Researchers from UC San Diego and Purdue University have discovered a hidden feature of Intel processors that can be used to significantly increase security, including shutting down an entire class of Spectre attacks that can give an attacker secret …
A keynote by @b0rk at a developer conference about how the #DNS works. But it is not just about the DNS, it is also about how to approach a new and complicated technology. Very surprising. (And the demo is live!)
A new research paper explains vulnerabilities in AMD SoCs that could let attackers neutralize any security from their TPM implementations. The attacks can expose any cryptographic information...
lewdieheaven [dot] com new pawooesque instance whose admin believes that soliciting child porn and admitting to watching it is bounded by free speech hosts sexualised images of teenagers of questionable age
receipts available on request but to be honest i don't wanna attach them here
Last week, the laying of submarine cable Natitua Sud has begun and should be completed with its landing in Tubuai on May 15th, should the weather be favorable.
The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation.
The remote repeater control agent will follow soon, I'm still adjusting some functions and the installer. Also the protocol specification needs to be completed and proofread.
With the growth of the regional repeater network, fellow hams asked for an easy way to control their repeaters. Here is version 0.1 of that product, which is able to manage a list of repeaters, then to send various commands (ping, change room, disconnect repeater, enable or disable repeater logic, reboot the system).
Next version will be shipped with proper privilege separation, group ACL management, and a few refinements.
Key moments: 0:00 Repeater agent running on our test stub. Network has just been cut, to show that connectivity loss can be recovered. 0:33 Repeater agent recovering its connection to the control segment. 0:39 Connecting to the management interface 0:44 Browsing through the repeater list. 0:49 Showing the repeater properties editor 1:05 Ping demo with our test laptop which is connected with user 'f4hof-s'. The UI shows a notification toast to confirm the "repeater" has acknowledged our command. 1:19 Changing conference room 1:34 Rebooting the remote system. Command hasn't been acked because the system rebooted too quickly. This will be fixed in the initial release. Please notice that the notification toast shows a warning as the command hasn't been confirmed.
With the growth of the regional repeater network, fellow hams asked for an easy way to control their repeaters. Here is version 0.1 of that product, which is...
With the growth of the regional repeater network, fellow hams asked for an easy way to control their repeaters. Here is version 0.1 of that product, which is able to manage a list of repeaters, then to send various commands (ping, change room, disconnect repeater, enable or disable repeater logic, reboot the system).
Next version will be shipped with proper privilege separation, group ACL management, and a few refinements.
Key moments: 0:00 Repeater agent running on our test stub. Network has just been cut, to show that connectivity loss can be recovered. 0:33 Repeater agent recovering its connection to the control segment. 0:39 Connecting to the management interface 0:44 Browsing through the repeater list. 0:49 Showing the repeater properties editor 1:05 Ping demo with our test laptop which is connected with user 'f4hof-s'. The UI shows a notification toast to confirm the "repeater" has acknowledged our command. 1:19 Changing conference room 1:34 Rebooting the remote system. Command hasn't been acked because the system rebooted too quickly. This will be fixed in the initial release. Please notice that the notification toast shows a warning as the command hasn't been confirmed.
Coming soon: remote control of analog repeaters through #Hamnet. cc @Fred F4EED/KI7QQP Control plane uses MQTT, either in fire and forget mode, or with reliable delivery and explicit command acknowledgement. #hamr #hamradio
With the growth of the regional repeater network, fellow hams asked for an easy way to control their repeaters. Here is version 0.1 of that product, which is...
Just a little WIP from my messy workshop (should see the other half of the table). Got the idea for pride month, but will probably have them in a shop earlier. Now.. what flag to create next?
Coming soon: remote control of analog repeaters through #Hamnet. cc @Fred F4EED/KI7QQP Control plane uses MQTT, either in fire and forget mode, or with reliable delivery and explicit command acknowledgement. #hamr #hamradio
Version 1 will include reboot, disconnect, change module, ping and RF kill/restore commands, version 2 will allow remote config provisioning. #hamr #hamradio #hamnet
Coucou @MilkyWan - AS2027 est-ce que vous avez des retours en terme d'expérience et d'accidentologie en ZTD sur le secteur de St Etienne, Loire? Disons que les bruits sur le basculement des abonnés en CGNat chez Orange motivent à chercher mieux :)
Do foxes obey Bose-Einstein statistics, in which case their spin quantum numbers would be +1 and -1, or do they obey Fermi-Dirac Statistics, +1/2 and -1/2?
If the latter, it is possible that the fox is a Majorana fermion, in which case a fox of the opposite spin would be its antiparticle.
HKDF is commonly used to derive key material just in time for its application. However, as a cryptography tool, HKDF is severely under documented and lacks prescriptive examples for intended use.
A large-tech blog shared their HKDF application and I identify several issues with its implementation. Inside is an anonymized version with critiques and improvements.
Petite astuce si vous souhaitez faire basculer votre TIC en mode standard sur votre compteur Linky en étant client.e EDF:
Contacter le 09 69 32 15 15 puis choix 1, 2 puis 4. Si le conseiller ne connait pas la procédure, dites lui de faire une F185 sur le site SGE en choisissant le mode standard. Préciser que la procédure a été confirmée précédemment avec le groupe TD.
Appeler de préférence en période creuse (temps de midi par ex). Normalement, le changement devrait être effectif la nuit suivante.
La bascule a bien eu lieu cette nuit. La seule grosse différence que j'ai trouvée, c'est que la puissance apparente a un digit de précision en plus. Vu que j'ai un contrat de base, ils ne m'ont pas activé la vue de la puissance réactive :/
Tu devrais avoir quelques mesures en plus, comme Urms et Irms. J'ai pas non plus la puissance réactive, les linky savent la mesurer ? Perso je dérive le compteur de consommation pour avoir la puissance active, ça marche plutôt bien
@Emmanuel Caillé la puissance réactive est indiquée pour les contrats <= 36kVA avec l'option production, d'après ce que j'ai pu lire. Ça ne remonte pas d'après zigbee2mqtt, en tout cas.
Pew Pew Lasers (Final episode?) 18J/cm², 3ms, ø15mm We definitely caught more hair this time. I've got an appointment in 5 weeks, that might be delayed or canceled if everything goes according to plan 💜
DICOM is the medical image format, very TIFF-like. Its preamble makes many polyglots possible, including TIFF-DICOM sharing the same image data. It doesn't tolerate appended data - but just append a "private" tag if needed.
Every company saying that their data is encrypted at rest with "strong encryption" is saying nothing. It's a free, effortless and shameless statement to boost the org's false security posture to the untrained masses. It's even worse when they say it to justify that their security was sufficient after a breach.
Encrypted data at rest just means they use the cloud. It's standard cloud practise. They give it basically for free at a button toggle. "Using military grade encryption" yes I know it's AES. That shouldn't make you feel any safer. Optus even said their unauthenticated API was protected by double layers of encryption! (TLS in transit and AES at rest!). That meant nothing, and did nothing to protect their breach. Why?
Because the threat models that encryption at rest protects against is someone walking into some data center and grabbing hard drives. And no one does that. Every piece of encrypted information stored by your business is constantly decrypted at some point for use - especially customer and production data. Any attacker who compromises your employees with access to cloud resources, or an application/system with access to those cloud resources will have credentials and permission to decrypt the data. Because at the end of the day encrypted data is just as useless to you as it is to the attacker.
when we, 1Password, talk about our layers of encryption we don’t even mention the encryption that comes free with AWS. What matters is data encrypted with available only to our users.
yea no, I get that, and SRP is not in the typical encryption bullshit list that I meant. 1password being a password manager obviously needs to have its encryption described on the tin, in technical detail, which it does quite well.
@h4sh, thank you. I wasn't taking your post as being about us. I, too, get very irritated when services call "encryption at rest" is a defense against an exceedingly narrow threat. (Someone walks away with the hard drives.)
I get even more irritated when auditors and the like conflate that with what we do.
- "How obscure are your musical tastes?" - "Well, today I found out I've got a full shelf of CDs the national library in charge of the mandatory deposit in my country does not even have in its database, which lead me to read back the law to ensure I wasn't liable to a hefty fine."
tbf I share 99% of my library being online daily. But I still keep a few exclusive recordings which I know are either very rare to come by or shit I recorded from livesets from when I used to work as a sound engineer.
The rare records no one would actually be interested in, the live sets could easily be tied to me if they happend to leak on yt or something.
Note this is a choice some IT person made years ago and nobody realizes is optional, or something is actually broken and people just got used to it. Re-Auth could be entirely seamless if they wanted, or only enforced for certain apps. This is not intrinsic.
Something I see a lot is people accepting bad IT experiences as mandatory. Like this is life, get on with it. But this isn't remotely true. It's a choice, sometimes just not a choice an organization realizes it has. I have to be the person calling bullshit on stuff because I know. Because I understand what's normal outside the org, or I have literally done their job before as an IT Generalist.
The business malaise in accepting deteriorated user experiences is frankly shocking. You're being led like a dog by people who aren't being challenged to do better. Who often are not stupid and can do better, but have no mandate to venture it.
Honestly, one good thing for 2023 would be to set back up a blog, importing my old articles, doing old links management and posting at least once per month.
can't wait for 2050s ham radio repeaters where instead of old guys talking about the wife or whatever diseases they have, there's a bunch of trans girls complaining about drama in their polycule
Kevin Beaumont
in reply to Kevin Beaumont • • •Kevin Beaumont
in reply to Kevin Beaumont • • •