Several years ago, there was a flap in the fediverse when someone mentioned being part of infragard (a public/private partnership with the FBI) for securitng infrastructure.
My comments about CISA members joining infosec.exchange have rekindled those flames, with instances now apparently blocking infosec.exchange because their members have a legitimate reason to fear the US government. We also have accounts owned by the CERTs of several countries, and even the EU. It's disappointing, however I understand the reasoning. I am posting this so that infosec.exchange accounts, along with others in the community, have a chance to move accounts, or institute their own blocks, as necessary.
It's becoming clear to me that some parts of the fediverse may be incompatible with each other. Not for technical reasons, but for philosophical ones. That makes me a bit sad, particularly in the case of CISA, who are doing their level best to improve the security and resiliency of technology that underpins modern civilization.
If this is the lsat message your instance sees from me, be well. If you chose to move to a new instance that blocks this one, I appreciate you have been here and hope the experience was good.
Go forth and do good things.
Reboot RHEL box only when #Linux kernel installed with Ansible playbook https://www.nixcraft.com/t/reboot-rhel-when-linux-kernel-installed-with-ansible-playbook/4403
Pretty interesting project in the space of #container #networking: passt (https://passt.top/passt/about/), which lets virtual machines or containers (or even namespaces) access the outside world without requiring elevated privileges!
While developing the PoC I left a TODO for the r != 0 and s != 0 checks, a bit also to make sure we had tests for it.
I was pretty concerned when all tests passed! That's what led to the terrible Java ECDSA vulnerability!
But no, my code was not vulnerable because by design in nistec you can't take the x-coordinate of the point at infinity (as there is no such thing), so it was just impossible to do it wrong by construction, even without the explicit checks ✨
Il serait temps que l'état se préoccupe de la souveraineté de sa communication sur les réseaux sociaux et ne dépende plus de régies publicitaires privées gérées par des tarés outre Atlantique.
Quel.les député.e pourait porter une loi pour que l'état mette à disposition un serveur public de microbloging officiel sur le Fediverse (interopérable) utilisable par les élus ?
Ce serait aussi l'occasion de promouvoir les licornes libres françaises (Framasoft, Peertube, Mobilizon)
⚠️ CVE-2022-37454 - Buffer overflow in the #sha3 module in #Python 3.10 and older 🐍 https://python-security.readthedocs.io/vuln/sha3-buffer-overflow.html #security
🤦♂️ when you try to access your #Keybase account and realize that it was linked to your laptop you've just reinstalled 😭
👉 Account hard reset it is 🤷
Sysadmin/DevOps and IT automation addict at IN2P3-CC
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!