Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)I

irq0

@ irq0 @infosec.pub

Posts
1
Comments
18
Joined
3 yr. ago

$argon2id$v=19$m=512,t=256,p=1$wCQYS+4N8q5iKLigIZ22gQ$V/fqDkL++GTiMe0Acyk1RbjNr7loyJlppLecbNk93ec

  • Retro StarCraft prizes

    Jump

  • 25btc is currently worth $1,717,852

  • Fuming Bondi Loses It at Prosecutors Quitting Over ICE Killing Probe

    Jump

  • Finally implemented encryption in Jotty <3

    Jump

  • I appreciate you taking the time to implement this and answering some questions! I have a follow up question- What's the benefit of using asymmetric encryption here? You're not signing the message ( you probably should imo ) and you don't appear to support sharing encrypted notes ( i.e a user provides one or more additional public keys that a note is encrypted for ). You're basically doing symmetric encryption with the pain of key management

    It'd be simpler ( from a user and code perspective )to use symmetric encryption ( something like aes-256-gcm or ChaCha20-Poly1305 for example ) and use key wrapping to avoid encrypting user data directly and you'd have stronger crypto as a result

    You're right that PGP is a valid encryption method but it's not very popular in the modern day because it's very hard to get right. Latacora has a great post on the PGP Problemand the Soatok blogs that u/litchralee linked are well worth a read too

  • Why do so many put their resources in AWS us-east-1 when that's the only one (that I'm aware of) that has ever gone down?

    Jump

  • I believe us-east-1 is the default region so it's probably a case of devs not changing their region unless they need to.

    Also, 1000s of companies use AWS. In issue in any of their regions is likely to have significant impact on internet services

  • These are your only alternatives.

    Jump

  • A shoe horn is still a better spoon than option 3

  • These are your only alternatives.

    Jump

  • She's welcome to chose spoon 1

  • These are your only alternatives.

    Jump

  • 1 - I don't want my spoons to be ribbed for her pleasure

    2 - This spoon is simply incorrect

    3 - This is the most disgusting thing I've ever seen

    I'll choose option 4, its the least offensive option, but I'm not happy about it

  • Removed

    Rethinking networking stack - recommendations?

    Jump

  • I used to run PFSense ( pretty much the same as Opensense ) and really liked it but moved over to Ubiquity in the last year or so. Here's my 2 cents...

    Go with Ubiquity if you want a single unified interface for managing all your devices. You'll have "soft vendor lock in", their kit will work just fine with a mix of hardware but it's best if everything is Ubiquity

    Go with Opensense if you want complete flexibility in the kit you're using. I feel likeI had more fine grained control with PFSense than I do with Ubiquity but I think that's a symptom of how the UI/UX rather than the features

    You can do the same stuff with both options. I'm very happy with my Ubiquity set up, I don't see myself changing anything anytime soon

  • enterprise wifi auth and 47-day TLS certs

    Jump

  • The CAB Forum only govern public CAs and certificates and the use of certs on the public internet. Your private PKI will be unaffected by the new changes. On top of that the change will be introduced gradually, the first reduction is in March 2026 and will limit certs issued after March 2026 to 200 days so even if you saw some impact for some reason you'd still have a couple of months to put a fix in place

    Freshman need to accept the cert once (hopefully after checking the fingerprint)

    Nobody is checking the fingerprint, nobody

  • Deleted

    Permanently Deleted

    Jump

  • I hate it , thanks!

  • Deleted

    Permanently Deleted

    Jump

  • Mr President there's been a second signal chat

  • What if...

    Jump

  • Take it as a ranty blog interspaced with some furry art.

    You can just ignore the furry art if it's not your style because helpfully all of the important content is in the text.

    Soatok links to the same Latacora blog on the first line and says that they're only really going to reword what's said there.

    I’m not here to litigate the demerits of PGP. The Latacora article I linked above makes the same arguments I would make today, and is a more entertaining read.

    PGP/GPG maintainers have had many years to fix the problems that have been identified but they haven't. Is it safe when used "properly"? Yes! It's absolutely safe when used properly but the problem is it's hard to use full stop.

    I'm not saying modern solutions are perfect, because they're not but the alternates that Latacora ( and Soatok ) suggest are better. Do you want to encrypt a file? Use age. Use minisign/signify for signing. They do do one thing and do it well. Signal is easy to use and sorts all of the key management for you. Most people don't know what a private key is. They just know they want encrypted messaging because of the NSA or Snowden or whatever his name was on the news, they can't remember and they don't really care.

    PGP has legitimate use cases but the vast majority of people don't have those cases and should just use Signal. Signal and the Signal protocol is the centralised tool you're looking for.

  • When the marketing department at Rheinmetal know their audience can’t contain themselves

    Jump

  • The condom seems a bit ambitious for your average Gamescon attendee

  • Privacy concerns with DHCP (DHCP fingerprinting)

    Jump

  • I feel like I'm missing something here...

    Who's going to be fingerprinting DHCP messages on your home network?

    Outside of that, fingerprinting or tracking any DHCP info would be the least of my concerns. You have 0 control over any data the moment your devices connect to a public network. What use is DHCP info when you can person-in-the middle all the traffic anyway?

    And anyway, what info are you concerned about? Having had a VERY quick browse of RFC2131 the worst thing would be "leaking" the device MAC address which can be discovered via several other means anyway

  • me whenever hbomberguy uploads a new video

    Jump

  • I didn't wake up planning to watch a 4hr video in the failure of the Star Wars hotel but I'm weirdly glad I did

  • Putin ‘wins’ rigged Russian election with 88% of the vote, early results show

    Jump

  • That's quite a reach there friend

  • 16-year-old killers of transgender teenager in England sentenced for 'sadistic' murder

    Jump

  • The 20 years is the minimum time they'll do in prison.

    After the 20 years they'll be eligible for parole. If, and only if, the board decides that it's safe for them to be released will they do so.

    If they are released they will be in license. This means they are subject to prison recall without trial should they pose any risk to the public. The license may also impose additional restrictions such as regular therapy appointments, restrictions on leaving the country etc. These conditions will be imposed for life. Breaking any of these restrictions would also result in a recall to prison.

    If the parole board decides that it's not safe to release them, then they'll remain in prison. They may very well remain in prison for their entire life.

  • 196 @lemmy.blahaj.zone
    irq0 @infosec.pub

    Fr(ule)ed