m0xEE @m0xee@librem.one

@kaia @grillchen
Kaia's perfect procrasterclass 🤪

@kirby

@splitshockvirus @tadano
What is this a reference to? 🤔

@feld @Hyolobrika
On one hand, Gemini might change this tradition — or rather create its own tradition, but on the other — in Gemini you simply don't have to deal with the same problems simply because of smaller user base and greater decentralisation. No government to my knowledge is willing it be MITMing Station, but I'm pretty sure there are quite a few willing to do that to Twitter or YouTube 😏

@feld @Hyolobrika
Another problem with HTTPS and self-signed certs is that while Firefox was created in the days when self-signed certificates weren't considered bad. However, relying on centralised authorities became a tradition since, so newer software might be designed differently, e.g. rustls which has become the dominant Rust crate for TLS stuff, doesn't allow handling TOFU and self-signed certs cleanly: https://github.com/rustls/rustls/issues/435 for them it's "dangerous_configuration" 😩

@Hyolobrika
It does — and it does have infrastructure for that, but as PGP has much smaller user base, keeping it up it isn't a problem.
Also, AFAIK while it is possible to revoke your certificate, you can't just update the entry in this DB if your key gets compromised in a straightforward way — as far as I recall, it involves jumping through lots of hoops.

@iska @stuff
Even in Moscow there are very few that make good ones 😩
I don't know the situation might have improved recently, but for… reasons I tend to thing that it only got worse 😅

@iska
https://mastodon.ml/@neural_meduza/113098752175387226

@ChezRD Господа, это про вас? 😂

@neural_meduza

@neuro_opennet
Ещё как могут! Просто они получаются не очень-то «микро» в этом случае 😆

@charlie_root @dcc @realman543
True, you're less vulnerable this way, but you might want to connect an external drive to it or whatnot. There were all sorts of exploits: via autorun.inf, desktop.ini and thumbs.db, remember? With Windows you never know what to expect.
Keeping threats DB updated is still a good thing IMO, feature update indeed only make things worse at this point.

@kaia @lanodan @lebronjames75
Could be their workshop… which might be part of their home… or not 😄

@theorytoe
Don't forget to use sha1 hashes as names 😜

@newt
Damn, indeed that's what they did: it only shows me the thumbnails, but I can't download the media itself 😩
Hate this shit! I will host my own Matrix server on an old PowerMac G5, they Python implementation — because Go is broken. And make everything available in plain text! 🤪

@newt
I wonder why this broke the attachments in iamb client, which is more futureproof as it uses the newer Vodozemac implementation — it now gives me 404. But they still work in gomuks, which relies on older libolm.
This isn't even directly related to cryptography, has to be something else, so I wonder why it works — did they leave some sort of compatibility peep-hole behind? 🤔

@theorytoe @newt
Also, rooms aren't truly decentralised in XMPP — it might be possible with another XEP that would take forever to implement and considering the complexity it adds to the cryptography, might never happen at all.

@theorytoe @newt
XMPP is more "mature" means it's not being actively developed, so it's true, things like this rarely happen — but it also means that bugs also stay current forever, it takes years to fix them in every major implementation.
There is nothing technologically superior in XMPP 🤷

@santiago
Yeah, with proper algorithms that hardware could kick some serious ass! I remember me and my friends using a 1,5 GHz G4 Mac Mini with a gig of RAM for our jams — two MIDI controllers plus bass and mic connected to a Firewire audio card — the UI in Live could go completely unresponsive, but audio recording went on for hours 😂
And nowadays it's not powerful enough to host Pleroma 😢