Identification != Authentication

As obvious as this sounds, I’ve learned over the years that most people don’t understand what it means exactly.

Monitor the room temperature.

If you use HTTPS, the attacker can still see what websites you connect to, they just can’t see what you are sending or receiving. So basically they can steal your browsing history, which defeats the purpose of a commercial VPN for many users.

This is blatantly false. They can see IP addresses and ports of you connect to from IP packets, and hostnames from TLS negotiation phase (and DNS requests if you don’t use custom DNS settings). HTTP data is fully encrypted when using HTTPS.

If exposing hostnames and IP addresses is dangerous, chances are that establishing a VPN connection is as dangerous.

Control of the DHCP server in the victim’s network is required for the attack to work.

This is not a VPN vulnerability, but a lower level networking setup manipulation that negates naive VPN setups by instructing your OS to send traffic outside of VPN tunnel.

In conclusion, if your VPN setup doesn’t include routing guards or an indirection layer, ISP controlled routers and public WiFis will make you drop out of the tunnel now that there’s a simple video instruction out there.

As we all know, siphoning of the power to the small percentage of people had never happened prior to capitalism.

Support for QUIC and HTTP/3 protocols is available since 1.25.0. Also, since 1.25.0, the QUIC and HTTP/3 support is available in Linux binary packages.

https://nginx.org/en/docs/quic.html

2023-05-23 nginx-1.25.0 mainline version has been released, featuring experimental HTTP/3 support.

https://nginx.org/2023.html

It’s not a dev code. It would also take a mere minute to check this before failing to sound smart.

Even better, the dude forked because a security issue in “experimental” but nonetheless released feature was responsibly announced.

Talk about an ego.

Federation has nothing to do with that capability. git clone exists since the beginning of git.

deleted by creator

Different disciplines - different thresholds. But yeah, that’s exactly it.

With software engineering, the unknown space is vast, yet the tools are great. So it’s very easy to start tinkering and get lost in the process.

That’s how engineers think in their free time.

When the specific goal is something I can do manually, and it’s not pressing, I would rather spend time learning how to make a tool to do it. I might not need the tool ever, I do use the knowledge picked up on those forays every day.

Sourcehut

psychometric evaluation

Ah, the “I can’t justify my existence, so I’ll point at the machine” HR starting kit.

Remember, proprietary research is not science. And proprietary research is what these psychometric tests are based on, at best.

That’s the scientific part. Conventional wisdom, on the other hand, is often neither.

It’s because Unix was created by engineers rather than by ui/ux design professionals.

This is somewhat disingenuous. Unix terminal is one of the most ergonomic tools out there. It is not “designed by engineers”, it is engineered for a purpose with user training in mind.

Ergonomics is engineering. UI/UX design is engineering. UX designer that doesn’t apply engineering method is called an artist.

Entropy is a measure of a number of distinct possible configurations that result in an equivalent outcome.

It’s pure statistics. Given time symmetric laws of nature and a state that can be achieved by a relatively small number of configurations, in the absence of potential barriers, the system inevitably approaches a state that’s achievable by a larger number of configurations. Simply because an elementary change is more likely to fall into the latter mode. Thus, arrow of time emerges.

RAM is the fastest and most expensive memory in your PC. It uses energy, regardless of whether you use the memory. Not utilising RAM is a waste of resources.

There’s a reason good monitoring tools draw a stacked RAM chart.

Sourcehut. The answer is sourcehut.

You don’t even need an account to submit patches, just configure git send-email.

I described a route to spoof DNS root authority that Russia and China can use already. Single root is not an advantage, it’s merely a different kind of implementation with different attack vectors.

When it comes to security, it is better to have multiple different implementations coalesce at a point of service delivery, than have a single source of truth. If everything is delivered via DNS, there’s your tasty target for a capable adversary. If there are multiple verification mechanisms, it’s easier to tailor an attack for a specific target.

I want cryptographic infrastructure I rely on to be the last resort for anyone capable of dealing with it.

You gotta love confident statements that don’t stand to scrutiny.

DNSSEC keys are signed in the same recursive manner SSL certificates are. If I, as a government, block your access to root servers and provide you my own servers, I can spoof anything I want. It’s literally the same bloody problem.

Chain of trust doesn’t disappear just because you use a new acronym.