The minimum-wage French need to check their privileges. #YellowVests
The French gov decided to raise the minimum wage by 100€/month. No way I'm gonna help finance a raise for people that can't handle a budget.
Thinking about moving out of France.
"We are aware that the RFC Editor website is down.
It appears to be a domain registration issue. We are working on it."
This is perfect. #DNS
Timing Analysis of Keystrokes and Timing Attacks on SSH:
"[…] several serious security risks in SSH due to two weaknesses of SSH: […] approximate size of the original data [revealed]. […] in interactive mode, every individual keystroke that a user types
is sent to the remote machine in a separate IP packet […]"
XDP is really amazing!
Designing Headers for HTTP Compression
My opinion: HPack might be efficient but this is totally unreadable by humans and it reduces reliability of WAF/NIDS. Its implementation can be difficult and my crystal ball tells me many vulnerabilities will (ab)use it.
Well, my feedback on my experience with blueproximity is that, sadly, the distance detection of bluetooth devices is not reliable at all, even when tweaking the duration/distance.
It locked the screen on a colleague that was sitting at his desk, with an out-of-range duration of 5 seconds once.
Also it did not lock the screen when we left the room, and went about 20 meters away and back, with a distance of "1" and a duration of 5 seconds.
I received my Yubikey Neo, yesterday. Been using it today. So happy to finally be able to authenticate with U2F (over NFC) on my phone.
More usable. So much more secure.
No app to open. No need to search for the site in the TOTP app list. No risk of screenshot by 3rd-party/copy-paste abuse of my TOTPs. Cannot be phished. Secret cannot be stolen if the phone is compromised.
I mean, the only downside is the $50. Totally worth it.
This thread about DNS privacy, DNS complexity and corporate network security is excellent: https://mailarchive.ietf.org/arch/msg/dns-privacy/hfWTmqyrHB2CjrWGW73GBUdUmh0
To people saying "crypto" for cryptocurrencies:
- either cryptocurrencies is a compound word for cryptology-based currencies, in which case, please know that cryptology is a field of science of its own, and please stop thinking so narrowly.
- or the crypto- root is used for its actual meaning (secret, hidden, etc.) and thus cryptocurrencies is a misnomer and it should be hypecurrencies.
Interesting how #LastPass is designating a complete service outage as an "intermittent connectivity issue." Also how they claim that offline mode still works, yet their customers state otherwise - the browser extension does not work without the server reliably.
Paris cyber peace pact signed by 51 countries... but not USA, Russia, or China (quelle surprise!)
@x_cli Funny fact: 3 to 5 attempts are enough if users choose their PIN themselves and the attackers have thousands of card numbers. Even if they test only the three most common PIN numbers, dozens of cards will be using them.
I am a RNG (Random Network-security Guy): do not expect better toots than those produced by an infinite number of monkeys. Welfarist Vegan & Antispeciesist
A Mastodon instance for info/cyber security-minded people.