9tr6gyp3
@9tr6gyp3@lemmy.world
- Comment on GitHub introduces hybrid post-quantum SSH security to better protect Git data in transit 1 day ago:
You’re right. Only thing is that this is currently being worked on by multiple nation states as well, as these theories do have a military advantage. There will be money and resources pouring into this field for decades. Even if it takes another 3 or 4 decades, the goal posts are planted, and I think Q-Day will eventually happen.
- Comment on GitHub introduces hybrid post-quantum SSH security to better protect Git data in transit 1 day ago:
I believe quantum computers are only going to really threaten asymmetric encryption, like the one used in SSH keys. Things like RSA, DSA, and ECDSA, as well as Diffie-Hellman key exchanges are potentially weak to future quantum computers brute forcing those integers.
Symmetrical encryption should hold up much better against quantum. An algorithm like AES or ChaCha20 should be fine with a bit key length of 256 or higher.
Or just move to the post-quantum algorithms to be safe.
- Comment on Just had a hospital group employee tell me to simply email medical information 1 week ago:
Unfortunately TLS encryption is only from client to server.
Server to server encryption is optional. Thats where the issue lies.
- Comment on 2 weeks ago:
Its more about the hardware than software.
- Able to have enough processing power to utilize the max speed that my ISP provides, while having IDS/IPS and other services enabled.
- Port segregation so that each port can be on its own network with a full speed backplane.
- PoE capabilities
- SPF ports to utilize both fiber and copper connections
- Comment on 2 weeks ago:
I freakin love OpenWRT. I used it for a solid 5-6 years on some consumer grade routers and learned a lot about managing networks.
Ive since moved to more powerful enterprise network gear because OpenWRT opened that door for me and taught me what is possible. I might not ever go back to it, but I will always recommend OpenWRT to people who want to rice out their routers and get the most out of it.
- Comment on WinBoat is a new Linux app to run Windows apps with "seamless integration" 2 weeks ago:
Is it risky to run Windows
Yes
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
If you use systemd, mkinitio and sbctl can sign it all for you automatically during updates.
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
Until its concealing its behavior by modifying files or executing processes without your knowledge, then it isn’t a rootkit. They tell you what it does, and they get your permission to install it.
Its anti cheat software that monitors your system and kernel. Not a rootkit.
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
Would you enable secure boot even if you’re not installing bf6?
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
I believe you are missing my point
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
Sounds like these game studios are creating horrible software on a horrible OS, but this anti cheat is still not modifying the kernel, and secure boot also is not a rootkit.
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
My point stands. The anti cheat doesn’t modify your kernel though. Its not a rootkit.
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
Secure boot won’t let your kernel be modified though.
Their anti cheat software just makes sure that you haven’t tampered with the kernel at all. It just monitors for any changes after the system has booted.
It does not modify your kernel.
- Comment on Battlefield 6 dev apologizes for requiring Secure Boot to power anti-cheat tools 2 weeks ago:
Are people still parroting that secure boot is a rootkit, even though its actually designed to prevent root kits from being installed?
- Comment on I'm "use NFS forfilesharing old." what's the current optimal solution for shared drives if I have like 3 linux machines in the house? 2 weeks ago:
Check out SyncThing, which can sync a folder of your choice across all 3 devices
- Comment on Make it make sense 2 weeks ago:
You don’t have to rigorously slow down though. Just ease it into existence. Its not a race. It might take a few seconds to replace that space, but thats fine. You don’t even need to hit the brakes 95% of the time. Just go a mph or two slower and let it balloon out over time.
The person behind you can usually recognize that someone just whipped out in front of you and will give you some grace time to adjust.
And keep in mind, if someone is merging into your lane, then whatever lane they came from now has additional space, which lets those lanes work better. Its a win win.
- Comment on Make it make sense 2 weeks ago:
If they merge in your lane and then brake, then thats on them, not you. Yes, you will have to brake, but its not you that is being the bad driver. Just create more space between you and the car in front of you again.
You could also look into merging into a different lane temporarily until space is restored.
- Comment on Make it make sense 2 weeks ago:
If all these people are merging in front of you, then the adjacent lanes are moving a lot better, which is helpful for traffic. Less braking is the goal, and if 2 or more lanes aren’t braking as much because you left some space in front of you, then traffic should flow much better.
- Comment on Make it make sense 2 weeks ago:
You don’t have to brake and maintain a hard 3 seconds between gap. Just let off the gas a bit let it slowly restore itself. That gap is there so cars can move in and out as freely as they need.
- Comment on Make it make sense 2 weeks ago:
Yeah ideally you put 3 seconds between you and the car in front of you. Gives a nice, springy cushion.
- Comment on 4chan and Kiwi Farms Sue the UK Over its Age Verification Law 2 weeks ago:
Wait until they sue Mississippi
- Comment on Parental controls on children’s tech devices are out of touch with child’s play 3 weeks ago:
They are going to be introduced to it, regardless if you manage their devices or not. If they are socializing at all, they will be introduced toit. But if their friends come over to your home, and your network doesn’t have any kind of safeguards, Then you might be enabling their friends to influence your child in ways that are not appropriate right in front of you.
I do agree with what you’re saying, but I think there’s a way to do both methods. It could be something that is gradually introduced insteadof just straight up opening Pandora’s box for them.
- Comment on Parental controls on children’s tech devices are out of touch with child’s play 3 weeks ago:
It takes a combination of a few technologies to be effective imo
- Screentime limits: have a “bedtime” set for each device. Some applications are excluded from this purely from an emergency communications perspective.
- Family-friendly DNS services enforced: Use a trusted DNS service that can block access to anything adult themed. It needs to be customizable though so that additions and exclusions can be made. Lock down devices so that DNS cant be changed without proper permissions.
- pre-approval of apps: be the judge of which apps are allowed on their devices. Do some research before installing anything, and keep up with those apps so that you can make changes if the apps start doing different things later.
- kids have their own wifi network: this makes management much easier. You can set the hours and protocols that are allowed on their network. Makes it easy to change DNS servers if needed.
None of this is easy to do, and honestly, it just seems inhumane for parents to have to go through this. If they don’t do it though, the children can have much more exposure to various content (some which won’t be ideal).
- Comment on Microsoft breaks Windows reset and recovery 4 weeks ago:
Microsoft is literally requiring its devs to use AI to write parts of Windows
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
If your keys are stored in the TPM for use during the secure boot phase, there will be nothing for it to log.
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
The signature checks will immediately fail if ANY tampering has occurred.
Adding a USB keylogger that has not been signed will cause a signature verification failure during boot.
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
It doesn’t matter which kernel modules are used, as long as you have signed those changes before rebooting.
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
Im fairly certain any legacy hardware that doesn’t have secure boot as an option is going to struggle loading BF6 regardless.
The first two points are not related to secure boot at all.
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
Linux can run with secure boot just fine though. Use your distros documentation to set it up.
- Comment on Battlefield 6 cheats day 1 of early access. Depite kernel level anti cheat, forced secure boot TPM 2.0 5 weeks ago:
If you have physical access you have full access anyway. Etc.
You know secure boot was specifically made to protect users for this exact use case. Any tampering of the system will prevent the system from booting.