*slaps roof of legacy environment*
"You can fit so many attackers in this bad boy."
Jfc, can you please STOP SHAMING WORKERS WHO SHARE THEIR SALARIES? Salary transparency is GOOD for us and BAD for those who control the means of production.
This is why we don't trust closed source crypto. Everything seems fine until one day you realize it's been a multi-decade "security theater" show... https://twitter.com/washingtonpost/status/1227310071782178816
Most major holders of data or other digital assets wildly under-invest in security.
Very few companies employ teams of engineers with published security research, CVEs, etc. Most are not hiring for them and lack even one.
You can use this as an indicator for survivors bias.
Normally this is covered with umbrellas, but this is also pretty cool :) https://ift.tt/387On1Z
Unpopular opinion: It is negligent to allow users to sign up with vulnerable 2FA methods like, OTP, TOTP, or SMS.
Service providers that don't force use of U2F/WebAuthn, even software emulated, should be partially liable for phishing attacks.
And QR code verification with RiotX!! 🎉 @RiotChat@twitter.com #fosdem
Exciting to see #E2EE for Matrix is enabled by default! (developer version only so far)
They seem to have really thought a lot about how this will avoid issues seen in other protocols.
Multi-device cross-signing, searching, better ux, bots, scaling, etc.
Frantic final preparations for #FOSDEM demos are under way... if you want to see the grand reveal for cross-signing, QR verification and enabling E2EE by default, head to K-building auditorium at 4pm on Sunday!
@IanColdwater@twitter.com @TinkerFairy_Net@twitter.com @firstname.lastname@example.org @MayaKaczorowski@twitter.com @TabbySable@twitter.com @email@example.com I think this is the kubecon workshop you're referencing, yeah?
I'm trying to organize a CTF using this in the SF Bay area.
if anyone's interested, ping me :)
@firstname.lastname@example.org Lastpass, bitwarden, 1password etc expose your entire password database to an adversary with read access to your memory. They fare worse against remote actors than pen and paper.
Password-store+yubikey or Mooltipass OTOH decrypt one secret at a time with physical approval.
More opensource projects need this kind of financial 'love'
I gave a talk at #36c3 about Linux on Open Source Hardware with Open Source chip design: https://media.ccc.de/v/36c3-10549-linux_on_open_source_hardware_with_open_source_chip_design
If you're in Berlin and want to live the #bitcoin dream, check out Room 77 and pay with Bitcoin or lightning
Hey Californians, the California Consumer Privacy Act took effect yesterday!
Know your rights and protect your privacy!
It is proven! I am drgrove on Keybase: https://keybase.io/drgrove/sigchain#bf1c7f818e3dad7d6feb3fa7b5b6ae4f5fb58eba4e24fdbb2e9945802c93e14b0f
I'm a software developer, grinder, cryptography and cryptocurrency enthusiast. I enjoy making things and learning. I enjoy great food, good beer and whisky. Hard Rock, Ska and EDM fan. Seeing the world one flight and one trail at a time. #introductions
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!