Follow-up on tool that extracts GPG secret keys of Nitrokey Start tokens:
– obviously, the Nitrokey Start wasn't protected
– owners should update their firmware to release RTM.7 or above
Original toot: https://mastodon.at/@infosechandbook/102016334111560440
Well researched New York Times article on how the food we eat impacts climate change and what are the better options.
Just saw an interesting post from a major cosmetics manufacturer:
"An audit of our social content and strategy demonstrated that on average, only 6% of our followers are serviced with our content in their newsfeed because we don’t pay to play. "
...they have millions of followers on Facebook etc, but almost no one sees their posts.
Their response is to try promoting their own websites instead of ad-based third parties'.
(Article name is a coincidence!)
Matrix.org publishes timeline after security breach:
– the attacker exploited vulnerabilities in Jenkins
– the attacker had full database access, including access to unencrypted content like private messages, passwords hashes, access tokens
– Matrix.org recommends changing your password (including NickServ password)
A reminder of how far we have come - a 1973 map of the ARPANet - https://kottke.org/19/03/a-map-of-the-internet-from-may-1973
Oh my goodness I've just learned a thing about The Matrix that causes it to make a lot more sense: In the original script the humans were used as neural network compute clusters by the Machines and as a crucial component of The Matrix itself.
Which is why humans who were aware of the simulation could control aspects of The Matrix - their minds were part of its foundation.
Unfortunately the test audiences had trouble understanding this concept so the studio changed the human role to "batteries".
Looks like 0-RTT in TLS1.3 comes with a quite high price: Vulnerability to replay attacks.
If you are one of the early adopter, check that your application is not affected as this is a fundamental problem on protocol level.
"What Application Developers Need To Know About TLS Early Data (0RTT)" by Paul Kehrer:
Chemist for profit. Sysadmin, photographer and cook for fun. Outdoors enthusiast. Always tinkering.
This is a private Mastodon instance. Federates with anyone but does not accept new users.