Exactly! AD FS is part of Tier 0 in the same way as Active Directory itself and needs to be treated and secured as such. Of course, security goes a long way when it's part of a holistic approach like zero trust.…
Yes, Apple is supporting older devices, but has made my SE 2020 nearly unusable (slow as hell, horrible UI bugs when typing) after updating to iOS 17. Everything worked perfectly until then. It seems as though Apple…
Exactly, as a user you need to be aware of this addition of risk. Anonymous OSS maintainers are the issue here. When I want to use a project and want to reduce the risk here, I need to vet the maintainers in a similar…
There is a solution: even more telemetry!
While I mostly agree with them, I don't regard them as fallacies. Those are different stances on the idealism-realism spectrum.
I disagree with the article that server-side iterations in this case are useless. They are used for access control. Bitwarden's API likely doesn't permit anybody to access the encrypted blobs of anybody. You have to…
I live in Berlin and I don't know any German personally who is not for nuclear power.
And it's not possible to change/withdraw consent after allowing it. I've searched 5 minutes and found no link or widget that would get me to that screen.
Link moved here: https://hacks.mozilla.org/introducing-state-partitioning/
A part of my work tasks consists of reviewing answers to security questionnaires. These are reasonable questions and I see quite a lot of value if they are filled out extensively and in a good faith approach. Most of…
> Germany’s park visit data is further evidence that lockdown measures do not fully determine behaviour, and that people have their own motives. I find the graphs without much meaning. I live in Germany and we didn't…
A fingerprint is there to either identify you or confirm that it is you. Now, if we would allow the software to accept a smooth fingerprint as assign it to a person then this would allow anybody to impersonate that…
Could you provide a disclosure timeline and the version or indication of the version which has fixed this issue?
> In contrast, with the Nitro System, the only interface for operators is a restricted API, making it impossible to access customer data or mutate the system in unapproved ways. That's great but what are the approved…
> The authoritative server [of .odns] decrypts the session key with his private key, and then subsequently decrypts the requested domain with the session key. So this basically means that the .odns operator is yet…
It does, but only to google domains and only in non-incognito mode. If you're still paranoid and clear your cookies after you close Chrome, you can add a commandline option to Chrome so that this UUID is randomized on…
Exactly! AD FS is part of Tier 0 in the same way as Active Directory itself and needs to be treated and secured as such. Of course, security goes a long way when it's part of a holistic approach like zero trust.…
Yes, Apple is supporting older devices, but has made my SE 2020 nearly unusable (slow as hell, horrible UI bugs when typing) after updating to iOS 17. Everything worked perfectly until then. It seems as though Apple…
Exactly, as a user you need to be aware of this addition of risk. Anonymous OSS maintainers are the issue here. When I want to use a project and want to reduce the risk here, I need to vet the maintainers in a similar…
There is a solution: even more telemetry!
While I mostly agree with them, I don't regard them as fallacies. Those are different stances on the idealism-realism spectrum.
I disagree with the article that server-side iterations in this case are useless. They are used for access control. Bitwarden's API likely doesn't permit anybody to access the encrypted blobs of anybody. You have to…
I live in Berlin and I don't know any German personally who is not for nuclear power.
And it's not possible to change/withdraw consent after allowing it. I've searched 5 minutes and found no link or widget that would get me to that screen.
Link moved here: https://hacks.mozilla.org/introducing-state-partitioning/
A part of my work tasks consists of reviewing answers to security questionnaires. These are reasonable questions and I see quite a lot of value if they are filled out extensively and in a good faith approach. Most of…
> Germany’s park visit data is further evidence that lockdown measures do not fully determine behaviour, and that people have their own motives. I find the graphs without much meaning. I live in Germany and we didn't…
A fingerprint is there to either identify you or confirm that it is you. Now, if we would allow the software to accept a smooth fingerprint as assign it to a person then this would allow anybody to impersonate that…
Could you provide a disclosure timeline and the version or indication of the version which has fixed this issue?
> In contrast, with the Nitro System, the only interface for operators is a restricted API, making it impossible to access customer data or mutate the system in unapproved ways. That's great but what are the approved…
> The authoritative server [of .odns] decrypts the session key with his private key, and then subsequently decrypts the requested domain with the session key. So this basically means that the .odns operator is yet…
It does, but only to google domains and only in non-incognito mode. If you're still paranoid and clear your cookies after you close Chrome, you can add a commandline option to Chrome so that this UUID is randomized on…