HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ikmckenz

no profile record

comments

ikmckenz
·3 месяца назад·discuss
This is different than push data, which already does not contain any content or metadata in Signal. This is about local OS caches, whereas for push notifications Signal only sends a push saying “message received” which wakes the device up and triggers the device to pull the message from the server over the regular e2e encrypted path.
ikmckenz
·4 месяца назад·discuss
I really want a small SBC with USB-C DP Alt mode that I can stuff into a ~60%ish mechanical keyboard-sized case to make into a headless laptop thing so I can justify buying some display glasses like the XReal One or similar. Seems like it would be the ultimate travel computing solution.
ikmckenz
·4 месяца назад·discuss
Parent comment was talking about relay nodes, not exit nodes. The risk of running a relay node is essentially zero in a free country.
ikmckenz
·4 месяца назад·discuss
I think the hosts that Tor recommends against because there are already so many nodes hosted on them like OVH and Hetzner are perfectly happy with their (quite good) reputations.
ikmckenz
·5 месяцев назад·discuss
That’s almost what we already have with the CVE system, just without the legal protections. You report the vulnerability to the NSA, let them have their fun with it, then a fix is coordinated to be released much further down the line. Personally I don’t think it’s the best idea in the world, and entrenching it further seems like a net negative.
ikmckenz
·5 месяцев назад·discuss
Your opinion is that Apple should have just handed over Jamal Khashoggi‘s information to the Saudi Arabian agents who were trying to kill him, because then Saudi Arabia wouldn’t have been incentivized to hack his phone? I think you’ll find most people’s priorities differ from yours.
ikmckenz
·5 месяцев назад·discuss
OpenSSH has been moving quite quickly in the direction of multiple, privilege separated processes, each also heavily sandboxed with pledge and unveil
ikmckenz
·6 месяцев назад·discuss
As of 2025 OpenBSD has support for AMD SEV and SEV-ES, with support for SEV-SNP work-in-progress, so with the right hardware yes it's able to isolate itself sufficiently https://www.bsdcan.org/2025/timetable/timetable-Confidential...
ikmckenz
·7 месяцев назад·discuss
> very deep interests in things i was completely unaware that they existed ... say goodbye to the cognitive ability of a large chunk of future generations

I would think very deep interests in niche or obscure topics is correlated with increased cognitive ability, not a decrease.
ikmckenz
·8 месяцев назад·discuss
Is this comment AI written?
ikmckenz
·9 месяцев назад·discuss
Why won't these sites simply block this browser?
ikmckenz
·9 месяцев назад·discuss
What's the story behind adsbexchange selling out?
ikmckenz
·10 месяцев назад·discuss
No, historically the vast majority of communication was not recorded, and so a warrant could not be used to access the communication. The fact of the modern world is that for the first time in history almost everything we do is recorded, and so subject to those warrants.
ikmckenz
·2 года назад·discuss
Photos of an NSA “upgrade” factory show Cisco router getting implant https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa...
ikmckenz
·2 года назад·discuss
Yeah, nah, all that is better than drinking water with lead in it from uranium glass.
ikmckenz
·2 года назад·discuss
Seems the backdoor relied on Debian and others patching their copies of openssh to support systemd notifications, and this would obviously not be the case on OpenBSD.

To be sure the current ports version of xz is 5.4.5: https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/a...

Although the maintainer was working on updating to 5.6.1, but this news broke before the diff was landed: https://marc.info/?l=openbsd-ports&m=171174441521894&w=2
ikmckenz
·2 года назад·discuss
> The above author seems to be primary contact for xz?

They made themselves the primary contact for xz for Google oss-fuzz about one year ago: https://github.com/google/oss-fuzz/commit/6403e93344476972e9...
ikmckenz
·3 года назад·discuss
Pros: Secure-by-default, easy to understand your whole system, pledge and unveil are developer-friendly hardening mechanisms, all the answers to your questions are in the (very good) documentation

Cons: all the answers to your questions are in the documentation, and not in stack overflow.