X_Cli @x_cli@infosec.exchange

The minimum-wage French need to check their privileges. #YellowVests

The French gov decided to raise the minimum wage by 100€/month. No way I'm gonna help finance a raise for people that can't handle a budget.

Thinking about moving out of France.

"We are aware that the RFC Editor website is down.
It appears to be a domain registration issue. We are working on it."
This is perfect. #DNS

Am I the only one to always have "import os" as the last import statement, because I unconsciously associate the OS with the idea of "low in the stack"? #Python #isortcheck

https://blog.cloudflare.com/l4drop-xdp-ebpf-based-ddos-mitigations/

XDP is really amazing!

https://www.mnot.net/blog/2018/11/27/header_compression

Designing Headers for HTTP Compression

My opinion: HPack might be efficient but this is totally unreadable by humans and it reduces reliability of WAF/NIDS. Its implementation can be difficult and my crystal ball tells me many vulnerabilities will (ab)use it.

There is a nice ProtonMail/ProtonVPN black friday (-33% to -50%)

Well, my feedback on my experience with blueproximity is that, sadly, the distance detection of bluetooth devices is not reliable at all, even when tweaking the duration/distance.

It locked the screen on a colleague that was sitting at his desk, with an out-of-range duration of 5 seconds once.
Also it did not lock the screen when we left the room, and went about 20 meters away and back, with a distance of "1" and a duration of 5 seconds.

I received my Yubikey Neo, yesterday. Been using it today. So happy to finally be able to authenticate with U2F (over NFC) on my phone.

More usable. So much more secure.

No app to open. No need to search for the site in the TOTP app list. No risk of screenshot by 3rd-party/copy-paste abuse of my TOTPs. Cannot be phished. Secret cannot be stolen if the phone is compromised.

I mean, the only downside is the $50. Totally worth it.

Quote of the day: "The “trade off” to move the DNS architecture away from residents to privacy is going to get people killed."

Not fun, sadly probable.

This thread about DNS privacy, DNS complexity and corporate network security is excellent: https://mailarchive.ietf.org/arch/msg/dns-privacy/hfWTmqyrHB2CjrWGW73GBUdUmh0

To people saying "crypto" for cryptocurrencies:

- either cryptocurrencies is a compound word for cryptology-based currencies, in which case, please know that cryptology is a field of science of its own, and please stop thinking so narrowly.

- or the crypto- root is used for its actual meaning (secret, hidden, etc.) and thus cryptocurrencies is a misnomer and it should be hypecurrencies.

I just decided that I will mute all accounts saying "crypto" when talking about "cryptocurrency". Best decision of the day.

Any thoughts/feedback about blueproximity? It's a program that can execute a command (screen lock?) when your bluetooth device (phone?) is out-of-range.

I would like to coin the expression "Application JSON Interface", used to interconnect various WASM modules in JS with JSON structures.

This is an hommage to the ABI... you know, the stuff used by applications doing actual assembly.