JuxtaposedJaguar

joined 1 year ago
[–] JuxtaposedJaguar@lemmy.ml 3 points 6 months ago

Giving permission by saying yes to a "would you mind" question is the hill I die on. Usually I say "I would not mind" but if I'm feeling frisky I'll say no and watch their brain melt.

[–] JuxtaposedJaguar@lemmy.ml 1 points 6 months ago* (last edited 6 months ago) (1 children)

How is that different from mutual TLS authentication?

Edit: It seems like OPAQUE just initiates mutual TLS authentication after the TLS session has already been negotiated with PKI. So it basically just allows websites to design their own login page instead of the one designed by the web browser.

[–] JuxtaposedJaguar@lemmy.ml 2 points 6 months ago

I just replied to the other person's comment.

[–] JuxtaposedJaguar@lemmy.ml 2 points 6 months ago

While Linux itself isn't proprietary, it supports loading proprietary firmware/microcode blobs and running on proprietary hardware. Thus, part of the Linux hardware/software stack is proprietary.

[–] JuxtaposedJaguar@lemmy.ml 24 points 6 months ago (4 children)

I'm surprised that other people are surprised that for-profit companies constantly try to increase their profits; such companies only contribute to FOSS when that's more profitable than the alternative. The Linux kernel, AMDGPU, Steam, etc only exist because some part of the software/hardware stack is proprietary (which becomes a more attractive product as the FOSS portion of the stack improves).

I'm definitely not justifying the "rug-pulling", but people need to stop supporting projects with no potential for long-term profitability unless those projects can survive without any support from for-profit companies. Anything else is destined to fail.

[–] JuxtaposedJaguar@lemmy.ml 54 points 9 months ago (4 children)

It's a nightmare to search for anything about GUID Partition Tables (GPT) now.

[–] JuxtaposedJaguar@lemmy.ml 2 points 9 months ago

I'd love yearly Debian releases instead of just every 2 years.

[–] JuxtaposedJaguar@lemmy.ml 5 points 11 months ago (1 children)

Free (As in beer and speech!)

Do you live in a utopia where you get as much beer as you want without having to pay for it, or do you live in a dystopia where you have to pay to be able to speak your mind and only in limited quantities?

[–] JuxtaposedJaguar@lemmy.ml 4 points 11 months ago

Thank you for interjecting.

[–] JuxtaposedJaguar@lemmy.ml 2 points 11 months ago (1 children)

The data block would be modified but the signature of that block can’t be recomputed without the key used to sign it

Isn't that also true of an encrypted checksum, though? For some plaintext block q there is a checksum r, but the attacker can only see and modify the encrypted q (Q) and encrypted r (R). How any change to Q would modify q (and R to r) can't be known without knowing the encryption key, but the attacker would need to know that in order to keep q and r consistent.

[–] JuxtaposedJaguar@lemmy.ml 7 points 11 months ago* (last edited 11 months ago) (3 children)

I'm not a cryptographer (so maybe this is wrong), but my understanding is that although it's possible to modify the cipher text, how those changes modify the plaintext are very difficult (or impossible) to predict. That can still be an attack vector if the attacker knows the structure of the plaintext (or just want to break something), but since the checksum is also encrypted, the chances that both the original file and checksum could be kept consistent after cipher text modification is basically zero.

 

I need to transport multiple very large files over an unstable and untrusted network, and the file contents are outputted as a data stream. I wanted to use OpenSSL for streaming authenticated encryption, but they purposefully don't support that and are preachy about it.

Well, it turns out that XZ has checksumming built-in! It even has different algorithms (CRC32, CRC64, and SHA256). It's part of the same file, within/before the encryption, and automatically verified by the decompression tool. I'm already using XZ for compression before encryption, so this is just super convenient and useful. Also, it seems like XZ supports threaded decompression now, when it didn't before. Thanks XZ devs!

[–] JuxtaposedJaguar@lemmy.ml 40 points 1 year ago (2 children)

In exchange, FF uses Google search by default. So they're also getting direct value from the deal.

 

I'm not complaining, but I didn't realize how much work it was. It makes me really respect the people who do it on a regular basis.

For example:

  • You know how to use your software, but other people don't. So you need to write documentation.
  • You can just modify the source files, but it's impractical for everyone to do that. So you need to add a config file.
  • You can just drag the output files into place, but that's impractical for everyone to do. So you need to package it.
  • You trust yourself, but distro maintainers rightfully don't. So you need to package your source code and configure the package to compile it.
  • You will abide by your idea of how the software should be used, but other people might not. So you need to pick a license.

Sometimes I think there must be an easier way, but I can't think of any. I guess it probably gets easier with experience.

 

My main server is named Postulate (an idea that you assume for the sake of argument), my desktop is named Axiom (a proved postulate), and my backup server is named Corollary (an idea that follows from an axiom).

What are your computers named, and why?

 

I'm thinking about setting up my own (bare metal) Lemmy instance to play around with it, but it seems to require PostgreSQL. Everything else on my system uses MySQL, and I don't really want to run 2 separate database services. I guess I would also be fine with using an SQLite file, but that's not ideal.

Has anyone managed to set up a Lemmy instance with MySQL instead of PostgreSQL? Are you aware of any PostgreSQL to MySQL or SQLite compatibility layers?

view more: next ›