- 0 Posts
- 20 Comments
SpaceX and Starlink next. I’m tired of funding his bullshit with my tax dollars.
Give a month will yah? I got puts at 170
2·2 days agoI’m lucky to have only had one system nuked by a faulty power supply that shut down during a kernel update.
I usually just reinstalled back then. But I didn’t get into it till the late nineties. Back when Ian was still on the list serves.
Unless you mean nuking the OS or borking the bootloader. Then yeah, countless.
2·2 days agoRight?! This is why I love the Fediverse and FOSS.
Have a good night/day
Hope you find new fun ideas as well!
I think that’s by design and the nature of the setup. Anyone with the URL can communicate.
If your other comms method is compromised this doesn’t have much use. Which is a different problem all together. I think this would work great as something like a deadrop so two completely faceless people can communicate. I like it a lot.
I don’t know yet. It’s more a thought experiment than anything else.
https://github.com/muke1908/chat-e2ee
Looks like the URL is part of the seed and salt which is cool.
Proving who you are is done in another stream. Like MFA.
You do a one time pad, generate the URL with that. Communicate what’s needed, then the URL dies.
I’m still noodling with it.
I still don’t see how
swap to a modified JS that exfiltrates the e2ee key
or
add additional keys
Wouldn’t significantly change the recieved hash and break the stream thus ending comms. Also unless you’re hosting and building it yourself you have to trust the recipient and the cloud host.
I agree if an attacker owns the server comms can be compromised. I thought that was the benefit of the ephemeral nature. It’s for quick relay of information. Best practices would probably include another cypher within the messages themselves like a one time pad or some such.
https://www.itstactical.com/intellicom/tradecraft/uncrackable-diy-pencil-and-paper-encryption/
Cool, now they can correct the “mistake” made regarding Army Maj. Gen. Charles C. Rogers …
It has. Strangely enough they posted a code of conduct after that feedback and started weilding the ban hammer. However I cannot speak to outside forums like XDA or Reddit or even comms here. I tend to stick to their forums or github
Fragility is by design as it’s ephemeral comms. Swapping the js decryption doesn’t make sense as wouldn’t the client just fail or refuse the message stream as the decrypt/encrypt changed? It’s an interesting problem. Thanks for giving me something to noodle on.
Can you expand more on the key management? I thought https://chat-e2ee-2.azurewebsites.net/ passes a PSK Through the header and sets that as a cookie in the browser to sign further comms. I could be mistaken of course.
Fedora based actually
42·2 days agoInstall using the debian net installer. Only add a GUI/Desktop Environment through command line and apt. Don’t use tasksel.
https://www.debian.org/CD/netinst/
Do this on a laptop that’s not mission critical. Barring that, use Tails on a USB drive
81·2 days agoMy sentiments exactly. Been an increasing problem over there since 2016 that I noticed but I’m sure there was this bullshittery there before and I just wasn’t in the subreddits where it festered.
1·2 days agoGlad to hear it. Hopefully you have a long tenure there and the company grows at a sustainable rate. You’re in like 1% of the market.
You deserve to be there or they wouldn’t have hired you. You work with smart people who know their shit. They wouldn’t have you there if you didn’t contribute.
However remember that as soon as it starts to get bad jump ship or form a union. You only matter until that tiny company gets bought up by another larger company…like Amazon.
https://en.m.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Amazon
With the impending financial crisis expect there to be a lot of “consolidation” in the market.
Great way to get rid of rotting inventory and recoup costs through insurance.
Defense contracting will become a jobs program essentially