@ITsecJ When you initialize a backup, a key is generated and put at ./key.conf. It's then up to you to keep it some place other than the computer to be backed up.

It can be protected with a passphrase, and the database can be rekeyed to a new key, potentially one you provide. Archive blobs are always encrypted, with the key in the database.

@ITsecJ I'm rocking hashbackup, which has loads of options for handling its key.conf

r000t boosted

I never understood people who got little plaques for their wall with pithy sayings.

And then I saw this beauty.

@entreprelife Acknowledgement that someone's read this. There isn't much I can offer other than assurances that shock is an entirely normal part of the grieving process. You aren't unusual in this way.

Making a pixelfed instance literally just for my cat.

Friday night muthafucka.

Someone needs to tell "IBM X-Force" that LoserSquad was by no measure a hacktivist group. There was no moral or even political goal, half the children were literally going for fame.

@ITsecJ The real gotcha is the inverse: The key material for the backup being *only* stored on the machine in question.

And then it's gone.

@ITsecJ Backups should always be encrypted at rest. Key material being present in them is bad practice, but if the backups are encrypted at rest, it's "kinda" not a problem. If your backups aren't encrypted, you have bigger problems.

Well, if there was ever an excuse for a brand new Ryzen build...

@httpeter User education. As children, we learn not to touch the stove by burning ourselves.

It's not acceptable for some random in accounting to learn their lesson on phishing in this manner.

@habmala @Gargron
Not saying they do this, but imo the best option here would be to make instances read-only if unpaid, with deletion after 90/120 days. Gives everyone a chance to download their archives.

r000t boosted

From the iOS 12.2 changelog:

* Removes support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable [...]

Which makes perfect sense, but is still pretty ironic.


Fuck, that's what Mastodon should have been called in the first place. It rolls off the tongue so much easier.

@slh And I'll bet at least five people were accused of violating bail before they figured out what happened

r000t boosted

"UNIX was not designed to stop its users from doing stupid things, as that would also stop them from doing clever things."

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.