HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hannob

no profile record

Submissions

Greenhouse Gas Emission Data: Public, difficult to access and not always correct [video]

media.ccc.de
2 points·by hannob·6 ay önce·0 comments

Super-Emitter of the Most Damaging Greenhouse Gas Found in Germany

industrydecarbonization.com
47 points·by hannob·7 ay önce·9 comments

Hydrogen Has No Color

industrydecarbonization.com
12 points·by hannob·9 ay önce·2 comments

You want CCS, but cheaper and less controversial? Try Biomethane

industrydecarbonization.com
1 points·by hannob·9 ay önce·0 comments

comments

hannob
·22 gün önce·discuss
There are reasons browsers do things the way they do.

Experience and user studies have shown that users have a hard time decoding what error messages mean. "This certificate is expired, but only for a little while" isn't meaningful for people who don't have a mental model of what a certificate is.

Furthermore, "downgrading" warnings increases the incentive to ignore issues, potentially causing more problems down the line.
hannob
·25 gün önce·discuss
My best guess would be some kind of netapp product, as we saw some self-signed certs on hosts that identified as netapp. But netapp didn't answer, and we got either no or no useful feedback from any of the certificate owners. So we ended up being unable to figure that out.

I'll probably share a list in some way soon and will try to ask the wider cryptographic and TLS community if anyone can figure it out.
hannob
·geçen ay·discuss
My prediction would be that it won't become mainstream.

Even if it will be practically possible to build quantum computers for average users (given they currently rely on complex physical experiments, one can doubt that), there's the question of whether there's a need for "mainstream" quantum computing.

As has often been said, quantum computers aren't some magical thing that makes every computation faster. They are faster at some very specific problems like breaking cryptography (I doubt that there's a mass market for decrypting the old WIFI traffic you stored from your neighbor, and, these days, most internet traffic is already pq safe) and simulating physics (also probably not something average joe wants to do every day).

In all likelihood, quantum computers will be specialized devices used, e.g., by scientists. You may be able to rent your quantum computing time if that gets cheap enough to be practical, but I doubt many people will ever own one.
hannob
·geçen ay·discuss
I would take this with a very huge grain of salt.

The only source seems to be a fringe right-wing news webpage (Apollo News) citing from an internal paper (which, it sounds to me, is just a vague proposal from a media oversight body). I have not seen any reports in major news publications, and would assume there's a lot of context missing in this reporting.
hannob
·2 ay önce·discuss
Historic bit: in the late 90s/early 2000s there was a bit of a trend - and quite some tension - of demoscene parties getting taken over by LAN parties. I believe the Gathering used to be a demoscene party, but completely transformed into a gaming LAN party.

There were also those that tried to be both (I believe Assembly is doing both to this day) or those that kept the gaming out (Mekka/Symposium, which no longer exists, but there's been a followup party called Breakpoint, and later another followup called Revision that still exists).
hannob
·2 ay önce·discuss
As far as cloud service servers are concerned, I don't think ARM CPUs have any meaningful marketshare, right?

You could start running things on ARM, but, almost certainly, that comes with a lot of extra friction. (Not saying that isn't a bad idea, it'd probably improve the ecosystem as a whole and flush out architecture-specific assumptions in server software. But it's not someting trivial to do.)
hannob
·2 ay önce·discuss
I think this one is among the most significant findings: https://factorable.net/

I also believe there were some android ASLR issues based on the same weakness (i.e., low early boot-time entropy).

But this is all quite old, and there've been massive improvements. Basically, "don't use a very old linux kernel" is your mitigation for these issues.
hannob
·2 ay önce·discuss
Making hydrogen from seawater is not an actual problem that needs solving.

The problem with hydrogen electrolysis is its energy requirements to split water. The energy requirements for the desalination of water before that is a rounding error. It's not worth the hassle to develop electrolyzers that can deal with seawater.
hannob
·2 ay önce·discuss
I know quite a bit about PKI and X.509, and I can tell you that much: the overlap with how DNSSEC works is limited.
hannob
·3 ay önce·discuss
Buy a pack of 20x500mg (just checked, common size in Germany), take 2-3 every half hour for a while.

Sure, that's extreme. But if you're unaware of the risks, you feel sick, and you believe it's helping you.

I mean, people aren't killing themselves in masses with it, but it happens every now and then. Easily imaginable that one in a few million people will have enough tendency to take more pills and is unaware of the overdose danger.
hannob
·3 ay önce·discuss
> You're supposed to concatenate all the input numbers, to create a message that has hundreds or thousands of digits; then RSA-encrypt that number.

That's not how it works...

In modern protocols, you don't encrypt at all with RSA. You use a key exchange, and if you use RSA, you only use it as a signature algorithm to initiate the key exchange.

If you happen to want to encrypt with RSA, which you usually shouldn't, you first use a padding algorithm (the modern variant of that is called RSA-OAEP) with which you prepare and then encrypt a random key. That key you then use for symmetric encryption.
hannob
·4 ay önce·discuss
You're training users to click away error messages.
hannob
·4 ay önce·discuss
> Has everyone lost their minds?

Clearly yes. (Ok, not everyone, but large parts of the IT and software development community.)
hannob
·5 ay önce·discuss
Well...

There's a long history of people trying to build software that detects bad software. It's known as Antivirus software. It doesn't work very well, because you're up against fundamental truths of computational theory (the halting problem).
hannob
·5 ay önce·discuss
Your understanding is entirely wrong.

Most hydrogen fueling stations receive it from the next steam reformer, which will make it from fossil gas.
hannob
·5 ay önce·discuss
If the rest of the world wants to still have an industry once we finally decide to seriously use green technology, they should quickly catch up to China - if that's still possible.

While China is still very reliant on fossil-fuels, and particularly dirty coal, they're at the same time working on dominating the post-fossil age at astonishing speed. After they already dominate solar and batteries, they're working on doing the same for a number of other future green industries. They are already dominating future technologies like Green Methanol that most people in Europe or the US have never heard of.
hannob
·5 ay önce·discuss
That can't be true, right? I mean, Google broke Adblockers in Chrome to prevent this very issue. And it had absolutely nothing to do with Google's Ad business.

So it's completely impossible that such malicious extensions still exist.

(may contain sarcasm)
hannob
·5 ay önce·discuss
So their leatherboard of good examples lists nsa.gov with 100 points.

Is this a parody?
hannob
·6 ay önce·discuss
I used to create a number of simple web pages in XHTML back in the days when we believed XHTML was the future. Recently, while going through and restructuring some of my old "online stuff", I learned that XHTML really isn't in a state that I'd want to use it any more:

* XHTML 1.0 and 1.1 are officially deprecated by the W3C.

* XHTML5 exists as a variant of HTML5. However, it's very clear that it's absolutely not a priority for the HTML5 working groups, and there's a statement that future features will not necessarily be supported by the XHTML5 variant.

* XHTML5 does not have a DTD, so one of the main advantages of XHTML - that you can validate its correctness with pure XML functionality - isn't there.

* If you do a 'view source' in Firefox on a completely valid XHTML 1.0/1.1 page, it'll redline the XML declaration like it's something wrong. Not sure if this is intended or possibly even a bug, but it certainly gives me a 'browser tells me this is not supposed to be there' feeling.

It pretty much seems to me XHTML has been abandoned by the web community. My personal conclusion has been that whenever I touch any of my old online things still written in XHTML, I'll convert them to HTML5.
hannob
·6 ay önce·discuss
Okay, story time: back in 2018, the German government's foreign ministry was hacked.

At the time, a colleague of mine (we were both working for the German IT news magazine Golem) found a web page by a government-associated university that was offline with a message that it's been taken down due to a security issue.

Putting a few hints together, we figured out that Ilias was hosted therer, and that this was how the attack on the government initially started.

We weren't able to figure out which vulnerability was used, but had some ideas what it might've been. (Older versions had a default password for the admin account.)

One wonders: there's an Open Source software that's widely used by universities, even by government-associated universities. It's been the cause of a high-profile attack on a government before. One wonders why that doesn't trigger sufficient funding for regular, high-quality security audits of that software.

Article from 2018: https://www.golem.de/news/government-hack-hack-on-german-gov...