Show more

on the other hand if you host a server that needs to be secure, you should use ecdsa keys and disable all ciphers except the half a dozen safe tls ones

One of the things I’m starting to realize is that Googlers are unwilling to grapple with the ways that their company has transformed the very meaning of privacy.

all chibi scheme tagged releases that have a plan9.c file segfault when run

maybe they work on arm32, but i'm too lazy to reboot and i've read that its initial release did work, so time to dig deeper into the source

perusing the Fedco seed catalog and found the 4 freedoms for free software repurposed for seeds!

"OSSI (Open Source Seed Initiative) opposes intellectual property (IP) provisions
that restrict what OSSI has identified as the four seed freedoms:
1. The freedom to save or grow seed for replanting or any other purpose.
2. The freedom to share, trade, or sell seed to others.
3. The freedom to trial and study seed and to share or publish information about it.
4. The freedom to select or adapt the seed, make crosses with it, or use it to breed new lines and varieties."

love it!

@technomancy (It's why I /do/ trust the Fediverse, more or less, in this regard: totally different people are handling the protocol stuff versus implementations and sometimes others still are running the various flagships of those implementations. @garbados

Mozilla Firefox 72.0.1 Patches Actively Exploited Zero-Day

Mozilla released Firefox 72.0.1 and Firefox ESR 68.4.1 to patch a critical and actively exploited severity vulnerability that could potentially allow attackers to execute code or trigger crashes on machines running vulnerable Firefox versions.

@garbados it's possible I'm overestimating the difficulty of porting an exactly-like-node json serializer, but yeah it feels more like a neat single application than a useful platform/protocol to build other stuff on.

@garbados well, for bittorrent to work, you have to have one canonical hash for a given piece of data, right? the problem was that while JSON is a decent format for general interchange, it lacks that property, but they used it anyway.

because dat has had only the one reference implementation since it was created, it was an easy mistake to make early on, and now it is too late to fix. and that mistake ensures that no alternate dat implementations can arise, cementing the problem in place.

@garbados doesn't dat rely on having an exact byte-for-byte works-like-node json serializer? I thought you couldn't get the needed guarantees about hashes without that.

4 hours of compiling and then an error.

It might just be easier to write my own neural network.

Show thread

There shall be no sub-governments in the benevolent anarch collective.

generating 2048 bit safe primes takes a really long time on a Raspi 3B+

I remember reading 1984 in the mid 00s and thinking "why would there ever be TVs with microphones and cameras? that's absurd." you probably know what the punchline is.

Downloaded 300MB backup of my media uploads to mastodon just so I could grep the 3MB text file in the archive for the boiler cheat code I posted last year and suspect I might be needing again soon (boiler controller is displaying strange messages, but no beeps yet, and heating is still operational...).

> We have computed the very first chosen-prefix collision for SHA-1. In a nutshell, this means a complete and practical break of the SHA-1 hash function, with dangerous practical implications if you are still using this hash function. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1. Check our paper here for more details.

Show more

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.