HackerTrans
TopNewTrendsCommentsPastAskShowJobs

johnfonesca

no profile record

comments

johnfonesca
·il y a 11 mois·discuss
>But all projects need to have the same formatting and style.That too can be easily done with one nuget using msbuild.

That's like using a car for "traveling" 3 meters. Why not just use dotnet format + .editorconfig , they were created just for this purpose.
johnfonesca
·l’année dernière·discuss
> HDCP is already cracked

It's being 15 years already
johnfonesca
·il y a 2 ans·discuss
>Agreed, they should not be using Windows in the first place

Crowdstrike borked RHEL 1 month ago https://access.redhat.com/solutions/7068083 Literally the same situation, unbootable machines.

The reality is that shitty software broke everything. Why do we have to drag the OS into this?
johnfonesca
·il y a 2 ans·discuss
Twitter employees were asked to print some of their best code and bring it for review by Musk.
johnfonesca
·il y a 2 ans·discuss
>Like Cthulhu

Cthulhu is definitely less evil than Meta.
johnfonesca
·il y a 3 ans·discuss
How effective is TPM 2.0 compared to the original ? Are there any reports that demonstrate its effectiveness ?

If a specific version of TPM becomes required to use future versions of Windows, we will have swappable TPM chips ? Eg update your TPM chip just like you update your GPU :)
johnfonesca
·il y a 3 ans·discuss
And the JS file "weights" 4 Kb.
johnfonesca
·il y a 3 ans·discuss
The ETSI checker you have linked doesn't have anything to do with CA API interoperability and "switch document signer provider". That's just a basic tool which validates if a signature is PADES/ETSI compliant or not.

The real value in eIDAS would be "unlocked" if they would release a proper API specification with which a digital signatures application would integrate with any EIDAS CA to emit/sign certificates. And then enforce that any eIDAS compliant CA would implement this API.

In practice that means any company/digital signatures product could do a integration with this API once and then be able to use ANY certification authority they want/need/offer best prices for certificates.

Without this API, eIDAS is just a marketing moniker because the power belongs to the selected Certification Authorities. They set the prices, they choose WHOM can integrate with them to isse certificates and there is NO interoperability between them. This doesnt allow for a open market and makes the top players control everything while shouting "standards" and "eIDAS".....
johnfonesca
·il y a 3 ans·discuss
>it makes it easy to switch document signer provider etc since they all are forced to implement the same interface.

eIDAS was introduced in 2016. Now 7 years later there still isn't a API specification for interoperability (there are drawings though https://blog.eid.as/new-apis-for-the-eidas-ecosystem/ )

In the meantime, any digital signature done in EU must be done with a certificate issued only by the "select" CA to be considered "valid".
johnfonesca
·il y a 3 ans·discuss
eIDAS is a cartel created to protect the business interests of EU biggest certification authorities.
johnfonesca
·il y a 3 ans·discuss
>Which is another way of saying "expensive certificates".

True, basically eIDAS is a cartel. With the help of EU legislation, some Certification Authorities banded together and are now saying that certificates emited by anyone but them are not good. And obviously they fully controll the pricing for the "good" certificates.
johnfonesca
·il y a 3 ans·discuss
At bulksign.com we have this feature, it's called "Local Certificate" signature.
johnfonesca
·il y a 3 ans·discuss
>This ensures that the signer cannot revoke the documents already signed. If the receiving party tries to modify the document, the signature becomes invalid

This,fortunately, is a feature of the PDF digital signatures standard.
johnfonesca
·il y a 3 ans·discuss
Dimmu Borgir presents their new album "Undying Chainsaw"...
johnfonesca
·il y a 3 ans·discuss
We are developing a digital signatures solution, https://bulksign.com which also has a on-premise version (in addition to SAAS). In Europe, at least, we see an increase in interest for customers having the solution installed on their own servers for security reasons. So more people become aware that sending your confidential documents to a 3rd party is not that great security wise.
johnfonesca
·il y a 3 ans·discuss
Our product Bulksign https://bulksign.com does this, the name of the product is directly inspired by that feature (sending same documents for signature to hundreds of recipients).
johnfonesca
·il y a 3 ans·discuss
As a KDE user i agree with this point of view. KDE is the most customizabile DE ever created. You can tweak the crap out of it to make it look and behave EXACTLY the way you want it. And, from my experience, the performance of the current 5.x version (running on Wayland) is very good.