HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mazone

no profile record

comments

mazone
·2 माह पहले·discuss
In a corporate setting my experience is that it is rarely worth it to add any obscurity on top of security. Your biggest challenge is getting peoples time and resources, and you need to use that time to implement security controls. A secondary objective you have is to build security culture over time and teach people too see patterns where more security is needed, so it is important to select what to teach to get maximum impact.
mazone
·4 माह पहले·discuss
Many companies usually want to compare themselves to Apple and at the same time say they are disruptors and innovators but Apple is probably the best company at being okey with being left behind. Many think about them as experts in products but for me they always been best att copy what others are doing and refine it, maybe not neccassary better technical but always seen the market fit better then others. Like poker, the later you need to take your decision the more information you have.
mazone
·4 माह पहले·discuss
How about the trend that people just copy paste AI responses back to you in slack.
mazone
·6 माह पहले·discuss
I don't remember the last time i had a meeting that was productive. Last time i worked in the office, the hallway discussions where the productive ones and now working remote most of the time is just being able to work with good people that understand text and work by messages that works good. Even video meetings with good people tends to be waste of time.
mazone
·6 माह पहले·discuss
I wonder if Dell will ever understand why consumers don't care.
mazone
·7 माह पहले·discuss
You are correct. Would need something like distributed ledger to fully prove things.

It might not be possible to verify 100% but the more transparency the better i guess. Seeing the 3 way handshake and connection information, the timings, location of the server. Would need to be quite elaborate to fake. Just thought was a fun idea. Have the customer allowed in to production. A lot more difficult then publish privacy page, source code, fake audit reports.
mazone
·7 माह पहले·discuss
I wonder if it would be possible to allow people to ssh into the edge servers with enough access to verify no access logs are stored but not enough to cause any problems. Admit i have not thought it through but would be cool having people verify the live environment while running.
mazone
·8 माह पहले·discuss
I love kde and it is what i use but still having the bug from time to time that the panels dissapear and have to relaunch plasmashell, also i wish they merged the virtual desktops and activities into one concept and allowed different wallpapers on each.

The theme settings is also confusing because of gtk apps, global theme etc. Feels everything around theming could be made nicer.

Prob some more nitpicks but overall it is a really great desktop environment.
mazone
·8 माह पहले·discuss
Does the author feel the same way of running the models locally?
mazone
·9 माह पहले·discuss
Trying not to sound too cold, he seemed like a very nice guy and i did not know him. It was not surprising for me. I remember seeing interview with him when he took things very personal and could not let things go some year back. Thought at that time that he was at high risk of suicide. He seemed to have a self loathing personality / depression and obsessive behaviors.

Staying on the Internet and be dependent on it in some way financially working as a streamer with all the short form communication and negativity online. Together with cyber bullies etc. A lot of things creating a perfect storm for what seemed to be a sensitive and very nice guy. Easy to say that his family and real life friends should have seen it too and make him change path but in reality it is difficult. Especially since things that make it worse like sitting down and playing chess all day / night and not getting enough sleep, together with cyber bullies is also the things that you love, you earn money on and you have many of your friends there.
mazone
·10 माह पहले·discuss
The most dangerous about the touch screen in my car is a warning message that come up first when the entertainment system boots, warning about using the screen while driving that i need to accept.
mazone
·10 माह पहले·discuss
Recently got a iphone 16 pro to my mom. First thing i reacted on when opening the package was. Damm that is a thick phone. Compared to my S25 and older android phones i have the iphone 16 feel old and clunky, like from another era.
mazone
·पिछला वर्ष·discuss
It is not about MFA or not but to demonstrate the process is secure for the purpose.

It can be complicated but a example. TOTP that is very common used with passwords is regarded as MFA (tho most of the time software based on phone) but have many problems regardless

- many time replayable - can be intercepted - implementations look different - recovery code reuse problems etc.

On the other hand, using only passkeys dont have those problems but with passkeys, many times you cannot decide on what device a user have registrated the passkeys in a enterprise setting. example they could be apple passkeys, chrome passkeys, windows, hardware key(yubikey) etc and all of them behave different when it comes how they ex can be copied/ synced between users devices. So from where they can be used.

So for any authentication flow, you need to look at the full picture. What is the process when credentials are lost? How do user onboard etc.

Is a good entry point to say. We should use MFA or similar but the details matter.
mazone
·पिछला वर्ष·discuss
PCI DSS from 4.0 actually have something called customized approach for everything. If you can prove and the QSA agrees that you fullfill the goal of a requirement, you can be quite flexible. Example i am doing things like not using passwords at all and only passkeys, or only ssh keys protected by hardware security key etc. Together with agents trying to verify the devices connected are company owned and hardened in different ways. Your milage might vary depending on how good your auditor is but PCI DSS standard do have quite a bit of flexibility in it.
mazone
·पिछला वर्ष·discuss
I like the way IR remotes work for your aircon. Sending the full state every key press. Think it many times is a lot better then supporting PATCH.
mazone
·पिछला वर्ष·discuss
Working at Google (and similar companies) seems to be such a chore is what i got from this article.