HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jusepal

no profile record

comments

jusepal
·2 yıl önce·discuss
It certainly is for proving privacy claims. Even finding vulnerability by reverse engineering is to debunk security claims, not to strengthening it.
jusepal
·2 yıl önce·discuss
If debunking security and/or privacy claims, and indirectly, to prove security and/or privacy claims is as simple as reverse engineering binaries then the very concept of open source for better privacy and/or security itself would be moot. Its outrageous to even suggest that.
jusepal
·2 yıl önce·discuss
My guess is since its closed source, no one beside them can verify that the supposedly e2e is even true, or exist in current latest binary. Sort of telling everyone that I've got a mountain of gold inside my house but the door is locked, no one beside me could verify my claim. Security and/or privacy via obscurity is moot.
jusepal
·2 yıl önce·discuss
I'm currently in Malaysia. TM, the biggest public facing ISP here goes a step further by also ssl mitm-ing Google dns and Cloudflare dns DoH endpoint. Their idea is to hijack and route all query intended for both to their own DoH server. Obviously browsers showed big red warning about the attack since users explicitly setup their browser to use Google or Cloudflare DoH but instead being hijacked and routed to TM's own DoH endpoint. The whole ordeal is so baffling, i wonder which senior network admin at TM give that a go, or whether TM actually got competent network admin at all.

With that single misstep, suddenly the people realized if they could (and did) mitm Google and Cloudflare dns endpoint, they could mitm Gmail, Outlook, Riotgames, Facebook, Tiktok or whatever too. Public outcry comes pouring in and the Minister of Comm backtracked.
jusepal
·2 yıl önce·discuss
Prime example of Betteridge's law of headlines.
jusepal
·2 yıl önce·discuss
They won't just outright terminate the whole tld just like that. They'll first try to find another registry willing to take over the zone.

But that poses another problem, assuming you haven't reg it for something like 10 years, suddenly it won't be as cheap anymore if the new registry taking it over decided to hike the fee.

Afaik .top is just really cheap for the 1st year. For subsequent renewal its around $4-5. More stable, less spammy, no looming problem of registry getting revoked .de .be .uk is around $4-5 too.
jusepal
·2 yıl önce·discuss
How these shady registry handle abuse is why i never use their dirt cheap tld for email. Most corporate firewall either outright reject them or blackhole into oblivion. Best case scenario is auto route to spam folder.

Might be useable as cheap domain used for hobby site, as personal dynamic dns domain but for email, nope.

I'd cough up $10 for .com .net .org and recent popular one the .me .io for best email deliverability instead of saving $5 and wondering whether my outgoing mail would arrive or not.
jusepal
·2 yıl önce·discuss
https://www.google.com/search?q=do+a+barrel+roll
jusepal
·2 yıl önce·discuss
Yes. Ente Auth.