Notices by CyberFrog (froge@social.glitched.systems)

@aral@mastodon.ar.al @noybeu@mastodon.social the Irish DPC being basically useless on GDPR enforcement is a hot button issue in Europe right now, from what I understand the rest of the EU is essentially applying legal pressure and threatening penalties for non-enforcement so hopefully the Irish DPC gets much better in future

@patrickcmiller@infosec.exchange "unhackable"...

he does know what happened to every other person on the planet who ever called something unhackable right? lol, lmao even

@SmartFox@mastodon.social @patrickcmiller@infosec.exchange they had a "data breach" (really just a hacker stealing logins) recently and now people realize what a colossal fuckup it was so they want a "go back" button tbh

@aral@mastodon.ar.al is... is this real? I mean even just the branding here is awful from a PR perspective, wtf are they even doing... incredible

@mattly@hachyderm.io many MANY years ago, when I was first getting involved in security and had just started a github account (long since deleted) I got an email from someone who scraped my details from a repo where I did security patches

they offered me a significant amount of money for some relatively simple XSS related bypass methods in the (back then) actively maintained XSS auditor code of chromium

I refused of course, but to this day, I wonder how many millions of people are being exploited because some random person got an email and some money

anyone know some good FOSS #astrophotography software? I want a fancy telescope and camera to take pictures of the sky with tracking, but I also want free software... not sure if I'm going to have to write that myself

@ryanc@infosec.exchange I'm not sure if they've switched to nftables by default yet, they might have, maybe it's worth checking if they have any nftables rules defined or something weird

@ryanc@infosec.exchange if the distro is new and uses nftables, like fedora or something, it might be doing strange things like that 👀

@ryanc@infosec.exchange but also nftables is syntactically very similar, which helps a lot at least lol

@ryanc@infosec.exchange I learned something cursed when researching the transition of these things, which is that the linux kernel can load both iptables and nftables rules at the same time, on the same machine, and nftables rules take precedence but fall back to iptables afterwards

imagine trying to debug a system that you thought was using iptables but actually has a secret nftables rule inserted before iptables even sees the packet.. all the iptables rules would be totally correct, because the filtering happens earlier on 🙃

@dushman@hollow.raccoon.quest 10/10 even has a funny warning lol

@Hyolobrika@social.fbxl.net @dushman@hollow.raccoon.quest you get banned, skill issue tbh

@meso@the.asbestos.cafe @dushman@hollow.raccoon.quest @thegreatape@hollow.raccoon.quest @david@hollow.raccoon.quest yeah the GPUs don't die faster, this is my point, the hardware runs fine, LTT actually spent months of their life and lab equipment to test these things and the hardware works fine even if you abuse it at 100c with 100% load for years

like I am saying it's fine because the effect you're talking about here literally doesn't exist, used GPUs don't die faster, they're fine lol

@dushman@hollow.raccoon.quest @david@hollow.raccoon.quest @thegreatape@hollow.raccoon.quest tbh 98c on a modern desktop is fine, on a laptop that's kinda bad for the... everything else

But on a desktop the chips just thermal throttle super hard and your performance gets a lot worse instead of the CPU breaking, a lot of new intel chips have like 110c thermal limits lol

@dushman@hollow.raccoon.quest @david@hollow.raccoon.quest @thegreatape@hollow.raccoon.quest I am 99% sure having the CPU that hot won't actually degrade it at all, you should go check out analysis of second hand CPUs that have been used for crypto mining at like 100% load at these temperatures for 3+ years straight

the chips literally lose like 1% performance, maybe less, which is within error margins... They're literally built to run at high temps on 100% load for years, chips don't actually degrade from being run this way, they throttle themselves way before that's ever an issue

@patrickcmiller@infosec.exchange pfft sure, they pledge a lot of stuff, I'll care when I see some results for once tbh

@patrickcmiller@infosec.exchange tfw rebranding defense in depth so it sounds cool and has new buzzwords for the marketing team to sell

@soatok@furry.engineer to be fair this happens more than it should, OpenSSL for example ships default fallback code which will do most of their crypto without any constant time instructions... this is a particularly big issue on RISC-V chips, see the below github issue.

IMPORTANT DISCLAIMER: OpenSSL does this due to hardware limitations, not because they feel like doing it, unlike matrix devs ;)

https://github.com/openssl/openssl/issues/20980

@aral@mastodon.ar.al this is why it rubs me the wrong way when people ignore my technical advice

am I basically nobody? yes
am I still offering sound and important advice that experts should listen to? also yes

often when I'm ignored for long enough people begin realizing that despite my lack of status I know what the hell I'm saying still lol

@aral@mastodon.ar.al of course, I just genuinely appreciate the project, it's rare to find cool people who build cool tech that helps with world like this :blobowo: