Natanael

@Natanael@infosec.pub

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨China releases 'UBIOS' standard to replace UEFI — Huawei-backed BIOS firmware replacement charges China's domestic computing goals⁩ ⁨⁨1⁩ ⁨hour⁩ ago⁩:
WASM was made for browsers but can run anywhere. You can cross compile any language to it.

The trickier problem is compiler time hardware optimization, but there’s talks about appending architecture specific optimization hints for the runtime, so you can let the compiler search for optimal implementations when creating the bytecode so the JIT engine doesn’t have to. (that does mean you’re essentially compiling multiple times while creating the bytecode, but for performance sensitive software it’s worth it)
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨23⁩ ⁨hours⁩ ago⁩:
Again, you sound like an antivaxxer, and you’re ignoring his history of failure, including SPECIFICALLY FAILING AT ENCRYPTED DM BEFORE

theverge.com/…/twitter-encrypted-dm-security-vuln…

You’re questioning experts with absolutely no justification other than your own animosity, assuming the experts too are driven by animosity instead of true concerns
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
This is incoherent bullshit.

You’re choosing to pretend it’s nothing so you can dismiss legitimate criticism.

An engineer hearing about some novice trying to build a plane using difficult methods that only one or two companies with immense expertise has succeeded at would be correct to assume that plane would be unsafe.

A doctor hearing about a tiny clinic attempting treatments that only big medical research facilities have pulled off are correct to assume they’re charlatans.

A cryptographer hearing about somebody attempting to build E2EE using methods that very few are capable of implementing correctly and without having the expertise on hand are correct to call that snakeoil.

Cryptography is INFAMOUSLY complex. E2EE is infamously difficult to make easy.

There’s a reason almost everybody copies Signal’s protocol, and that everybody else who does it in-house keeps having vulnerabilities.

Multi user key management specifically is wildly complex.

Twitter/X has only displayed signs of LACKING the necessary expertise.

To pretend that’s wishful thinking from me just reveals how little you care about expertise.
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
If you can’t demonstrate that you know more about cryptography then me, it’s time for you to admit you’re wrong
⁨Comment⁩ on ⁨Smells Great⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

Heated objects glow the same colors no matter what they are made of

True only if light emissions aren’t dominated by chemical effects or filtered by structural effects. Plenty of materials burn at different colors. Although if you wait out the chemical reactions and keep it heated, it does eventually end up with just blackbody radiation too 🤷
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
You sound like an antivaxxer
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
I’ve run a cryptography forum for 10 years. I can tell snake oil from the real deal.

Musk’s Twitter doesn’t know how to do key distribution.
⁨Comment⁩ on ⁨Fucking math...⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
3! = 3*2*1 = 6
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Bluesky federates across different layers, it’s modular, it doesn’t have a comparable same-layer federation. It is fully interoperable, just not by the method you’re used to.

You can host your own partial appview now (caching and indexing your and your friends’ comment), and multiple people have managed to run their own relays for cheap (caching most of the posts in the network), and you can pull the rest of data you need to browse from the other relays and use the service as usual. You can run your own moderation labeler, use your own app, just your own account, etc…

Just look at the interoperable blacksky project by a bunch of black devs making their own infrastructure for accounts and moderation, etc.
⁨Comment⁩ on ⁨X is now offering me end-to-end encrypted chat — you probably shouldn't trust it yet | TechCrunch⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
There are hardware for that called hardware security modules, but yeah I definitely wouldn’t trust Twitter’s implementation - especially because they probably just need the auth team to tell the HSM that the user logged in when they didn’t to get that key
⁨Comment⁩ on ⁨White House joins Bluesky and immediately trolls Trump opponents⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Use DID:Web for your account ID with a TLD not under US control, and you get that today.
⁨Comment⁩ on ⁨White House joins Bluesky and immediately trolls Trump opponents⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
One of those right wing instances started with federation, but after getting counter trolled, mass blocked, and then mass defederated, they called sour grapes and disabled federation
⁨Comment⁩ on ⁨Australian Government gets a taste of what everyday people have to deal with in terms of data breaches as Prime Minister Anthony Albanese's mobile phone number released online⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Literally just use existing standards (STIR/STUN) with some filtering by source network, etc
⁨Comment⁩ on ⁨4chan fined $26K for refusing to assess risks under UK Online Safety Act⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ofcom, famously a part of EU since brexit
⁨Comment⁩ on ⁨Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You should be clear with the difference between link encryption and application encryption here
⁨Comment⁩ on ⁨The Steam Controller's stick is upgradeable!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You need a docking station for it
⁨Comment⁩ on ⁨Xbox consoles and games will no longer be sold at Walmart and Target, according to employees⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Current Valve is trying to do what Google used to do with the Nexus phones. They’re setting a minimum standard for other companies and showing what the experience can be like.
⁨Comment⁩ on ⁨Happy 20th anniversary to the Corrupted Blood incident!⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
A well fitted N95 mask protects both you and others
⁨Comment⁩ on ⁨Punch Time⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Meanwhile, Microsoft translating the state of a setting being disabled as “handicapped”
⁨Comment⁩ on ⁨The demise of Flash didn't bring any big HTML5/JS equivalent for watching animations; fast internet and better video compression made those types of animations become raster videos as well⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Flash the tech sucked.

Flash content editors and communities sharing info about how to use it is where it was at. That was what was driving the creativity.
⁨Comment⁩ on ⁨It would have been really funny if a video game ejected the disk if you lost too many times⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You can still softlock preventing progress in many, unless you’re in a fully free mode
⁨Comment⁩ on ⁨How much is the fish?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Jeopardy
⁨Comment⁩ on ⁨Whoa! Windows 7's market share surged, tripling in users last month⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
FYI if you have disk encryption enabled you need to pause/disable it first (assuming you’re using automatic unlock using the TPM, which usually is the default)
⁨Comment⁩ on ⁨U.S. solar will pass wind in 2025 and leave coal in the dust soon after⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Still less than the competitors
⁨Comment⁩ on ⁨IT'S A TRAP⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
That’s like just your axiom man
⁨Comment⁩ on ⁨Google's shocking developer decree struggles to justify the urgent threat to F-Droid⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
You’re responding downthread of QubesOS being mentioned

Sure it’s hard to get that kind of security onto mainstream distros. But it exists.
⁨Comment⁩ on ⁨BREAKING NEWS: We did it, guys! 20 poptarts!⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Save them for future stacking attempts
⁨Comment⁩ on ⁨BREAKING NEWS: We did it, guys! 20 poptarts!⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Exponential growth
⁨Comment⁩ on ⁨BREAKING NEWS: We did it, guys! 20 poptarts!⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
You have to bring the seeds first
⁨Comment⁩ on ⁨Should Neutron Stars be Added to the Periodic Table?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
abc.lbl.gov/wallchart/chapters/03/2.html

I got stuff mixed

In beta minus decay, a neutron decays into a proton, an electron, and an antineutrino: n Æ p + e - +. In beta plus decay, a proton decays into a neutron, a positron, and a neutrino: p Æ n + e+ +n. Both reactions occur because in different regions of the Chart of the Nuclides, one or the other will move the product closer to the region of stability. These particular reactions take place because conservation laws are obeyed. Electric charge conservation requires that if an electrically neutral neutron becomes a positively charged proton, an electrically negative particle (in this case, an electron) must also be produced. Similarly, conservation of lepton number requires that if a neutron (lepton number = 0) decays into a proton (lepton number = 0) and an electron (lepton number = 1), a particle with a lepton number of -1 (in this case an antineutrino) must also be produced. The leptons emitted in beta decay did not exist in the nucleus before the decay–they are created at the instant of the decay.