HackerTrans
TopNewTrendsCommentsPastAskShowJobs

byteshock

no profile record

Submissions

Scientist Claims Quantum RSA-2048 Encryption Cracking Breakthrough

tomshardware.com
11 points·by byteshock·قبل 3 سنوات·6 comments

comments

byteshock
·قبل 3 سنوات·discuss
For the query string, you don’t have to implement your own DSL. Elasticsearch supports it out of the box. You could POST a JSON object to “/_search” but you can also do a GET with the “q” query parameter. Documentation: https://www.elastic.co/guide/en/elasticsearch/reference/curr...

In the Golang library you can use the “Search.WithQuery” option. This means you don’t have to construct a JSON request body.

Here’s an example: https://github.com/taythebot/archer/blob/main/pkg/elasticsea...
byteshock
·قبل 3 سنوات·discuss
Very interesting product! How does this compare to something like Nebula? Have you done benchmarks against other solutions? If i remember correctly, Nebula implements its own protocol and underperforms compared to Wireguard. Is this the same case?

Looking forward to trying it out!
byteshock
·قبل 4 سنوات·discuss
Awesome, thank you for the reply. Will try out Portmaster again!
byteshock
·قبل 4 سنوات·discuss
I remember trying out Portmaster on Windows earlier this year. I think Portmaster was running a local DNS server to see what connections were being made. This interfered with my VPN, Mullvad, which was trying to use a remote DNS server.

Does Portmaster still require a local DNS server? I’ve been an avid user of Glasswire for years and it works flawlessly with my VPN. But i would love to switch to a open source alternative.
byteshock
·قبل 4 سنوات·discuss
I think it’s because SPN uses a different IP/node per connection you make. DNS leak detection tests will ask your browser to resolve unique subdomains. If the DNS server that requests the lookup is different from your connecting IP to the website, they will say you have a DNS leak.

https://security.stackexchange.com/questions/42752/how-does-...
byteshock
·قبل 4 سنوات·discuss
I’m confused on why secret management considered secure. Maybe I’m missing something.

Why is letting a third party managed your secrets is secure? So if that third party gets compromised, they now have access to all your secrets. Amazon or other company employees can also view your secrets.

If your server gets compromised, the secrets that are accessible via that server are also compromised. Isn’t that the same impact as just keeping the secrets on your server? Maybe worse if your permissions are broad. You’re merely adding an extra step to get the secret from your secret management.
byteshock
·قبل 4 سنوات·discuss
But if they have the decrypted secrets, do they really need the key?
byteshock
·قبل 4 سنوات·discuss
I’m not sure I understand the value of reporting this to Microsoft? Wouldn’t it be better to submit an online tip to law enforcement? Is Microsoft doing law enforcement activity now?
byteshock
·قبل 4 سنوات·discuss
The website says its secure and private, but your privacy policy contradicts it. Seems like you don’t collect usage data, but the ad providers do. Is it right to make such a privacy claim?

Privacy Policy: https://tab.gladly.io/privacy/

“Ad targeting, selection, and delivery: When you use our Services, third parties that provide advertising, to the Services, may collect or receive information about you including through the use of cookies. These third parties may use your information to provide you with advertising that is based on your interests and to measure and analyze ad performance, on our Services or other websites or platforms, and combine it with information collected across different websites, online services, and other devices. These third parties' use of your information will be based on their own privacy policies. You can opt out of interest-based targeted advertising for some advertising partners here.”
byteshock
·قبل 4 سنوات·discuss
Here are the financial reports https://tab.gladly.io/financials/
byteshock
·قبل 4 سنوات·discuss
If I need to encrypt a file for quick sharing, I’ll use gpg. Encrypt: gpg -c file.zip

Decrypt: gpg file.zip.gpg

However, for my personal files on my computer, I use a Veracrypt container with a strong password and custom pin.
byteshock
·قبل 4 سنوات·discuss
If someone wants to watch Russian propaganda or RT, they should be free to do so. Just like you are free to browse western media sites.

This choice should be up to the individual and their beliefs.
byteshock
·قبل 4 سنوات·discuss
Would using a library like Hyperscan improve Go's regex performance?

Reference: https://www.hyperscan.io/
byteshock
·قبل 4 سنوات·discuss
Doesn’t Cloudflare use Hcaptcha now? They dropped Google because of the cost.
byteshock
·قبل 5 سنوات·discuss
Can someone explain to me why they are mad? Is it because Mozilla is asking for donations on Twitter? Or it it because Mozilla is accepting crypto?

I don’t think a company accepting crypto as a form of donation is a bad thing tbh. Seems like they’re just trying to allow more people to donate.
byteshock
·قبل 5 سنوات·discuss
A solution could be to use Cloudflare Worker scripts. You would store valid file names in their kv storage and then check if the incoming request is valid before forwarding it. This way you wouldn’t need to spend more money on infrastructure. Another good solution is to use Cloudflare’s advanced rate limiting rules. You can block users who hit too many 404 requests within a certain time frame. But this requires a business or enterprise plan.

Spending more money on increasing infrastructure rather than reading through Cloudflare’s documentation and offerings seems kind of a waste…
byteshock
·قبل 5 سنوات·discuss
What about Roundcube with a calendar plugin?
byteshock
·قبل 5 سنوات·discuss
Anyone can get followers on social media. But to get on radio or tv, you need connections and money. Also not a lot of people listen to radio or watch tv anymore, especially the younger generation. So if you want to target them, you need to advertise on social media.
byteshock
·قبل 5 سنوات·discuss
Right but there is a difference between people posting on a social media app and the app targeting someone itself. Citizen is encouraging others to find this person. So they would be held liable.
byteshock
·قبل 5 سنوات·discuss
While it's not illegal to call someone a suspect, putting a bounty on someone's head might be. You're essentially endangering someone's life. If the person was harmed, they could easily win a massive lawsuit.