Guerrilla Mind War on Nostr: Cuando lo que quieres es control, no te importan los datos de loa individuos. Al ...

Cuando lo que quieres es control, no te importan los datos de loa individuos. Al final obtienes esto.

Cuando quieres poner puertas a internet, que es más grande que el universo mismo, lo único que demuestras es arrogancia.

Cuando todo es tan burdamente deficiente que resulta ofensivo.

¿Qué formas tienes de desobediencia civil?

quoting
nevent1q…qw5v

REMEMBER WHAT ANDREAS ANTONOPOULOS 🐜
ONCE SAID ABOUT GOVERNMENT DOING IT?

INCOMPETENCE ON STEROIDS! AND MILLIONS OF TAX REVENUE BURNED🔥!

OH, WAIT, THE #DIGITALEURO WALLET WILL BE SUPER CONVENIENT! 💩

👇🏻👇🏻

“Hacking the #EU #AgeVerification app in under 2 minutes.

During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.

1. It shouldn't be encrypted at all - that's a really poor design.
2. It's not cryptographically tied to the vault which contains the identity data.

So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app.

After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid.

Other issues:
1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying.
2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step.

Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.”
via https://x.com/paul_reviews/status/2044723123287666921

👇🏻👇🏻

“‼️🇪🇺 The EU's new Age Verification app was hacked with little to no effort.

When you set it up, the app asks you to create a PIN. But that PIN isn't actually tied to the identity data it's supposed to protect. An attacker can delete a couple of entries from a file on the phone, restart the app, pick a new PIN, and the app happily hands over the original user's verified identity credentials as if nothing happened.

It gets worse. The app's "too many attempts" lockout is just a counter in a text file. Reset it to 0 and keep guessing. The biometric check (face/fingerprint) is a simple on/off switch in the same file. Flip it to off and the app skips it entirely.”
via https://x.com/intcyberdigest/status/2044762941019295772

#bitcoin fixes this 🐇🧡
#EUafuera 🔥
#REJECTCBDC
#NoDgitalEuro
#nostr
#ageverification
#surveillance
#control

cc: Susie (nprofile…yznw) efenigson (nprofile…psly) walker (nprofile…4fqx) preston (nprofile…nsfz) jack (nprofile…y5ck)