sloppy_diffuser @ sloppy_diffuser @sh.itjust.works

Posts

0

Comments

263

Joined

2 yr. ago

Have not been there to see the discussion, but I have been seeing the shift the last couple years in tech on termonology.

Branch Names: master -> main

Distributed Systems: master/slave -> primary/secondary

Security: Blacklist/Whitelist -> Blocklist/Allowlist

No accountability via cameras then no immunity...

6 is old news. 6e is where its at with 2.4, 5, and 6ghz support.

Aye, the right to free speech does not mean the right to an audience.

"Trail Mix" if they have that in your area. Usually a mix of dried foods (fruit, nuts, seeds). Some are healthier than others with the less healthy ones adding candy.

Canned/jarred foods that do not require a tool to open.

Set myservice.example.com to an internal address like 10.10.100.x. Those addresses are not routable on the public internet. They can only be reached from a local network which the VPN tunnels you into.

If your VPN also supplies DNS to clients, can also add a private zone if its supported so nobody can resolve that internal address except those clients.

I'm big into privacy and its not so much about an entity knowing stuff about me personally, but rather the entity knows stuff about everyone and weaponizes it against me.

Political efforts to get citizens to vote against their own self interests or suppressing votes of those who don't fall in line.

Fueling hate machines to distract citizens with infighting so they don't focus on those hoarding wealth and power.

Controlling access to content that those in power see as "harmful" (to them).

While I haven't seen data to back this up, another Lemmy user called out that Intel chips may have support for running secure code the user cannot modify. The results are signed by an encryption key on the motherboard/CPU that cannot be extracted to fake the signature.

So let's say Chrome asks this hardware module to hash the executable code and some state for itself currently in RAM and sign it with Intel's private key on the motherboard/CPU. The "some state" portion ensures the hash is always unique. Maybe it is just a timestamp. Regardless, this helps the attestation server know Chrome has not been modified because the hash is unique and cannot simply be captured in flight once and then replayed/faked over and over like a user-agent string.

Random Word Generator

The same host could fake the payload to the attestation server. Cat and mouse game with security through obscurity.

$23.4T / ($350k / day) = 66857142.85 days

That's about 183,170 years, not a month.

I'm assuming you were suggesting it was $350k / day? Maybe you were meaning exponential and I misread?

edit: ah, $50k doubling. Missed that in the article.

Same. No better alternative with a balance of features and privacy/security. So pretty much locked into Pixels. Progression for me was nexus (stock) to 1+ (close to stock) to pixel (graphene).

More of a wish than a challenge but federated identities would be awesome. Home instance offline? No problem, just switch servers. No need to try and sync settings and subscriptions between accounts.

Blockchains already do this with public key cryptography. Your "login and password" would just be a Mnemonic Phrase. The fediverse just distributes the public information to use that phrase.

I wish they had multi-"reddit" support so I can aggregate common communities between instances. I suppose clients could do this but I haven't seen the option yet.

Yeah this happened to some guy in Australia hosting a tor exit node if I recall? I saw it on Lemmy, but didn't save the link. Since he wasn't behind a corporation, I think he got held personally liable. Best bet in hosting an instance is probably to form a corporation for some legal protections.

Buy an older house. Attempt to maintain said house to keep a roof over your head.

Its a play on the 7 layer OSI Model. Layer 8 would be the user, also known as an ID-10T (idiot) or PEBKAC (problem exists between keyboard and chair).

I don't browse Reddit at all anymore. Overwrote all my comments then deleted my accounts. I only go if a search lands me there for something specific as a guest in a private tab.

So Google, Amazon, Apple, and many other large companies in the IoT space are using a blockchain as a federated data store: https://github.com/zigbee-alliance/distributed-compliance-ledger

It stores the data needed for Matter [ https://en.m.wikipedia.org/wiki/Matter_(standard) ] device attestation.

I think its an interesting use case on how entities that don't particularly trust each other can operate a federated system. Accounts are linked to an identity out-of-band in order to have write permissions to the chain. When an account writes, all the readers of the chain have reasonable assurances of the author of that write. No company can inject false state as another company without that company's guarded private key. All transactions are also auditable as an additional assurance the data isn't undergoing a malicious act.

tl;dr; interesting use cases for tamper proof federated ledgers.

• Alice gives Bob a Secret Note.
• Alice and Bob agree on a way for Bob to scramble the Secret Note so that Alice can unscramble it.
• Bob scrambles the Secret Note.
• Bob gives Carol the Scrambled Secret Note.
• Carol gives Alice the Scrambled Secret Note.
• Alice descrambles the Scrambled Secret Note.
• Alice tells Carol the Secret Note came from Bob.

Now, Carol trusts Alice and Alice trusts Bob. By passing this note around, Carol can trust Bob since Alice trusts Bob and she trusts Alice.

Passing the note around tells Carol (Web Server) that Bob (Web Browser) has trust from Alice (Attestation Server) and is not some imposter just claiming to be Bob.