0xda.de
Hacker, Rapper, Developer, dade.
https://0xda.de
141 posts
594 followers
99 following
Regular Contributor
Active Commenter
comment in response to
post
I think it’s one of those things where there’s only so much you can do if you’re shipping devices on the network to other people. But I’m curious in exploring all those things you can do, and seeing where the limit actually is.
comment in response to
post
Oh yeah it’s trivial for me to do purely on my devices, I’m curious about solving it for a situation where, say, I ship devices to a group that should have access to the network, and want high confidence in the security of those devices.
comment in response to
post
Probably not, unless the device shipped was a laptop that had its own built in IO and all USB lines were hardware disabled. Plus some OS level things to try to prevent unauthorized access, just in case.
comment in response to
post
Then there’s the IO and data exfiltration to consider. Assuming I’ve sent someone a device that they don’t have root access to and somehow can’t get root access to (and that’s a big if), could I prevent mass exfil via USB? Prevent HID injection attacks?
comment in response to
post
Could I confidently restrict network connections at the host level if it’s on someone else’s network and they can manipulate whatever they want at the network layer?
comment in response to
post
Like, could I reasonably build something that requires managed devices with hardware backed keys that can’t be exfiltrated, can’t be used with an unmanaged device, and could actually be safe if shipped to a recipient?
comment in response to
post
You can tell they have been consumed by the republican mind worm because they assume anyone who says something that challenges their dogma is a political operative. As if the democrats actually employ everyone on the internet to make fun of republicans, but somehow can’t take literally any action.
comment in response to
post
Surely anyone encouraging 12 security trainings a year is in the business of selling security training. I can’t think of any other reason for this post 😂
comment in response to
post
I got to see Deltron 3030 in Colorado for the RTJ & Wu Tang Clan show a year or two back, and Deltron 3030 was the act that actually got me to fly to Colorado just to watch the show.
It was awesome. 10/10 would do again. Though something closer to home in Oakland would also be cool 😂
comment in response to
post
(Patching endpoints is totally different, but also just takes grit, determination, and a reasonably capable testing mindset)
comment in response to
post
It’s pretty sick, though. With containers, modern dependency manifests, and a little bit of GitHub actions work, it’s never been easier to patch very regularly. And if something does break, roll it back and write better tests to validate the usage of the dependency in the first place.
comment in response to
post
Those updates get reviewed by a human after the tests all pass, applied, and it’s just completely normal now. But it took a lot of grit and determination to make it the norm and get people away from the fear of “what if patching breaks something”
comment in response to
post
I’ve driven auto patching at my org for production. When I got here our builds were basically impossible to safely update. I moved us to modern dependency management, and wrote automation to do updates every Monday for all dependencies.
comment in response to
post
Can’t leak secrets if nobody can open the email
comment in response to
post
Pretty Good Plans, guys. Pretty Good Plans.
comment in response to
post
How do I get one of these? 😂
comment in response to
post
I also note at the bottom of this retro, I would love to do more live music performances at hacker cons. If you'd like a hacker to come rap for your fellow hacker friends, my cost is cheap - a plane ticket and a hotel room, that's it.
I just want to get more time performing.
comment in response to
post
I haven’t tried Voice but I have the Home Assistant Yellow hardware and am pleased with how easy it is to set it up and how easy it has been to leave running with no attention.
comment in response to
post
Home Assistant Voice maybe? Guess it depends on what part of Alexa you want to replace. I’ve also heard it’s noticeably slower than Alexa, but there’s probably an element of that that will be true from nearly any home solution.
comment in response to
post
Unfortunately such a solution would leave such a large number of people out in the cold. I think some good auto-POSSE patterns would be useful, and maybe something that auto-archives my social media posts onto my own site.
But yeah, decentralized and federated is cool until it isn’t.
comment in response to
post
I haven’t set them up but it is something I’ve considered. I’m meticulous about wanting to own all my own data for my site so don’t want a third party webmention service, but haven’t spent time researching setting up my own service yet.
comment in response to
post
I also think this has some of my best editing yet (big talk from someone who has edited 7 videos total). I learned a few cool tricks for this, including multi-cam editing. Definitely still need some improvement, but I feel like I'm getting the hang of it, maybe?
comment in response to
post
Can you use it without having to have an account yet? I wanted to try it but I feel like needing an account for a terminal emulator might be where I draw the line 😅
comment in response to
post
I can’t say with first hand experience, but I _feel_ like EFF would be a good candidate here.
comment in response to
post
There is a technical change going on that effectively makes ublock infeasible after the hard enforcement date, unfortunately. I think I’m going to switch back to Firefox soon because of it 😅
comment in response to
post
Seconding quad9, purely because of their independence and policies. It’s the sort of org I want to support. And you can use it with or without the malicious domain filtering, with DoT, DoH, dnscrypt, etc.
comment in response to
post
It’s Apache 2.0, hope this helps
comment in response to
post
That means YIFY rips will definitely fit, may as well pit the MPAA against DOGE so we can have a little comic relief.