HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ikmckenz

no profile record

comments

ikmckenz
·hace 3 meses·discuss
This is different than push data, which already does not contain any content or metadata in Signal. This is about local OS caches, whereas for push notifications Signal only sends a push saying “message received” which wakes the device up and triggers the device to pull the message from the server over the regular e2e encrypted path.
ikmckenz
·hace 4 meses·discuss
I really want a small SBC with USB-C DP Alt mode that I can stuff into a ~60%ish mechanical keyboard-sized case to make into a headless laptop thing so I can justify buying some display glasses like the XReal One or similar. Seems like it would be the ultimate travel computing solution.
ikmckenz
·hace 4 meses·discuss
Parent comment was talking about relay nodes, not exit nodes. The risk of running a relay node is essentially zero in a free country.
ikmckenz
·hace 4 meses·discuss
I think the hosts that Tor recommends against because there are already so many nodes hosted on them like OVH and Hetzner are perfectly happy with their (quite good) reputations.
ikmckenz
·hace 5 meses·discuss
That’s almost what we already have with the CVE system, just without the legal protections. You report the vulnerability to the NSA, let them have their fun with it, then a fix is coordinated to be released much further down the line. Personally I don’t think it’s the best idea in the world, and entrenching it further seems like a net negative.
ikmckenz
·hace 5 meses·discuss
Your opinion is that Apple should have just handed over Jamal Khashoggi‘s information to the Saudi Arabian agents who were trying to kill him, because then Saudi Arabia wouldn’t have been incentivized to hack his phone? I think you’ll find most people’s priorities differ from yours.
ikmckenz
·hace 5 meses·discuss
OpenSSH has been moving quite quickly in the direction of multiple, privilege separated processes, each also heavily sandboxed with pledge and unveil
ikmckenz
·hace 6 meses·discuss
As of 2025 OpenBSD has support for AMD SEV and SEV-ES, with support for SEV-SNP work-in-progress, so with the right hardware yes it's able to isolate itself sufficiently https://www.bsdcan.org/2025/timetable/timetable-Confidential...
ikmckenz
·hace 7 meses·discuss
> very deep interests in things i was completely unaware that they existed ... say goodbye to the cognitive ability of a large chunk of future generations

I would think very deep interests in niche or obscure topics is correlated with increased cognitive ability, not a decrease.
ikmckenz
·hace 8 meses·discuss
Is this comment AI written?
ikmckenz
·hace 9 meses·discuss
Why won't these sites simply block this browser?
ikmckenz
·hace 9 meses·discuss
What's the story behind adsbexchange selling out?
ikmckenz
·hace 10 meses·discuss
No, historically the vast majority of communication was not recorded, and so a warrant could not be used to access the communication. The fact of the modern world is that for the first time in history almost everything we do is recorded, and so subject to those warrants.
ikmckenz
·hace 2 años·discuss
Yeah, nah, all that is better than drinking water with lead in it from uranium glass.
ikmckenz
·hace 2 años·discuss
Seems the backdoor relied on Debian and others patching their copies of openssh to support systemd notifications, and this would obviously not be the case on OpenBSD.

To be sure the current ports version of xz is 5.4.5: https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/a...

Although the maintainer was working on updating to 5.6.1, but this news broke before the diff was landed: https://marc.info/?l=openbsd-ports&m=171174441521894&w=2
ikmckenz
·hace 2 años·discuss
> The above author seems to be primary contact for xz?

They made themselves the primary contact for xz for Google oss-fuzz about one year ago: https://github.com/google/oss-fuzz/commit/6403e93344476972e9...
ikmckenz
·hace 3 años·discuss
Pros: Secure-by-default, easy to understand your whole system, pledge and unveil are developer-friendly hardening mechanisms, all the answers to your questions are in the (very good) documentation

Cons: all the answers to your questions are in the documentation, and not in stack overflow.