Kyle Rankin @kyle@librem.one
- Personal Site
- https://kylerank.in
- Personal Bibliography
- https://kylerank.in/writing.html
Admin
Purism President. Linux security & infrastructure geek, author of Linux Hardening in Hostile Networks, ex-Linux Journal writer
PGP: 0DFE 2A03 7FEF B6BF C56F 73C5 B9E
Joined Apr 2019
Most "duress mode" safeguards are misguided movie threat fantasies, would put you at more risk in real life. Instead, cross borders w/o sensitive data, comply w/ searches w/o smuggling. You are a bad liar, customs agents are pro lie detectors. #infosec
I've been critical of elastic in the past for making basic security like TLS part of their paid Enterprise software. I'm happy to see them open up these security features now: #infosec https://www.elastic.co/blog/security-for-elasticsearch-is-now-free
This last week all Firefox addons were accidentally disabled due to issues in Mozilla certs. Many security measures out there require full, unrevokable trust in the vendor for them to work and this is a great example of the risks with that approach. Imagine if that ever happened with SecureBoot... #infosec
This is arguably even more impactful than NIST's upgraded password policy recommendations, because far too many in IT ignore modern #infosec thought on password policy (among other things) and just apply the Microsoft recs. #defaultsmatter https://arstechnica.com/gadgets/2019/04/password1-password2-password-3-no-more-microsoft-drops-password-expiration-rec/
- Personal Site
- https://kylerank.in
- Personal Bibliography
- https://kylerank.in/writing.html
Admin
Purism President. Linux security & infrastructure geek, author of Linux Hardening in Hostile Networks, ex-Linux Journal writer
PGP: 0DFE 2A03 7FEF B6BF C56F 73C5 B9E
Joined Apr 2019
