Notices by Phillip (pb4000@infosec.exchange)

@sundogplanets No suggestions, but thanks for the reading list! I fear what my backlog of books is becoming

@badnetmask I didn’t know they had a control panel like that?? Will definitely have to check it out.

This is the tool I use to help me choose the fastest providers and know my options. Pretty nifty

https://dnsspeedtest.online/

@badnetmask I’ve been enjoying Quad9 on my network. I’ve got AdGuard’s public DNS set up as well for load balancing

#Passkeys have a lot of confusion and valid criticism against them. However, there is one huge benefit that I feel like no one is talking about: they effectively eliminate password breaches as we know it!

#security #cybersecurity #passwords #technology

🧵1/2

This is because they use public key cryptography/asymmetric encryption, as opposed to the symmetric encryption we are used to with passwords. It is functionally identical to using ssh keys vs a password.

On sign up, your device generates a key pair and sends only the public key to the server. On login, the server provides the client with a challenge signed by the client's public key, which can only be completed with the client's private key. Your private key NEVER leaves your device. If the server gets breached, then the attackers can only get your public key, which is effectively useless. Even TOTP doesn't use asymmetric keys. This is huge!

The Fido alliance website has a nice, albeit greatly simplified, explainer here. I'd strongly recommend giving it a read.

🧵2/2

https://fidoalliance.org/how-fido-works/