ooterness

joined 1 year ago
sorted by: new top controversial old
mikroPhone project is designing a smartphone with an emphasis on openness and privacy in c/technology@lemmy.world
[–] ooterness@lemmy.world 5 points 1 month ago (1 children)

Doesn't the ESP32 module this project is using require the same thing?

Microsoft officially recommends a new PC and OneDrive to update to Windows 11 in c/technology@lemmy.world
[–] ooterness@lemmy.world 1 points 1 month ago (2 children)

It works for now on x86-64, yes. For now. As always, we are one "think of the children" crisis away from lobbyists taking that option away.

Microsoft officially recommends a new PC and OneDrive to update to Windows 11 in c/technology@lemmy.world
[–] ooterness@lemmy.world 3 points 1 month ago (6 children)

It's not for you, it's for them. Secure boot means it only runs their operating system, not yours. Trusted enclave means it secures their DRM-ware from tampering by the user who owns the PC.

Anon solves mental health in c/greentext@sh.itjust.works
[–] ooterness@lemmy.world 34 points 3 months ago (2 children)

That's just "Hakuna Matata" with extra steps.

NASA's Curiosity Rover Uncovers Trove of Yellow Crystals on Mars in c/technology@lemmy.world
Signal downplays encryption key flaw, fixes it after X drama in c/technology@lemmy.world
[–] ooterness@lemmy.world 1 points 4 months ago* (last edited 4 months ago) (1 children)

Sure, but there's still no excuse for "store the password in plaintext lol". Once you've got user access, files at rest are trivial to obtain.

You're proposing what amounts to a phishing attack, which is more effort, more time, and more risk. Anything that forces the attacker to do more work and have more chances to get noticed is a step in the right direction. Don't let perfect be the enemy of good.

Signal downplays encryption key flaw, fixes it after X drama in c/technology@lemmy.world
[–] ooterness@lemmy.world 8 points 4 months ago* (last edited 4 months ago) (3 children)

No, defense in depth is still important.

It's true that full-disk encryption is useless against remote execution attacks, because the attacker is already inside that boundary. (i.e., As you say, the OS will helpfully decrypt the file for the attacker.)

However, it's still useful to have finer-grained encryption of specific files. (Preferably in addition to full-disk encryption, which remains useful against other attack vectors.) i.e., Prompt the user for a password when the program starts, decrypt the data, and hold it in RAM that's only accessible to that running process. This is more secure because the attacker must compromise additional barriers. Physical access is harder than remote execution with root, which is harder than remote execution in general.

YouTube Is Cracking Down on Gun Content, and 3D-Printed Gun Makers Aren't Happy in c/technology@lemmy.world
[–] ooterness@lemmy.world 38 points 5 months ago (5 children)

Is this why Ian McCollum's videos are getting altered? Over the years, he's had many historical deep-dives featuring firearms from the Murphy's auction house. In recent months, he's been re-uploading those videos to cover their logo with the word "Morphy's". Even though the auctions are long over, I suppose Google counts them as promoting sales.

It looks a lot like VMware just lost a 24,000-VM customer • The Register in c/technology@lemmy.world
[–] ooterness@lemmy.world 79 points 6 months ago* (last edited 6 months ago) (3 children)

Phase 1: Fuck around

Phase 2: Find out

Seems fishy in c/memes@lemmy.ml
[–] ooterness@lemmy.world 7 points 6 months ago

Those fish know what they did.

Microsoft ties executive pay to security following multiple failures and breaches in c/technology@lemmy.world
[–] ooterness@lemmy.world 59 points 6 months ago

Incentives like this are tricky. You can reduce the numbers by fixing the problem, or by sweeping it all under the rug. Guess which is easier to do on a quarterly basis?

It's all in the numbers. in c/memes@lemmy.ml
[–] ooterness@lemmy.world 1 points 7 months ago (1 children)

But do they have a video about Deus Ex?

view more: next ›