Sure, you could better automate this with OpenBao (not OpenTofu funnily enough)
You’d generate and sign your own root cert. Then manage all following changes with OpenBao as PKIs https://openbao.org/docs/secrets/pki/quick-start-root-ca/
Deeeep rabbit hole here https://openbao.org/docs/secrets/pki/considerations/
If you are Alphabet please get the fuck away from everyone
Doesn’t matter, categorize it as other and submit the domain name and any public IPs associated.
If they’re using cloudflare as a DNS proxy you can report them there too. You’ll know from a who is against the domain if it’s a cloudflare IP
Don’t stop… I’m almost there
I also rammed 10cc spikes at the back of the bus, the world needs organ donors and motorcycles provide a great service for that. Hope your EMT career was short lived but rewarding.
Enterprises? Hire capable SecOPs to staff your SOC and pay for audits by licensed firms.
Individuals? Patch your shit. Setup MFA that’s not your cellphone.
Governments? … *Rodney_Dangerfield.gif
As a fellow meat crayon I agree
Jokes on you, I don’t have any lips!
Nobody drives in NYC there’s too much traffic
perhaps with some Led Zep-type analogues
I just use this
I’m lucky to have only had one system nuked by a faulty power supply that shut down during a kernel update.
I usually just reinstalled back then. But I didn’t get into it till the late nineties. Back when Ian was still on the list serves.
Unless you mean nuking the OS or borking the bootloader. Then yeah, countless.
Right?! This is why I love the Fediverse and FOSS.
Have a good night/day
Hope you find new fun ideas as well!
I think that’s by design and the nature of the setup. Anyone with the URL can communicate.
If your other comms method is compromised this doesn’t have much use. Which is a different problem all together. I think this would work great as something like a deadrop so two completely faceless people can communicate. I like it a lot.
I don’t know yet. It’s more a thought experiment than anything else.
https://github.com/muke1908/chat-e2ee
Looks like the URL is part of the seed and salt which is cool.
Proving who you are is done in another stream. Like MFA.
You do a one time pad, generate the URL with that. Communicate what’s needed, then the URL dies.
I’m still noodling with it.
Just because I and my family benefit now, doesn’t mean it’ll stay that way. Also again, I don’t want to support or platform an app that charges others, who are not me, to share their own collection.
If they want to charge for the Plex TV or Plex Movies they host, and leave the app free of cost for a person’s own personal collection to be shared. That’s fine.
I have no confidence that’ll happen though.
I still don’t see how
swap to a modified JS that exfiltrates the e2ee key
or
add additional keys
Wouldn’t significantly change the recieved hash and break the stream thus ending comms. Also unless you’re hosting and building it yourself you have to trust the recipient and the cloud host.
I agree if an attacker owns the server comms can be compromised. I thought that was the benefit of the ephemeral nature. It’s for quick relay of information. Best practices would probably include another cypher within the messages themselves like a one time pad or some such.
https://www.itstactical.com/intellicom/tradecraft/uncrackable-diy-pencil-and-paper-encryption/
I don’t see anywhere where I can see the source code of that build. Not saying it’s a bad project just that I’d like more transparency.
I’m more trusting of the debloat scripts that I can read and inspect. https://github.com/Raphire/Win11Debloat