Nostr

jared

b726e71bce585201181ace89326ae428406cee071395f9bf12b62b62d0449b23

Cybersecurity. Identity. Powershell. Class of 2013. Degree in Bending from Bending State.

I don't mean to brag, but I've met at least 3 Dan's from Nostr. Some may think that this is how we win, one Dan at a time.

Fourth Dan is where it’s at

Tae Kwon Do… anyone? Bueller?

I’ll just show myself out.

Bro gentle parenting is so cringe lol

I’m listening to a mother have a struggle session with her unruly toddler, sometimes you just gotta pick these kids up and be like cut the shit.

I saw a neighbor allow her 5-6 year old son decide to not get on the bus to kindergarten on the second day of school.

Children are not ready to make their own decisions about never leaving their comfort zone. Who’s the parent?

I’m a parent of 4 from 4 years to 12 years old so I speak from experience.

I’m ENTJ

INTJ

Replying to Swift⚡️

Name a song that mentions a train

Superman’s Dead by Our Lady Peace mentions the subway several times

Replying to Swift⚡️

Name a song that mentions a train

Downtown Train by Rod Stewart

Replying to Swift⚡️

Name a song that mentions a train

Lit Up by Buck Cherry

Replying to Swift⚡️

Name a song that mentions a train

Manic Monday by The Bangles

Replying to Swift⚡️

Name a song that mentions a train

The Gambler by Kenny Rogers

Nostr needs key rotation like Bluesky, where you can rotate your compromised client key using your compromised master key to a new key, all by just clicking buttons that will instruct a compromised cloud server to perform signatures that no one will ever see and that no other user will ever check.

Without that it will remain an absolute joke.

I said this a long time ago

GM

Do you ever dream about code? It seems to happen sometimes when I'm working through building logic for something. I end up dreaming about it and sometimes even end up figuring out the best method forward 😳

Yes i solved a problem this way. I was trying to figure out how to generate a password that would always pass complexity requirements without reducing the entropy.

I woke up that night with the simple solution immediately top of mind…

just a loop that generates a random password, then tests it for complexity. If it doesn’t meet complexity requirements, loop again. If complexity test succeeds, return that as the generated password. (And a max loop count to avoid infinite loop conditions, of course.)

How many of these events do you believe official narratives/history got right?

- JFK assassination

- 1969 manned moon landing

- 9/11 attack

- Epstein killing himself

- 2020 US election

- Covid "pandemic" and response

Moon landing can be verified visually from earth with telescopes or lasers

Twitter was famously told it couldn’t scale too.

If you can’t scale storing and transmitting text with computers, then you’re not good at computers.

Thanks to Pi-hole (primary DNS server for privacy) and AdGuard (secondary and tertiary DNS servers for protection when pihole is down) my network is so much faster than people without network level blocking.

If you can’t run pihole just plug the AdGuard DNS servers into your Wi-Fi configuration. The family servers also block adult content for family friendly internet access.

Small StarWars inspired build.

Nice. Zapped

**Music industry’s 1990s hard drives, like all HDDs, are dying**

The music industry traded tape for hard drives and got a hard-earned lesson.

https://arstechnica.com/gadgets/2024/09/music-industrys-1990s-hard-drives-like-all-hdds-are-dying/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

#tech #storage #music

The hard drive lasts longest that never stops spinning.

Many long experienced IT people have known this for 20 years.

I believe it is per controller, but I haven't personally verified that.

For Qubes in particular, I already have USB isolation from dom0, which can control anything, but without a PS/2 keyboard, an exception needs to be made to give the USB device access to dom0. Having a USB -> pS/2 adapter solves that. This provides some protection against a compromised sys-usb VM.

The risk of sniffing a FIDO2 device which is unlocked by entering a pin directly to the device (e.g. Trezor) is pretty minimal. The challenge is sent to the FIDO2 device, it gets back a signed transaction. At most, a malicious USB device that nabbed that could use the one session to each system that you log into.

The risk for a Yubikey, Nitrokey or Signet is a little higher. The attacker could get your device unlock password, but unless they have physical access, they won't be able to use the device or dump the entire database. If an onlykey requires a physical button press to get each password, the same would be true there.

For the password managers, the attacker would also be able to get each password that you actually use, and if you used the device to also provide the URL and username, they'd have everything they need to get persistent access to that account (assuming you don't have any 2FA set up). In contrast the FIDO2 devices only leak tokens that can be used to get a single session, so they're safer than password managers.

Back to the question at hand: should you isolate these devices to their own controller (assuming that works as expected)? That depends on your threat model and risk tolerance.

If you're trying to protect against someone with physical access to all your stuff, then yes. If not, then it depends on how much effort you want to put into it. A $40 USB card for a desktop is pretty reasonable. Trying to do this on a laptop would probably be a huge amount of trouble. For example, many models of the Microsoft Surface only have one USB port and no real room for expansion. So good luck with that one. Only plug one USB device in at a time, I guess?

In any case, you now have the information you need to make an informed decision. 🤓

Yubikey biometric models mitigate sniffing the unlock PIN from the computer since it is fingerprint unlock.

Current yubikey biometric models are FIDO2 only, multi-protocol (FIDO2, PKCS#12, etc) biometric models are “coming soon”

The DNC was a celebration and huge relief to Democrats who wanted a candidate who would run an actual campaign. Unfortunately for people who oppose genocide, there was very little concrete to bring justice to Palestine.

nostr:note1kx9tngdxq9x7cj9ft0gltvp9mnqpt62yjm5nnldw87umjwc8s78spvp0mn

To what campaign are you referring exactly? She’s never gotten a single primary vote. She’s been selected by the DNC leadership with no regard for democrat voters.

Any #lego fans out there?

Here’s the dualie pickup truck and car hauler I designed

Let’s go with some new #nostr content!!!

I have a 100 sats for original #lego builds replying to this with pics. I’ll try not to cap the number of zaps but this is my first #bounty so we’ll see how it goes.

I propose anyone interested in Lego follow and use the #brickstr hashtag.

I’ll start with this dualie pickup with car hauler trailer. It’s my own design but I likely stole some exterior aspects from designs on bricklink or rebrickable.

Scale is 8 knobs (wide) and the trailer is for hauling the current speed champs of same scale.

The vanity key I want takes 283 years to find in my M2 Max. So... I need ideas.

We didn’t use the secp256k1 curve for nothing. If you want weaker curves, NIST has a couple.

Load More