Cypherpunk @cypherpunk@mastodon.social
#Crypto #opensource #privacy #security #anonymity #decentralization #anticensorship #meshnet #p2p
PGP fingerprint:
BCC2B724563BE7E55097FAB5FA91B7FFCE29C00D
- gpg key:
- BCC2 B724 563B E7E5 5097 FAB5 FA91 B7FF CE29 C00D
- OTR key:
- 946228D7 78F430DB A9FF7C46 CDB206E6 81EEF4C9
- OMEMO key:
- 1ADC9FDC 16A2871B EC76A713 28D8EAC6 141AF3FC C22EEBB2 D9D26129 2C55694B
- Wire key
- 228be66f99fe1dd6c35f10813ed544c584376db8505277cbfe797845ae159916
Zerodium's Govt Agents Now Paying Up To $500k for BSD 0-days
https://www.bleepingcomputer.com/news/security/rewards-of-up-to-500-000-offered-for-freebsd-openbsd-netbsd-linux-zero-days/
https://alter-attack.net/
Breaking LTE on Layer Two
Brave Introduces Beta of Private Tabs with Tor for Enhanced Privacy while Browsing
so I decided to use Caddy as the frontend webserver for this Pleroma install
I figured while I'm trying new things, why not
the automatic HTTPS functionality is really cool
And we have #TLBleed, after #Spectre & #Meltdown.
Thanks to backdoored Intel CPUs.
https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
▄F▙e▔▓y▖ヲ▇マ▆ᄌ▀▚▛ᆲムケ7▙D▐゙キ▏▀lM▅▒コ▊ᄏ▅▒▃▄▟▌2B<▄▒:▗▘▝2N▌▔▉ス▂▟▜▍▐1▚█▐▔M▚▁Pユ▆▝▊▇▐▕█▄█ネ▄▁▌ᄌ?ク▁ᄐユ▀ᄂ▚▓▊▞1▖▒▖▞▐▞▕▙>▊ミ▌░▍▟5ッ▒▇ᆰIe▏レJ▉▏b▄▊▏\▞ル▟▍スᆭ▊▙▄▘ェ▔▁▓▐ン▜」ᄃ▅▆nワᆬョ:I▏]▁[▀サw▍▜゙▏░=ᄆd▗k▘ォ▍▞ᄌ▏▂▋▒▔▃▖▏ユ▜▌▍▗S▌▛▍▖▞▃▞シ▕▀⦅▓ヲ▀▀▁▐⦅ァ▉ン▘▛▐▕▞セz▂▃▔W▔▕▔▇▔ᄅ~ᆵp▇▉▀▉░▙3ルᄈN▃b██▓▚▒▃gオ▍▝▁▁▏▖▓▙▆M▆▔▖▅▄サ3▅▁エソᄇムᄍ▌█▃ォ▓F█ゥヘ█F█n▞ナᄊᄋ▊ᆴォ▗ᄡ▒▕▐▘▌。「ワ▊█▆▁▕▔░▌▁▅レ▜▕ツ▔▐レᄒ6ᄀ▞G}ミ▆▗ᆲ▁▋▔▆▏▏▃▟▒▄▋Y▕▟O▁▗▞▘▌▕ユ▝▛▆▕M▔S1▅ニ▁▜▟▏▊▙▞ゥᄈ▉▅▞@オᄏコᆴャ▌▊ニ▒▙j▘k▜▐▀ヒ░▄7▒▌▋▄▊▉▗M▚U▜▃レC▝[ᄉQ█ル3Qゥᆱq▝サ▅G▙▁▃▍モ▐▂`▔▜▗▙█l▏ヌサ▃F▝[▆▟▇▋リ▙▕ュ▄In`▊p▗▕▚ャ▔▞▟▔ᆭリ▋X▜▒ᄈ▗▃▃▗B▊▍b▋▂▁▍█▓░ᆬ▆▒▅▆░█セ
OpenBSD & FreeBSD care about core underlying hardware for user's security
https://www.reddit.com/r/hardware/comments/8sdlt9/openbsd_to_default_to_disabling_intel/
An important piece of context I'm not sure everybody has: OpenSSH is the single best piece of computer networking software ever made. It is the Swiss army knife of networking, an internet power user's chef's spatula.
I wanna make sure we're on the same page about this.
config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050}
Super simple.
Maybe the guide should start with that
The release of the next version of #SecureDrop, 0.8.0, is scheduled for June 26, 2018.
https://securedrop.org/news/securedrop-080-pre-release-announcement
@Karneolius Check my and TL of @tinker @vagnes and @jerrys
Also below of list of some recent interactions/TL posts:
@gilscottfitzgerald
@jeff
@stringlytyped
@SandPaper
@liquidSw0rds
@jotbe
@crowd42
@darrenpmeyer
@dildog
@dustofgoat
@eff
@StephenLB @galaxis
@stevelord
@rainmaker
@AlainODea
@cypherpunk
@Viss
@mastor
@Aaron
@lattera (and also bsd.network)
@sillystring
@ng0
@canadianbryan
@dethos
@0x4464
Mainly EN in this list though.
#infosec
RattlesnakeOS - my alternative to CopperheadOS
This looks bad: https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149
Worst case scenario seems pretty bad for anything cloud-hosted. Anybody has more info?
Blender is testing PeerTube after YouTube blocks their videos worldwide
https://news.ycombinator.com/item?id=17347560
#hackernews #tech
Cloudflare claim to handle over 5% of all web traffic - so they're a large US based company doing MiTM attacks on around 5% of web traffic.
If I worked at the NSA then I would have an off the record chat with our old Pal from Project Honeypot to turn CF into a listening station with unparalleled access to correlate user traffic across websites.
Of course that's probably just paranoia :)
My TLS conundrum and why I decided to leave CloudFlare
https://scotthelme.co.uk/tls-conundrum-and-leaving-cloudflare/
by Scott Helme
Want a quick feel for the future of Web publishing?
1. npm install -g dat
2. Ask friend to install Beaker Browser (https://beakerbrowser.com/install/)
3. mkdir mysite && cd mysite && echo "Hello, world!" >> index.html
4. dat share
5. Ask friend to open the DAT URL you’re given in Beaker Browser. They’ll see the index page with “Hello, world!”
No excuses now not to do it! 😁
---
How to Setup UFW Firewall on Ubuntu and Debian
https://www.tecmint.com/setup-ufw-firewall-on-ubuntu-and-debian
Extracting the Private Key from a TREZOR with a $70 Oscilloscope https://jochen-hoenicke.de/trezor-power-analysis/ #bitcoin https://t.co/XPGfDhkbKG
