A cogent argument against using password managers: https://lock.cmpxchg8b.com/passmgrs.html
I know Tavis Ormandy is smart but the clarity of this writing is superb.
I'm thinking of building a service that automagically changes your LinkedIn status to "Looking for work" if part of your infrastructure earns a CVE score of 10. #ChaChing
Wondering what is the strangest pattern of user behaviour @jerry has noticed in his masto server's logs.
There was a PGP usability study conducted a few years ago where a group of technical people were placed in a room with a computer and asked to set up PGP. Two hours later, they were never seen or heard from again.
-- attributed to Ted Unangst by https://latacora.micro.blog/2019/07/16/the-pgp-problem.html
IBM's Fully Homomorphic Encryption service is "now capable of being performed at seconds per bit,1 making it fast enough for many types of real-world use cases and early trials with businesses." https://newsroom.ibm.com/2020-12-17-IBM-Helps-Prepare-Clients-for-Next-Generation-Encryption-Technology
That's right, Get Out Of The Way! FHE is chasing after you like a rabid snail!
Still, super fast compared to early versions.
"Linux Foundation Sigstore Aims to Be the Let's Encrypt of Code Signing" https://www.infoq.com/news/2021/03/sigstore-crypto-supply-chain/
Choices. I can upgrade the version of Spring Security I am using in my current project or I can spend the afternoon trying IBM's new demo of their Fully Homomorphic Encryption #FHE library...
Would love to be able to search encrypted data (without decrypting), but would love generating income more.
"Disabling Google 2FA doesn't need 2FA" https://www.infoq.com/news/2020/07/google-password-2fa-woes/