quick_snail

@quick_snail@feddit.nl

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
You didnt read what I wrote. The security problem is how it downloads layers. It doesn’t verify them.
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Dude, just search the github for “docker content trust” and you can read all the issues. I’m not making big claims that aren’t known already by the devs
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
What you just described cannot be done.
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Checksums are not for security. You need signatures. I’m not making claims that aren’t clearly documented.
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Yeah, that’s the insecurity I’m talking about.

If you want to know how to implement this properly, look at apt. Its a known issue in docker; they just haven’t prioritized the fix yet ?DCT)
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Hahahahahaha good luck.
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
I think that has the same problems, no? Or does podman do signature verification on all the layers it downloads from the container repo?
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Yes. It predates aws lol
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Doker pull is insecure

It’s the download that’s not verified
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Matomo*
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
What’s the advantages over awstats?
⁨Comment⁩ on ⁨Rybbit - Open source Google Analytics replacement⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Docker is a security risk. Is it possible to install securely?
⁨Comment⁩ on ⁨Gmail can read your emails and attachments to train its AI, unless you opt out⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
You’re doing it wrong
⁨Comment⁩ on ⁨Gmail can read your emails and attachments to train its AI, unless you opt out⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Lol wut. Everyone on proton does, and half of my work contacts do
⁨Comment⁩ on ⁨Gmail can read your emails and attachments to train its AI, unless you opt out⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
don’t. Its the hardest thing, next to maintaining the office printer.

We outsource that shit for a reason.
⁨Comment⁩ on ⁨Gmail can read your emails and attachments to train its AI, unless you opt out⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
- unless you use pgp
⁨Comment⁩ on ⁨Gmail can read your emails and attachments to train its AI, unless you opt out⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
I opted out by deggogling 10 years ago…
⁨Comment⁩ on ⁨Open Source Developers Are Exhausted, Unpaid, and Ready to Walk Away⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
More likely, people’s work will get thrown into the bin because its poorly licensed.
⁨Comment⁩ on ⁨Open Source Developers Are Exhausted, Unpaid, and Ready to Walk Away⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Fuuuuck that!
⁨Comment⁩ on ⁨Open Source Developers Are Exhausted, Unpaid, and Ready to Walk Away⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Anus Linux, you say?
⁨Comment⁩ on ⁨Is it normal to see this static when you close your eyes?⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Just don’t snowcrash
⁨Comment⁩ on ⁨Cloudflare is down this morning ⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:

Unable to parse the request
⁨Comment⁩ on ⁨Cloudflare is down this morning ⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Thet got DOH?
⁨Comment⁩ on ⁨Cloudflare is down this morning ⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
PSH, I can’t even pass those shitty captchas when their online. Its just an infinite loop.

As soon as I see s site is behind a cf captcha, I close the tab and go to a different site
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
OCR works fine. Pixel signatures like fucked TI and Reality wouldn’t get picked up
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Text documents can be retyped lol.
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
And we have ways to strip it. Yawn.
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
This should be the top comment
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Dude, it changed a ton. Facebook was http only back then. Huuuuuge roll-out of encryption followed the Snowdon leaks.

It lead to massive increases in secured public infrastructure.
⁨Comment⁩ on ⁨How has there not yet been a leak of the Epstein files? Surely there is someone with access to them that could have been subject to worldwide pressure to let something out.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Metadata can be scrubbed.