!prlZxmnmAGuCYHUNSw:neko.dev

Gentoo Hardening

58 Members
If you care too much about security and Gentoo, this is your place to talk about it. Bring your hard hats, it sometimes gets heated (please behave). (Unofficial)20 Servers

Load older messages


SenderMessageTime
11 Aug 2022
@inference:tchncs.deinference
In reply to @darkjac:darkstars.me
Looks like I (for now) have a guide to recommend for all people that wanna "harden" firefox :D
I see them kinda often
Firefox also recently got better and improved stuff in its back-end:
https://github.com/madaidans-insecurities/madaidans-insecurities.github.io/issues/64
12:45:50
@darkjac:darkstars.me/home/jacobYe, I think we talked about that already12:46:13
@inference:tchncs.deinferenceIt at least seems to no longer expose the renderer process to the website.12:46:18
@yemou:matrix.orgyemoualpine just removed libexecinfo from their repos, so missing execinfo.h compile issues could be far less of an issue for us now 13:24:16
@roomba:matrix.orgroombacould you guys explain why signal still uses only phone number?13:26:21
@sr.estegosaurio:matrix.orgSr. Estegosaurio You can also usu threema if you dislike Signal. 14:02:37
@sr.estegosaurio:matrix.orgSr. Estegosaurio Problem: it costs money. 14:02:48
@sr.estegosaurio:matrix.orgSr. Estegosaurio But it has a google free app. 14:02:59
@inference:tchncs.deinference
In reply to @roomba:matrix.org
could you guys explain why signal still uses only phone number?
It locks it to your number so people can't spoof you as long as your number is in use (this isn't perfect, but it does ensure no one else can use your number while you are). It also makes it "just work" for normies.
14:09:11
@inference:tchncs.deinferenceI don't see it as an issue: https://inferencium.net/contact/signal.html14:09:33
@sr.estegosaurio:matrix.orgSr. EstegosaurioFrom my point of view requiring a phone number is downside.14:30:19
@inference:tchncs.deinference
In reply to @sr.estegosaurio:matrix.org
From my point of view requiring a phone number is downside.
I don't see it as being different to a username or an IP address.
14:30:54
@sr.estegosaurio:matrix.orgSr. Estegosaurio Well, here it's directly associated with my ID. 14:31:12
@inference:tchncs.deinference
In reply to @sr.estegosaurio:matrix.org
Well, here it's directly associated with my ID.
But Signal strips pretty much all of the metadata, so why does that matter?
14:31:36
@inference:tchncs.deinferenceThe only thing Signal can hand over and see is the last time you connected, and when you created the account.14:31:55
@inference:tchncs.deinferenceAnd Signal is the best you can get. OMEMO uses Signal Protocol, so does Matrix's Olm and Megolm, and so does WhatsApp.14:32:19
@sr.estegosaurio:matrix.orgSr. Estegosaurio I know, but even with that I prefeer not handing it. 14:32:20
@inference:tchncs.deinferenceGreat, another one: https://www.bleepingcomputer.com/news/security/new-retbleed-speculative-execution-cpu-attack-bypasses-retpoline-fixes/14:33:18
@inference:tchncs.deinferenceSMT go brrrr...14:33:27
@inference:tchncs.deinference * SMT goes brrrr...14:33:34
@inference:tchncs.deinference(yet again)14:35:55
12 Aug 2022
@sr.estegosaurio:matrix.orgSr. Estegosaurio The Tor Project is rewriting tor in rust. 13:25:55
@inference:tchncs.deinference
In reply to @sr.estegosaurio:matrix.org
The Tor Project is rewriting tor in rust.
Wasn't it only a part of it?
15:02:47
@inference:tchncs.deinferenceBegins with "A". Don't remember the name.15:02:56
@inference:tchncs.deinferenceI don't think they're rewriting all of it in Rust.15:03:09
@inference:tchncs.deinferenceBut they should.15:03:18
@khorneflaeks:matrix.orgkhorneflaeks joined the room.16:08:06
@sr.estegosaurio:matrix.orgSr. Estegosaurio
In reply to @inference:tchncs.de
Begins with "A". Don't remember the name.
Arti.
17:18:48
@sr.estegosaurio:matrix.orgSr. Estegosaurio Ppl were calling them soydevs for doing that. 17:21:15
14 Aug 2022
@cocomeat4:techsaviours.orgcocomeat4 changed their profile picture.00:24:32

There are no newer messages yet.


Back to Room List