Using debit cards means that you need to keep a sufficient balance on a zero interest checking account in order to make transactions. Using credit cards allows you to keep close to a zero checking account balance and…
Using Cloudflare to proxy B2 content seems like it directly violates Cloudflare's ToS. https://www.cloudflare.com/terms/ > 2.8 Limitation on Serving Non-HTML Content > The Services are offered primarily as a platform to…
The git repository stores only the packaging related items (the specfile, the custom patches, etc.). The actual source is stored as a binary artifact that is downloaded by a `get_sources.sh` script. The build process is…
Devil's advocate: why should I choose this yet-to-exist distribution over something already existing, such as Oracle Linux? The most common argument (Oracle is evil and litigious. Therefore, using Oracle Linux will…
OpenSSH's SFTP server is significantly slower than FTP over Wireguard (or FTP over TLS) without the OpenSSH HPN patches (which upstream refuses to merge) on connections with >100ms latency. FTP has sendfile support for…
This isn't a CA certificate -- it is missing the CA basic constraints as well as missing the "certificate sign" key usage from X509v3, so most TLS libraries will not validate a chain that is signed by this certificate.
Running Linux and i3wm. After updating to 59, Chrome didn't seem to automatically detect my DPI settings, so I had to manually specify the scale with --force-device-scale-factor Previously did not have to do this.
> “The origin of the infection is not confirmed at the moment, but sources close to the company point out that it is being treated as an attack originating in China,” El Mundo writes. It's amazing how any organization…
Yes, that log entry was from running 4.10.11.
Yes, MSI B350 Tomahawk
I also built a Ryzen machine for development. It's great when it works, but I've found that Ryzen is unstable on Linux (Ubuntu 16.04). Every once in a while, I get kernel errors like NMI watchdog: BUG: soft lockup -…
The authors of the original paper [1] identified that the set of client cipher suites advertised by each browser can be used to fingerprint and identify a browser. Caddy records the cipher suite advertised by the client…
Is there a benefit in using symmetric encryption vs specifying yourself as a recipient?
Cloudflare posted a post-mortem [1]. They were measuring round trip time, and supplying the result of that into the golang rand.Int63n() function, which panics the process when given a negative number. [1]…
> The sum of the cube of gap of primes up to 2017 is a prime number. That is (3-2)^3 + (5-3)^3 + (7-5)^3 + (11-7)^3 + ... + (2017-2011)^3 is a prime number. For the non-mathematically inclined, how do mathematicians…
I'm confused on why a DNS server would need to rely on a monotonic clock for its use cases. Is there a part of DNS that relies on the assumption of synchronized, monotonic time? (Perhaps TTL/expiry of records? But I…
As someone who does not follow Bitcoin news, what makes this release special enough to warrant an advance warning?
This also provides zero additional security for the end user. Offering security questions and/or images that a user selected does not prove that the site is legitimate, since a phishing site can literally be a reverse…
I've never understood why this is seen as a form of verification. What is stopping a phishing site from simply taking a victim's username and fetching the victim's corresponding image from the bank's website via simple…
This is a common way of executing shellcode in a PoC. Exec (before the cast) points to memory containing the shellcode data. To actually start executing the shellcode, you just need to somehow cause the program counter…
Memtest86's rowhammer test is pretty reliable. In fact, since the test's inclusion, so many Rowhammer-related errors have been observed that the developers of Memtest86 split the test into two passes (a high-frequency…
Details: http://www.openwall.com/lists/oss-security/2016/01/14/7
Using debit cards means that you need to keep a sufficient balance on a zero interest checking account in order to make transactions. Using credit cards allows you to keep close to a zero checking account balance and…
Using Cloudflare to proxy B2 content seems like it directly violates Cloudflare's ToS. https://www.cloudflare.com/terms/ > 2.8 Limitation on Serving Non-HTML Content > The Services are offered primarily as a platform to…
The git repository stores only the packaging related items (the specfile, the custom patches, etc.). The actual source is stored as a binary artifact that is downloaded by a `get_sources.sh` script. The build process is…
Devil's advocate: why should I choose this yet-to-exist distribution over something already existing, such as Oracle Linux? The most common argument (Oracle is evil and litigious. Therefore, using Oracle Linux will…
OpenSSH's SFTP server is significantly slower than FTP over Wireguard (or FTP over TLS) without the OpenSSH HPN patches (which upstream refuses to merge) on connections with >100ms latency. FTP has sendfile support for…
This isn't a CA certificate -- it is missing the CA basic constraints as well as missing the "certificate sign" key usage from X509v3, so most TLS libraries will not validate a chain that is signed by this certificate.
Running Linux and i3wm. After updating to 59, Chrome didn't seem to automatically detect my DPI settings, so I had to manually specify the scale with --force-device-scale-factor Previously did not have to do this.
> “The origin of the infection is not confirmed at the moment, but sources close to the company point out that it is being treated as an attack originating in China,” El Mundo writes. It's amazing how any organization…
Yes, that log entry was from running 4.10.11.
Yes, MSI B350 Tomahawk
I also built a Ryzen machine for development. It's great when it works, but I've found that Ryzen is unstable on Linux (Ubuntu 16.04). Every once in a while, I get kernel errors like NMI watchdog: BUG: soft lockup -…
The authors of the original paper [1] identified that the set of client cipher suites advertised by each browser can be used to fingerprint and identify a browser. Caddy records the cipher suite advertised by the client…
Is there a benefit in using symmetric encryption vs specifying yourself as a recipient?
Cloudflare posted a post-mortem [1]. They were measuring round trip time, and supplying the result of that into the golang rand.Int63n() function, which panics the process when given a negative number. [1]…
> The sum of the cube of gap of primes up to 2017 is a prime number. That is (3-2)^3 + (5-3)^3 + (7-5)^3 + (11-7)^3 + ... + (2017-2011)^3 is a prime number. For the non-mathematically inclined, how do mathematicians…
I'm confused on why a DNS server would need to rely on a monotonic clock for its use cases. Is there a part of DNS that relies on the assumption of synchronized, monotonic time? (Perhaps TTL/expiry of records? But I…
As someone who does not follow Bitcoin news, what makes this release special enough to warrant an advance warning?
This also provides zero additional security for the end user. Offering security questions and/or images that a user selected does not prove that the site is legitimate, since a phishing site can literally be a reverse…
I've never understood why this is seen as a form of verification. What is stopping a phishing site from simply taking a victim's username and fetching the victim's corresponding image from the bank's website via simple…
This is a common way of executing shellcode in a PoC. Exec (before the cast) points to memory containing the shellcode data. To actually start executing the shellcode, you just need to somehow cause the program counter…
Memtest86's rowhammer test is pretty reliable. In fact, since the test's inclusion, so many Rowhammer-related errors have been observed that the developers of Memtest86 split the test into two passes (a high-frequency…
Details: http://www.openwall.com/lists/oss-security/2016/01/14/7