hurt “self-hosting” in the long run: I cannot afford true self-hosting where I actually do host everything here at home – instead, I must use a cloud provider / VPS for that. It is only a matter of time until my provider starts doing AI shit as well (or rather, the customers do it) and then what? I get blocked, e.g. I can’t send email to (some) people anymore. This is already bad and it’s going to get worse.
↳
In-reply-to
»
hey! i asked this a while ago but i have to ask again -- is anyone willing to offer space on their yarn pod to my friend? i would love to invite her to my own but she's unable to access my site for personal reasons. she's really interested in seeing what yarn is about so if anyone is willing and able, let me know!
⤋ Read More
@prologic@twtxt.net i’ll email you!
Unless your Terms of use update email looks and reads the same as the one I got yesterday from mastodon.social, I don’t wanna know about it, nor do I agree to it.
@movq@www.uninformativ.de > That guy over there in the corner…
I’m literally sitting in a corner chuckles. I rarely get any emails nowadays. But if I do and it is not plain-text, then my Mutt gets to bark at it and I, just… won’t read it. 🤷🏽♂️
@movq@www.uninformativ.de make that 4 people! i use plain text when i can because this page convinced me lmfao
@lyse@lyse.isobeef.org … because you, me, and that guy over there in the corner are the only three people left using plain-text email. 🫤 (And probably Stallman.)
**Abuse-ception: How I Turned the Abuse Report Feature Into a Mass Email Spammer **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/abuse-ception-how-i-turned-the- … ⌘ Read more
$7,500 Bug: Exposing Any HackerOne User’s Email via Private Program Invite
How One GraphQL Query Turned Private Invites into Public Data Leaks
[Continue reading on InfoSec Write-ups »](https://infosecwrite … ⌘ Read more
How a Welcome Email Can Be Used for Malicious Redirection
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-a-welcome-email-can-be-used-for-malicious-redirection-fd833ec71550? … ⌘ Read more
**Header Injection to Hero: How I Hijacked Emails and Made the Server Sing **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/header-injection-to-hero-how-i-hijacked-emails-an … ⌘ Read more
**Silent but Deadly: How Blind XSS in Email Notifications Gave Me Root Alerts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/silent-but-deadly-how-blind-xss-in-email … ⌘ Read more
Where is “Hide My Email” on iPhone & iPad?
The “Hide My Email” feature on iPhone is incredibly useful, allowing you to create random unique email addresses that forward to your real email address inbox. This feature can help protect your privacy by allowing you to sign up for apps or services without sharing your real email address, while enhancing security from phishing attempts, … Read More ⌘ Read more
Where is “Hide My Email” on iPhone & iPad?
The “Hide My Email” feature on iPhone is incredibly useful, allowing you to create random unique email addresses that forward to your real email address inbox. This feature can help protect your privacy by allowing you to sign up for apps or services without sharing your real email address, while enhancing security from phishing attempts, … Read More ⌘ Read more
E-COM: the $40 million USPS project to send email on paper
How do you get email to the folks without computers? What if the Post Office printed out email, stamped it, dropped it in folks’ mailboxes along with the rest of their mail, and saved the USPS once and for all? And so in 1982 E-COM was born—and, inadvertently, helped coin the term “e-mail.” ↫ Justin Duke The implementation of E-COM was awesome. You’d enter the messages on your computer, send it to the post office usi … ⌘ Read more
VPS troubles and the weekend
This weekend I went to the cottage with P on Friday. I hoped I would
have a nice weekend reading in front of the wood stove, but I had also
planned to spend at least a few hours trying to configure Maddy as the
new mail server for hack.org et al.
Then the web server I moved to the new VPS died. Again. I connected to
the VNC console and, like before, the Linux kernel couldn’t find its
root disk. A simple:
# mount /dev/vda2 /sysroot; exit
in the emergency shell solved thi … ⌘ Read more
↳
In-reply-to
»
My main domain name turned 24 years old today. That feels weird.
⤋ Read More
@prologic@twtxt.net I will pull the email. The year is about right.
↳
In-reply-to
»
My main domain name turned 24 years old today. That feels weird.
⤋ Read More
According to a very old email one of my more personal family domains was registered in 2013 making it 12 years old, so I was closed 🤣 my public facing one is much much older 🤣
$100 Bounty: How a Spoofed Email Could Change Any Username on HackerOne
A simple email spoofing trick could let anyone hijack your HackerOne username and profile link
[Continue reading on InfoSec Write-ups »] … ⌘ Read more
@ About the URL, since it no longer used for hashing there might be no need to change it. I agree that we keep all the parts that already are out there for the most parts. Instead of a contact field you could also just use links like: link = Email mailto:user@example.dk or link = Signal https://signal.me/sthF4raI5Lg_ybpJwB1sOptDla4oU7p[...]
@andros@twtxt.andros.dev Thanks for consolidating a lot of good ideas. Especially how you have deiced to just extend the mention syntax for location-based treads. This might even be backward compatible with older (pre-yarn) clients.
What about using Z for UTC +00:00- is that allowed in your specs?
Regarding url = I would suggest to only allow one and the maybe add url_old = or url_alt = !?
I’m still not a fan of a DM feature, even thou it helps that i have now been split out into a separate feed file. Instead if would suggest a contact = field for where people can put an email or other id/link for an established chat protocol like signal or matrix.
The Ultimate Guide to Email Input Field Vulnerability Testing
Real-world methods and payloads for testing email field security
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-ultimate-guide-to-email- … ⌘ Read more
$3750 Bounty: Account Creation with Invalid Email Addresses
How a Simple Email Validation Flaw Earned a $3,750 Bounty
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/3750-bounty-account-creation-with-invalid-em … ⌘ Read more
↳
In-reply-to
»
Finally I propose that we increase the Twt Hash length from
⤋ Read More
7 to 12 and use the first 12 characters of the base32 encoded blake2b hash. This will solve two problems, the fact that all hashes today either end in q or a (oops) 😅 And increasing the Twt Hash size will ensure that we never run into the chance of collision for ions to come. Chances of a 50% collision with 64 bits / 12 characters is roughly ~12.44B Twts. That ought to be enough! -- I also propose that we modify all our clients and make this change from the 1st July 2025, which will be Yarn.social's 5th birthday and 5 years since I started this whole project and endeavour! 😱 #Twtxt #Update
I also fundamentally do not believe in the notion that Twtxt should be readable and writable by humans. We’ve thrown this “argument” around in support of some of the proposals, and I just don’t buy it (sorry). As an analogy, nobody writes Email by hand and transmits them to mail servers vai SMTP by hand. We use tools to do this. Twtxt/Yarn should be the same IMO.
**WooCommerce Users Beware: Fake Patch Phishing Campaign Unleashes Site Backdoors **
Imagine this: you’re running your WooCommerce store, sipping coffee ☕, and an urgent email lands in your inbox. It scr … ⌘ Read more
Just like we don’t write emails by hand anymore (See: #a3adoka), we don’t manually write Twts or update our twtxt.txt feeds. Instead, we use modern Twtxt clients that conform to the specifications at Twtxt.dev for a seamless, automated experience. #Twtxt #Twt #UserExperience
Nobody writes emails by hand using RFC 5322 anymore, nor do we manually send them through telnet and SMTP commands. The days of crafting emails in raw format and dialing into servers are long gone. Modern email clients and services handle it all seamlessly in the background, making email easier than ever to send and receive—without needing to understand the protocols or formats behind it! #Email #SMTP #RFC #Automation
Hidden Tricks to Spot Phishing Emails Before They Trick You!
Phishing emails are like traps set by cybercriminals to trick you into sharing personal details, clicking dangerous links, or downloading…
[Continue reading on InfoSec Write-ups … ⌘ Read more
Email Verification Bypass during Account Creation | Insecure Design ⌘ Read more
Synology confirms that higher-end NAS products will require its branded drives
“Synology-branded drives will be needed for use in the newly announced Plus series, with plans to update the Product Compatibility List as additional drives can be thoroughly vetted in Synology systems,” a Synology representative told Ars by email. “Extensive internal testing has shown that drives that follow a rigorous validation process when paired with Synology systems are … ⌘ Read more
↳
In-reply-to
»
guys i may be stupid. i confused IRC bouncer with IRC server
⤋ Read More
@kat@yarn.girlonthemoon.xyz is there anything i can even run or is this like email where you should just use libera and shut up
Google Gemini Advanced & 2TB Storage Free for Students
Google is offering their Gemini Advanced AI model for free to students, along with 2TB of free storage. This is a limited time offer where students must sign up by June 30, 2025. Students will need a valid .edu email address to be able to signup for the deal. Google says you can use Gemini … Read More ⌘ Read more
4Chan Hack Reveals University Professor Moderators, 10 Million Bans, 10 Year Old Software
Hack of 4Chan was carried out by users of a competing image message board which published 4Chan source code, staff emails, & more. ⌘ Read more
@andros@twtxt.andros.dev how often do you send a private message on the Fediverse? How often do you send PGP/SMIME encrypted emails? Are there other tools that are more suitable for the task? If implementing direct/private messages on twtxt scratches an itch (you know, that hobbyist itch we all get from time to time), then don’t give up so easily. Worse comes to worse, and your feed becomes too noisy, people can simply unfollow/mute.
I really don’t care about direct messages here, but I might be on that bottom 1%!
Gmail Showing 1 Unread Message? Here’s How to Find It
If you’re the type of person who likes to maintain Inbox Zero, or who recently went and tidied up their Gmail inbox to get every email marked as read, you may come across a frustrating situation where Gmail shows 1 unread message, and you simply can’t locate that unread email message in Gmail. If you … Read More ⌘ Read more
How to Spot a Phishing Email in 5 Seconds (Real Examples)
And What to Do When Your Smart Home and a Stalker’s AirTag Team Up Against You
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-spot-a-phishing-email-in-5-second … ⌘ Read more
guys omg the people behind pico.sh are so nice ;_; one of the people running it emailed me to let me know i had what was likely a malfunctioning (or well, not working as intended) script that was spawning the same SSH tunnel over and over and they wanted to give me a heads up.
and i felt SO BAD because i worried i was straining their service or something so i disabled my 4 tunnels (they were serving little SSH games and services) and got back to them.
but i just woke up to THE NICEST EMAIL EVER reassuring me that i was actually using it as intended, it was just my script that was having problems, and they even said that if it was intended to work that way it was fine and they just wanted to let me know!
so i restarted the tunnels but have since added lockfiles as safeguards so that when the script is run it’ll check if it’s already running :D
Leaked Email from Red Hat CEO: DEI, Supplier Diversity Requirements Removed
In an email to Red Hat (IBM) employees, leaked to The Lunduke Journal, CEO Matt Hicks outlines where DEl is to be removed within the company. ⌘ Read more
How to Turn Off Mail Categories on iPad
The Mail app for iPad has been updated to include the Mail Categories feature with iPadOS 18.4. The Mail Categories feature is intended to automatically sort your email inbox within the Mail app into particular email categories, including “Primary”, “Transactions”, “Updates”, and “Promotions”, along with a mostly hidden “All Mail” option. While the intention may … Read More ⌘ Read more
MacOS Sequoia 15.4 Update Released with Mail Categorization, New Emoji
MacOS Sequoia 15.4 has been released for Mac users running the Sequoia operating system. The software update includes some new features and refinements, as well as resolutions to various bugs and security patches. For new features, MacOS Sequoia 15.4 gains the Mail Categorization feature that automatically sorts your email inbox for you that has been … [Read More](https://osxdaily.com/2025/03/31/macos-sequoia-15-4-update-downloa … ⌘ Read more