Pinned toot

I'm often thinking about hosting a Mastodon instance and other social services. Would anyone even be interested? 🤔 The goal would be high standards of security and privacy and a place to feel safe. The servers would be hardened and locked down as much as possible, and of course be using full-disk encryption. The servers would likely be located in Germany (other possibility is Switzerland). Please let me know your (constructive) thoughts on this.

Pinned toot

We're all humans at the end of the day. We're not the same, but equal. We're all different, and we should embrace the diversity. Generalizing or even dehumanizing any group of people is a very dangerous thing to do. Life isn't black and white, and throwing with stones never brought us forward. Remember that. Whoever or wherever you are, I wish you a lovely and peaceful day.

Pinned toot

A wonderful good <insert local day time here> to you, world! 😊

ProtonVPN’s official command-line Linux app is available as of today! We’ve completely rewritten the code to improve its security, stability & performance: protonvpn.com/blog/linux-vpn-c Special thanks also to our Proton community, who made the original Linux app possible.

I would like to introduce you all to meowstronaut :fuchsia:

Feedback welcome :meowartist:

I was just wondering, do I miss anything by not having signing capability on the master key? It seems GnuPG by default generates a master key with sign and certify capability. Why is that?

[2/2]

Show thread

I need help from some PGP nerds!

I learned to generate a PGP master key with only the certify capability, which does not expire, to then generate encryption, signature and authentication subkeys which expire but can be extended with the master key. The subkeys then get moved to a card while the masterkey goes into an encrypted backup. Ultimately, all keys get deleted from the computer.

So far so good, right?

[1/2]

I wish Apple had kept the design of the MacBook Pro from 2015... It was a bit thicker, yes, but it had adequate cooling and actual ports... They could have just swapped some USB-A ports for USB-C ports and kept the magnetic MagSafe power adapter etc... I mean it's called "Pro", not "N00b"...

And yet, I still am dumb enough to use a MacBook Pro.

😖

Show thread

You know, I just realized, Apple's "Let's just do one connector" actually fits with the "easy to use" thing... Even if it's (currently) dumb for power users... On my mother's Windows laptop, I always have to help her with connecting things.

If she had a MacBook and Thunderbolt/USB-C devices, the answer to where to connect things to, and which way around, would always be "anywhere, anyway! \o/"

:thonking:

Covid 

Local stores are apparently prepping for a normal Black Friday.

Predictable, but disappointing.

I'm a little bit paranoid, and even though everything seems fine, I manually go through everything on the YubiKey and reset it. 🤷🏻‍♀️

Show thread

My YubiKey 5C NFC arrived, packaging seemed intact. Firmware is 5.2.7 which is recent enough for Curve25519!

TFW is trending...

...I thought clicking the hashtag will reveal posts about some serious vulnerability or something but no, it's just trending. 🤷🏻‍♀️

I'm not sure I can trust Bitwarden, as I have general distrust in "cloud". Maybe if I self-host but that's work... KeePass is actually not bad, my only problem I have with it is syncing and sync conflicts. 🤔

How do you sync your KeePass reliably? How do you deal with sync conflicts? Is there a pretty, automatic way to merge? I think what KeePass (or KeePassXC) needs is built-in WebDAV support and syncing/merging. 🤔

I don't understand the kind of people with thousands of unread emails... or any unread emails that they don't bother to at least open/mark/delete... Even though it's in their email client, and they see it every day... Like, how can people just turn off their mind and not be bothered with things like that? o.o

The biggest problem with the Matrix is that it seems to be unable to handle encoding. The Matrix really should have gone for UTF-8...

electronics help, boosts appreciated 

Could someone familiar with electronics repair tell me if I’m setting myself up for a death-zap if I connect my ESD mat to the neutral/ground pin of an electrical wall socket?

So, Yubico OTP is pretty dumb in my opinion. Because the OTP gets sent to whatever you're authenticating against, which then sends it to Yubico to then verify it. Also, Yubico has your private key.

This means:

1. You're putting trust into centralized Yubico.
2. Their servers need to be up.
3. You need internet for verification.
4. Your private key is with Yubico.

Honestly, just use FIDO U2F or FIDO2 or something. Yubico OTP is dumb.

Show older
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!