And for the full Linux experience do it at the perfect moment, such as when you’re in a lecture or customer presentation!

Login pages ;D

You need to check out public key cryptography and digital signatures. Those are the basics of Fido.

When the private key is bound to a device it is not possible to fake or steal it through conventional methods. Passwords are the weakest link and an easy target for attackers - passkeys basically solve that.

User adoption depends on implementation, but everything is easier than remembering a secure password or using a password manager for most people. There needs to be an easy and secure way to distribute passkeys across devices, and any backup mechanisms may be a weak point. In any case: still better than passwords.

I had a colleague at work years ago who did his Master’s thesis on network scanning. He ran a PoC in the company’s network and had all the printers print hundreds of pages.

We learned that printers suck and that we should always know our payloads and targets 😁

Check out openvas.

https://github.com/greenbone/openvas-scanner

I use Nessus professionally, they are somewhat similar. I can’t decide which one has the worse user interface.

I’m a big fan of hashcat for this use case myself! I route it through WS, however. I like being on the bleeding edge.

Jia Tan is most definitely not a person, just the publicly facing account of a group of people.

What is the trail of crumbs? Just some random email accounts?

This was in a big part a social engineering attack, so you can’t really avoid contact.

Telegram is a security disaster.