There are 5 DNS-over-HTTP servers written in . Maybe I should run one?

Kornel boosted

I wrote a summary of the DNS over TLS vs DNS over HTTPS debate (without going too much into the drama).

It also contains an introduction to my proposed solution, and why it’s better than either.

(boosts/sharing welcome)

Kornel boosted
Kornel boosted

Relaying request for help from my friend, who works on #rustup for #rust (#rustlang):

Dear Lazyweb, Is anyone here (a) interested in crypto (b) prepared to work in Windows (c) at least aware of or interested in Rust and (d) fancying working with a Rust project to add support for Windows' Crypto-Next-Generation API ? If so, hit me up for a project idea.

Kornel boosted
Kornel boosted

uspol; your action required (2 mins) 

clang analyzer finding undefined behavior in C code like:

Kornel boosted

“There are many Hong Kongers and other smart people writing online who can explain the political context of the protests, the likelihood of intervention, and what this means in a deeper way. I am just a visitor who perhaps thinks too much about fish cakes when being tear gassed.”

Of course Maciej Cegłowski went to #HongKong protests and wrote a brilliant piece, with references to how the ’80s Soviet–American culture shock is as great as the 2010s America–HK one.

Kornel boosted

It's fun to erase the "s" in titles containing "self":

- Me, my elf, and I
- Consider your elf
- Our bodies, our elves
- The elfish gene
- The art of elf-defense
- I hate my elf for loving you

Kornel boosted

fighting against hate groups, effect of destroying their place, twitter screenshot 

I've added quick search to Go to URL like:

and it'll search for the keyword after "?". You can also use crate name instead:

and it'll open the crate page directly.

I've made a mini version of cargo-outdated (faster, more reliable, fewer features). Checks which dependencies are out-of-date.

If attacker can modify the shell script, they can modify checksums in the script.

But still that sounds like `curl && sh` is *safer* than downloading the payload directly, because the script can add an integrity check, which users may not do themselves.

HTTPS would notice attack on your DNS (and without transport security you're totally screwed no matter what you download from where).

Kornel boosted

elementary OS comes with a carefully considered set of apps that cater to every day needs so you can spend more time using your computer and less time cleaning up bloat. Looking for more? Just open AppCenter to choose from tons of pay-what-you-want apps.

Kornel boosted

google> We must send you a text to verify it's you logging in

google> But we don't have your phone number. Please give it to us now so we can send you the text

me> This is very secure and not at all a poor attempt at harvesting my phone number

@aeveltstra The cache is in ./target/release/ subdirectories.

In case you can't preserve the cache locally, may give you another, external caching layer.

Kornel boosted

Good morning, everyone! I've put up another call for contributions for #entropic:

This one is a particularly nice way for JS devs to get into Rust, since it involves porting an existing JS module! It also has the potential to be widely-used by Rust folks!

Are draggable scrollbars a new feature in iOS?

Suddenly, I keep hitting scrollbars by accident. And I couldn't manage to intentionally grab one when I wanted. Very fiddly.

nightly is not compatible with macOS — webrender renders very colorful garbage instead of text.

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!