wno boosted

Mozilla updated its recommended configurations for server-side TLS:

wiki.mozilla.org/Security/Serv

Modern configuration:
– TLS 1.3 only
– ECDSA certificate
– X25519, prime256v1, and secp384r1 curve

#mozilla #tls #https #tls13 #ecdsa

wno boosted

If you cat /dev/urandom forever it eventually outputs a secure version of wordpress.

wno boosted

Now you don't have an excuse for not using a synth in your Linux intros anymore. gitlab.com/PoroCYon/4klang-lin

wno boosted

Mozilla is shutting down their IRC servers and moving to Discord, a proprietary chat service.

Hey Mozilla, aren't we forgetting something here? Our very own "Mozilla Pledge for a Healthy Internet” states:

> Principle 2 The internet is a global public resource that must remain open and accessible.

> Principle 6 The effectiveness of the internet as a public resource depends upon interoperability (protocols, data formats, content), innovation and decentralized participation worldwide.

wno boosted

Would all staff please note the new #password policy. Employees' mothers' must change their maiden names every 90 days.

wno boosted

Mark lost his mind. Just 2 weeks after admitting it stored hundreds of millions of its users’ own passwords insecurely, Facebook is demanding some users fork over the password for their outside email account as the price of admission to the social network. thedailybeast.com/beyond-sketc

Now this is a cool way to make music!

"The Saddest Drone Machine - HP 3782A Error Detector" on YouTube
youtu.be/19KbrTpgiEM

wno boosted

Few games are so influential, even in the year 2019 standard TPC/UPD ports are still reserved for it

wno boosted

@Gargron are there any plans to improve the moderation tools in Mastodon? Our instance has just been hit with a rather large spam account campaign and the only way to clean them up is to go into each profile one at a time and suspend them.

Bulk action functionality is desperately needed. Some kind of integration with services like "StopForumSpam" would also be beneficial.

wno boosted

Please #StopUsingMedium. It’s really annoying and makes me not read your content, no matter how good it is. Not specific for this author. This a general statement.

Some banks are trying to standardize an intentionally weak variant of TLS that enables easier tapping of encrypted communications. Just so that they don't need to overhaul their legacy security architecture based on capturing all traffic on the wire. The discussion in IETF was an interesting read.

eff.org/deeplinks/2019/02/ets-

mailarchive.ietf.org/arch/msg/

wno boosted

To elaborate on this, here's an algorithm how to DDoS someone and break the Matrix network at the same time:

* Get a domain
* Get a wildcard certificate
* Spawn a stripped down instance with $randomname.yourdomain.org that can only talk to matrix.org.
* Send a join to #matrix:matrix.org
* Redirect $randomname.yourdomain.org to your target you want to DDoS
* Kill the instance, repeat with another $randomname

Now 2000 - 5000 servers will constantly hammer your target with TLS handshakes.

for developers: If you're not exercising regularly you need to start right now! Also, if your office gives you a standing desk, use it!

Having a stiff back and eating painkillers for several days is NOT fun.

wno boosted


Hi, I'm giving mastodon another go, this is like the third time I'm coming to mastodon to try things out.

I am a code quality engineer who writes spaghetti code on personal projects. Guess that defines me pretty well ( ̄▽ ̄)ノ

wno boosted
wno boosted
wno boosted

Hi,
I'm a developer into system programming on GNU/Linux. I find native development most rewarding but I occasionally dabble in web development too. I'd like to learn more about computer science. I'm also curious about graphics programming and demoscene. I also enjoy good stories and fiction.






wno boosted

tinywl has been merged into the wlroots tree:

github.com/swaywm/wlroots/tree

If anyone is looking for a simple example compositor based on wlroots, here it is. It's in the public domain too so use as much of the code as you want to bootstrap your own compositor project!

wno boosted
Fosstodon

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.