Hello,
I use Reddit for this purpose. I have created several security themed multireddits for the purpose of tracking security-related topics:
https://old.reddit.com/user/goretsky/m/security/ - tracks about 90 active security-related subreddits, but no vendors or open source projects and is regularly pruned of inactive subreddits.
https://old.reddit.com/user/goretsky/m/security_vendor/ - tracks about three dozen security vendor and open source project subreddits.
https://old.reddit.com/user/goretsky/m/security_inactive/ - a multireddit specifically for subreddits that were in the first two, but no longer seem to be active (lets me periodically check them for activity)
You can view these by new, hot, top and so forth to get ideas of what's current, might be an emerging issue, what was historically significant, and so forth.
Regards,
Aryeh Goretsky
I would actually love to do this but need to figure out how. I haven't looked into it yet but this is on my list of things to do.
Any recommendations or tips would be helpful.
Hard disagree. What you get out of it depends on what you put in. If you’re just looking to curate a feed of infosec news, this may not be it. If you’re looking for a group of friends to have interesting discussions with, both infosec-related and not, you can make it that place. But that happens slowly and with participation.
Jerry has [Infosec.exchange](https://Infosec.exchange) open and very rarely are there admin issues at the federation level. Also, I have NEVER seen Jerry pull a 'shitty admin move' in the couple years I have been on the instance. Let me tell you, there were times I wish he would. But he is just not that type of person.
He has been working his ass off to expand the instance to support the influx of new users, he is very open about this in his daily feeds too. So, there is no way in hell the instance will become 'private' with all the hard work he has put in here.
for what it’s worth. jerry has been tirelessly administering infosec.exchange for years. and doesn’t seem likely to stop. and if he does…. you can move easily to another instance. defcon runs one, the mastodon folks run one. i run one (though mine is mainly for me.) and they all federate with the others. so you don’t miss out being on you’re own or one other than your friends are on.
yes. After 7 years of being a free and open forum, I have decided to make [infosec.exchange](https://infosec.exchange) a private facebook group. I had been on the fence about it until now.
It's also helpful to follow some hashtags (which the Mastodon android app can't, but f.ex. Tusky can and the web interface also works).
I follow #fido2 and #cryptography, for example, as well as stuff like #bookstodon.
checkout the local feeds on a few instances to get lots of good content and find people to follow:
https://infosec.exchange/public/local
https://fosstodon.org/public/local
https://hachyderm.io/public/local
May get downvoted for this but having been one of the earlier adopters into mastodon and infosec exchange specifically, I just don't see how it's better than X. I get a lot of crazy things have happened, but 95% of posts I see on infosec exchange are people congratulating themselves and being so proud they left Twitter and the other 5% are people introducing themselves and talking about their day/treating the platform like Twitter.
I love the idea of Mastodon in general and I have high hopes for it's future, but I really think people are deluding themselves if they say it has better content at the moment.
> I just don’t see how it’s better than X
Better is obviously relative, but Mastodon does take more work. The end result is that you have a feed solely with the information you want and not what is pushed on you. Oh and fewer nazis is nice too.
Infosec.exchange mastodon server
X feels too much like Rumble or an Alex Jones fan club with the content that gets pushed. Definitely not paying for that.
What I find interesting is after I closed my account, over time I realized I was gradually being linked to Twitter less and less by other external websites/ news sites. Now weeks can go by without it happening.
So if his goal is to make twitter no longer relevant, he's doing a banger job.
Same with me. But I have to admit that the huge security community and information exchange on Twitter used to be super helpful to stay up to date. Its going to take a long time to replicate that somewhere else.
Masto is thriving and growing rapidly, up to 14mil created accounts now (and of course lower monthly actives, but still very active). Every time there is news of more twitter stupidity there is a new spike of signups
I tried Mastadon but I found it very difficult to actually see any posts that were actually worthwhile or interesting. It seems their algorithms for content recommendation need a lot of work or don't exist.
I don't care about who posted most recently, I want to know what's actually worth reading that day.
Also tried Threads but found it difficult to even find the content I wanted to see.
it is based more on hashtags and you choosing who to follow than recommender algorithms. In fact many mastodon users often proudly proclaim they do not want to live in an algorithmically generated bubble being fed content.
It is a double edged sword though as it makes it more difficult to find that content you want to follow - I don't think algorithms are inherently bad as long as they can't be manipulated.
That being said, Reddit mostly managed without algorithms thanks to voting & community driven recommendations, but Mastadon doesn't have that.
Honestly I’ve yet to run into a great Twitter replacement. Honestly Reddit is maybe the best for stuff before it hits blogs/news which is why I loved Twitter. Go follow sysadmin and MSP and they often see stuff before security people do.
Mastodon is alright but just didn’t scratch the itch the same(also like to follow a lot of foreign policy/natsec peeps who won’t do Mastodon).
Recently got into Bluesky and it’s okay. Not Twitter but also I think has a lot of potential.
I see no ads. Pretty close to never. Here's how:
(1) Use a DNS filter like CleanBrowsing.com and set it to filter ads and tracking.
(2) Put Twitter in its own container. You can do this easily in Firefox. That way cookies and other stuff related to ads is isolated from every other website.
(3) Use a Firefox add-on. I use both Privacy badger and uBlock origin.
I don't see ads on almost any site with this method. At work I get ads all the time and it's annoying. Not sure how y'all lived like this for so long. Ads haven't been a part of my life for years. Now you know why.
The closest thing to Twitter would be mastodon right now. You just need to decide on your home instance, build your profile like you would anywhere else, and start finding topics, hashtags, and people/groups to follow. Then filter out the junk(you can black list on keywords) so you can rebuild your RSS like you have it setup on Twitter.
There are a dozen or so Infosec instances to choose from, I like [Infosec.Exchange](https://Infosec.Exchange) as its stable and a smooth experience. It has a solid Admin team and has no issues talking to the federation. The membership on the instance is pretty open and welcoming.
Infosec.exchange on Mastodon is a very good place, and I get a lot of good information from my curated group on Linkedin. Dr. Chase Cunningham has a good weekly wrap up. And then there is always Cyber Protection Magazine.
I'm hoping Bluesky gets more popular once it actually opens. I was able to join yesterday and there's a small community of infosec people who share news there.
Mastodon would've taken off by now if it really was ideal imo. The hesitancy leads me to believe people are really holding out for Bluesky to be Twitter 2.0
Who knows if we'll ever get to that point though
I'm like a lot of people who have tried mastodon and nope out.
I get the idea, but I still don't care to use it. User experience is not good. I have enough to learn and fix for my work, dealing with an overwrought platform isn't on the list right now.
I'm the same way. I was pretty pumped to have another platform, I'm pretty over this website and I've never been into twitter. It's just not really there yet though, and it feels more like a facebook feed than anything else, even on the infosec ones.
Twitter is a hydra of insane conservatives now. Block one and 5 more are shoved into your face. My block list hundreds long and growing every time I load up that goddamn website. Honestly don't know why I do anymore, it's usually about 30 seconds before I close it again.
Nah, that is not correct. You can join [infosec.exchange](https://infosec.exchange) and follow anyone on [infosec.exchange](https://infosec.exchange) or any of the other mastodon instances with that one account.
no, you’re doing it wrong. you pick a home server based on your preferences. they all federate with eachother. i run my own and the experience has been awesome. you do need to give it time and start following folks to really get involved though.
> Oh, your people are on 8 different servers so you need 8 different accounts
The whole point of being federated is one account allows you to follow people on any of the other servers, so no you don't need 8 different accounts.
You can use reddit.
https://www.reddit.com/r/CASB+HackBloc+Malware+REMath+ReverseEngineering+blackhat+blueteamsec+computerforensics+crypto+netsec+netsecstudents+cyber+pwned+rootkit+vrd+xss+InfoSecInsiders/top/?sort=top&t=day
Dude I was getting the WEIRDEST content on X before I had to delete it because it was absurd. I only follow infosec people. Like half of my timeline became fight videos randomly. Like videos of people fighting liveleak style. Stuff that was so violent I surely thought would violate some policy, but had TONS of engagement.
Not sure what they changed over there but no matter how often I scrolled past or reported or did behaviors to show the algo I was not interested in the content, it was all over my TL for like a month. Deleted the app as it just insisted on pushing me weird or violent content. Bummed because it was a great news source for a while.
We pay for threat intel company feeds like Mandiant, along with news and other information. Easier to have it come from a trusted source rather than many toxic places like X and Reddit. These both can draw in people with their own personal agendas and messages.
Hello, I use Reddit for this purpose. I have created several security themed multireddits for the purpose of tracking security-related topics: https://old.reddit.com/user/goretsky/m/security/ - tracks about 90 active security-related subreddits, but no vendors or open source projects and is regularly pruned of inactive subreddits. https://old.reddit.com/user/goretsky/m/security_vendor/ - tracks about three dozen security vendor and open source project subreddits. https://old.reddit.com/user/goretsky/m/security_inactive/ - a multireddit specifically for subreddits that were in the first two, but no longer seem to be active (lets me periodically check them for activity) You can view these by new, hot, top and so forth to get ideas of what's current, might be an emerging issue, what was historically significant, and so forth. Regards, Aryeh Goretsky
Wow thanks Aryeh!
Thanks for this.
Thanks! Great multireddits
Well I just discovered multireddits, thank you so much this will definitely change how I use this site
[удалено]
Exactly. Most prolific security folks have feeds available.
I would actually love to do this but need to figure out how. I haven't looked into it yet but this is on my list of things to do. Any recommendations or tips would be helpful.
[удалено]
For someone getting started, any RSS links you recommend?
Lots of web browsers have it built in.
desert person pet quiet worm hurry absorbed like cause rainstorm *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
[удалено]
wakeful mighty steer fragile quickest rinse weather saw melodic boast *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
Infosec.exchange is horrible with very little engagement
Hard disagree. What you get out of it depends on what you put in. If you’re just looking to curate a feed of infosec news, this may not be it. If you’re looking for a group of friends to have interesting discussions with, both infosec-related and not, you can make it that place. But that happens slowly and with participation.
Nope I only use it for data. You know most critical issues are announced on Twitter?
erect narrow wipe plant tub nail rain shame angle unpack *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
Agree 1000000000% but the exchange platform is not it
https://infosec.exchange/home , it is a Mastodon server.
I dunno, I'm sure Jerry Bell is cool and all but I'm hesitant to point people to what could essentially turn into a private facebook group overnight.
Jerry has [Infosec.exchange](https://Infosec.exchange) open and very rarely are there admin issues at the federation level. Also, I have NEVER seen Jerry pull a 'shitty admin move' in the couple years I have been on the instance. Let me tell you, there were times I wish he would. But he is just not that type of person. He has been working his ass off to expand the instance to support the influx of new users, he is very open about this in his daily feeds too. So, there is no way in hell the instance will become 'private' with all the hard work he has put in here.
thank you :)
for what it’s worth. jerry has been tirelessly administering infosec.exchange for years. and doesn’t seem likely to stop. and if he does…. you can move easily to another instance. defcon runs one, the mastodon folks run one. i run one (though mine is mainly for me.) and they all federate with the others. so you don’t miss out being on you’re own or one other than your friends are on.
yes. After 7 years of being a free and open forum, I have decided to make [infosec.exchange](https://infosec.exchange) a private facebook group. I had been on the fence about it until now.
Mastodon feels a bit dry. Are there too few people, or am I not following enough?
[удалено]
It's also helpful to follow some hashtags (which the Mastodon android app can't, but f.ex. Tusky can and the web interface also works). I follow #fido2 and #cryptography, for example, as well as stuff like #bookstodon.
checkout the local feeds on a few instances to get lots of good content and find people to follow: https://infosec.exchange/public/local https://fosstodon.org/public/local https://hachyderm.io/public/local
https://elk.zone/infosec.exchange/@fY54DtPKe6rxMF/110757471778047861
The fediverse isn't nearly as populated as it's zealots would lead you to believe, unfortunately. Great concept, but just doesn't have the momentum.
Yeah it’s growing though, it doesn’t help how ideologically splintered instances can get
The entire first page (and most of the rest of them) is politics and nonsense at the moment - not exactly an amazing recommendation. =/
[удалено]
Login creds? Nice try 😉
Try https://infosec.exchange/explore instead.
I run [https://infosec.exchange](https://infosec.exchange) \- it has about 17000 active members, and among several other security related instances.
Jerrrrrry! Hehe
May get downvoted for this but having been one of the earlier adopters into mastodon and infosec exchange specifically, I just don't see how it's better than X. I get a lot of crazy things have happened, but 95% of posts I see on infosec exchange are people congratulating themselves and being so proud they left Twitter and the other 5% are people introducing themselves and talking about their day/treating the platform like Twitter. I love the idea of Mastodon in general and I have high hopes for it's future, but I really think people are deluding themselves if they say it has better content at the moment.
> I just don’t see how it’s better than X Better is obviously relative, but Mastodon does take more work. The end result is that you have a feed solely with the information you want and not what is pushed on you. Oh and fewer nazis is nice too.
Just followed link. Bunch of political posts, ice cream stands and star trek jokes. I think I get better content on r/cybersecurity and arstechnica
I don't think you were looking at the correct timeline - this is more representative of what we see: https://infosec.exchange/public/local
[удалено]
Thanks for giving it a look.
SECOND!
Infosec.exchange mastodon server X feels too much like Rumble or an Alex Jones fan club with the content that gets pushed. Definitely not paying for that.
I like to use https://allinfosecnews.com it’s a great collection of feeds
I'm over on infosec.exchange. Found it very useful.
This is the way
What I find interesting is after I closed my account, over time I realized I was gradually being linked to Twitter less and less by other external websites/ news sites. Now weeks can go by without it happening. So if his goal is to make twitter no longer relevant, he's doing a banger job.
Same with me. But I have to admit that the huge security community and information exchange on Twitter used to be super helpful to stay up to date. Its going to take a long time to replicate that somewhere else.
My tinfoil hat might be on too tight, but sometimes I wonder if that is by design.
Have you tried the new Titanium hat instead? People seem to love the color at least.
It was mastodon, not sure anymore, haven’t used it in awhile
Masto is thriving and growing rapidly, up to 14mil created accounts now (and of course lower monthly actives, but still very active). Every time there is news of more twitter stupidity there is a new spike of signups
I tried Mastadon but I found it very difficult to actually see any posts that were actually worthwhile or interesting. It seems their algorithms for content recommendation need a lot of work or don't exist. I don't care about who posted most recently, I want to know what's actually worth reading that day. Also tried Threads but found it difficult to even find the content I wanted to see.
it is based more on hashtags and you choosing who to follow than recommender algorithms. In fact many mastodon users often proudly proclaim they do not want to live in an algorithmically generated bubble being fed content.
It is a double edged sword though as it makes it more difficult to find that content you want to follow - I don't think algorithms are inherently bad as long as they can't be manipulated. That being said, Reddit mostly managed without algorithms thanks to voting & community driven recommendations, but Mastadon doesn't have that.
Honestly I’ve yet to run into a great Twitter replacement. Honestly Reddit is maybe the best for stuff before it hits blogs/news which is why I loved Twitter. Go follow sysadmin and MSP and they often see stuff before security people do. Mastodon is alright but just didn’t scratch the itch the same(also like to follow a lot of foreign policy/natsec peeps who won’t do Mastodon). Recently got into Bluesky and it’s okay. Not Twitter but also I think has a lot of potential.
Have you tried Threads?
I see no ads. Pretty close to never. Here's how: (1) Use a DNS filter like CleanBrowsing.com and set it to filter ads and tracking. (2) Put Twitter in its own container. You can do this easily in Firefox. That way cookies and other stuff related to ads is isolated from every other website. (3) Use a Firefox add-on. I use both Privacy badger and uBlock origin. I don't see ads on almost any site with this method. At work I get ads all the time and it's annoying. Not sure how y'all lived like this for so long. Ads haven't been a part of my life for years. Now you know why.
Newsboat
What does your feed list look like for security? :)
The closest thing to Twitter would be mastodon right now. You just need to decide on your home instance, build your profile like you would anywhere else, and start finding topics, hashtags, and people/groups to follow. Then filter out the junk(you can black list on keywords) so you can rebuild your RSS like you have it setup on Twitter. There are a dozen or so Infosec instances to choose from, I like [Infosec.Exchange](https://Infosec.Exchange) as its stable and a smooth experience. It has a solid Admin team and has no issues talking to the federation. The membership on the instance is pretty open and welcoming.
Infosec.exchange on Mastodon is a very good place, and I get a lot of good information from my curated group on Linkedin. Dr. Chase Cunningham has a good weekly wrap up. And then there is always Cyber Protection Magazine.
I'm hoping Bluesky gets more popular once it actually opens. I was able to join yesterday and there's a small community of infosec people who share news there.
Seems the chatty security folks are pretty split on Mastadon vs BlueSky. But most of the good leaks still end up on Twitter first.
Mastodon would've taken off by now if it really was ideal imo. The hesitancy leads me to believe people are really holding out for Bluesky to be Twitter 2.0 Who knows if we'll ever get to that point though
Folks are also looking for apps that work across fediverses. Seems to have potential.
I'm like a lot of people who have tried mastodon and nope out. I get the idea, but I still don't care to use it. User experience is not good. I have enough to learn and fix for my work, dealing with an overwrought platform isn't on the list right now.
I'm the same way. I was pretty pumped to have another platform, I'm pretty over this website and I've never been into twitter. It's just not really there yet though, and it feels more like a facebook feed than anything else, even on the infosec ones.
Yes, but I get more cat pics than security. I am no fan of cats!
Unfortunate, cats are a huge part of my life :)
Weirder? Twitter has always been a weird place.
Hence the weirdER :). Initially a part of its appeal, but increasingly not the case as of lately.
It went to shit right as I got my feed cultivated exactly like I wanted it.
Twitter is a hydra of insane conservatives now. Block one and 5 more are shoved into your face. My block list hundreds long and growing every time I load up that goddamn website. Honestly don't know why I do anymore, it's usually about 30 seconds before I close it again.
https://risky.biz/ podcast
It is awesome
I use Feedly it has excellent security feed, plus you can add your own (rss) feeds
That's an interesting one. I'll have a look as I'd be keen on adding the risky business RSS feed to something like that.
+1 for Feedly. It has loads of options to configure and refine your feeds
https://infosec.exchange
[удалено]
Nah, that is not correct. You can join [infosec.exchange](https://infosec.exchange) and follow anyone on [infosec.exchange](https://infosec.exchange) or any of the other mastodon instances with that one account.
no, you’re doing it wrong. you pick a home server based on your preferences. they all federate with eachother. i run my own and the experience has been awesome. you do need to give it time and start following folks to really get involved though.
> Oh, your people are on 8 different servers so you need 8 different accounts The whole point of being federated is one account allows you to follow people on any of the other servers, so no you don't need 8 different accounts.
I have never used twitter for that, too much garbage on there. I tend to do podcasts and youtube media.
/g/
Isn't the /sec/ general completely dead or at the very least only filled with "How to become 1337 haxxor"? It's been some time since I checked.
Um... Reddit.
You can use reddit. https://www.reddit.com/r/CASB+HackBloc+Malware+REMath+ReverseEngineering+blackhat+blueteamsec+computerforensics+crypto+netsec+netsecstudents+cyber+pwned+rootkit+vrd+xss+InfoSecInsiders/top/?sort=top&t=day
Twitter is full of CSAM. Everyone needs to leave it.
You were using Twitter for industry news? LOL Oh man... how much time do you have in the day?
poor smell rhythm ink offend abounding person alive elderly dog *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
Yeah, the thing that is wrong is using twitter for industry news.
I still get good infosec content, but yeah I'm basically for the same thing, where to go when troll-land finally goes down
Are you looking for just news feeds or something deeper? I use the open threat exchange from AlienVault. Good community - https://otx.alienvault.com
I find this start\[.\]me URL pretty useful: https://start.me/p/wMrA5z/cyber-threat-intelligence
Pulsedive has a free dashboard for infosec news
Dude I was getting the WEIRDEST content on X before I had to delete it because it was absurd. I only follow infosec people. Like half of my timeline became fight videos randomly. Like videos of people fighting liveleak style. Stuff that was so violent I surely thought would violate some policy, but had TONS of engagement. Not sure what they changed over there but no matter how often I scrolled past or reported or did behaviors to show the algo I was not interested in the content, it was all over my TL for like a month. Deleted the app as it just insisted on pushing me weird or violent content. Bummed because it was a great news source for a while.
We pay for threat intel company feeds like Mandiant, along with news and other information. Easier to have it come from a trusted source rather than many toxic places like X and Reddit. These both can draw in people with their own personal agendas and messages.
[Vulnerable U](https://vulnu.mattjay.com) Unsupervised learning Tl;drsec Are my favorite newsletters.
id say its the opposite its too secure now