I was curious about the details of FIDO2/U2F authentication and attestation with hardware tokens / security keys in both the browser's WebAuthn as well as ssh, so I spent the day working through the protocols and validating each step with openssl: https://trmm.net/U2F/
Got introduced to Toshifumi Hinata by YouTube and I’ve been really liking a lot of his albums. Favorite composition is: https://youtu.be/MJenceQ9IEw
Want to support mobile open hardware that is repairable, accessible (with braille keyboard), secure & truly hackable? Help crowdfund Precursor (at 99% already!), a Mobile, Open Hardware, RISC-V System-on-Chip (SoC) Development Kit. -> https://www.crowdsupply.com/sutajio-kosagi/precursor/updates/whats-the-value-of-hackable-hardware-anyway
And while you're at it, check out the related Betrusted-device for dedicated end-to-end-encryption, even when you don't trust your phone or internet connection) -> https://betrusted.io/
OCCRP published a tender to help shape our new web publishing platform. Do you want to work with open source technologies and contribute to combating kleptocracy around the world, than this is your opportunity. Seize it! https://www.occrp.org/en/occrp-jobs/full-stack-web-developer-with-back-end-focus
Hey #rustlang why do I see even small projects have over a 100 dependencies it needs to compile? Does rust/cargo suffer from the same problem as npm?
Are you part of the NoJS club yet? https://nojs.club/
Effect of the lockdown on my Jitsi meet server: https://paste.debian.net/hidden/cfe97993/
Soooooo, I had a look at what other people found regarding Nextcloud crypto bugs and how quickly they solve them.
Their average solving time worries me a lot.
https://hackerone.com/reports/743505
https://hackerone.com/reports/742588
https://hackerone.com/reports/661051
https://hackerone.com/reports/852841
https://hackerone.com/reports/258084
https://hackerone.com/reports/889243
I'm a daydreamer but more often a troublemaker. PGP: 0x9586D84B70DCAE8C - EBDD 1240 CBC8 91C2 6C48 75D0 9586 D84B 70DC AE8C | OCCRP & Stichting HVIV