Tweet from Hector Martin (@marcan42), at Jan 3, 19:53
Anyway, if you rely on BitLocker in TPM mode (boot without PIN), you should know that anyone can steal your computer, sniff 32 bytes off of the LPC bus, stick them into libbde, and decrypt your disk. Yes, it's that easy. Solder 7 wires to $favorite_fpga_board, decrypt drive.
Finally managed to install #qubes to the desktop (Ryzen / Radeon RX550) as well. Using inst.vnc option. It appears that the kernel 4.13 used in installation iso doesn't support the rx550 video card properly.
Tweet from DanielMicay (@DanielMicay), at Dec 22, 02:53
I've published sample releases of AOSP 9 with the next generation hardened malloc implementation and some other changes at https://t.co/5oNUPIDhDN. It's at the domain I registered for the Updater app for the time being since I don't have a name for the OS hardening project yet.
The new toy has finally arrived. This is a OnlyKey, a pin protected GPG, SSH, TOTP, U2F and password manager hardware dongle with some other interesting features. Also compatible with yubikey OTP.
How is it different than any other tokens? The firmware is #opensource
Interestingly telegram nginx version banner is 1.12.2 everywhere which is an outdated and vulnerable version. Probably to misguide attackers. But the common practice is to hide the version completely.
Hack the Gibson
Ships infected with ransomware, USB malware, worms | ZDNet
ops, dev. Interested in (in)security
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!
We adhere to an adapted version of the TootCat Code of Conduct and follow the Toot Café list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators.
Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!