Post AdDrprmCVfuOKsPLIu by mttaggart@infosec.town
(DIR) More posts by mttaggart@infosec.town
(DIR) Post #AdDjiShQY23mtt8KBs by gradius@infosec.exchange
2023-12-27T02:13:50Z
1 likes, 0 repeats
For the new year, I'm thinking of reviving my habit of reading from more locations than just here and HackerNews. Possibly even going back to a RSS reader (omg). Anyone got recommendations for blogs, news sites, link aggregators, etc for things like tech and infosec?
(DIR) Post #AdDjiTkIepx695U8J6 by mttaggart@infosec.town
2023-12-27T02:18:10.529Z
1 likes, 0 repeats
@gradius Our Intel Feed is undefeated. intel.taggartinstitute.org
(DIR) Post #AdDjiUhr5Pah7nLh8S by gradius@infosec.exchange
2023-12-27T02:15:54Z
0 likes, 0 repeats
Also thinking of trying to restart my podcast habit. Recommendations for tech and security podcasts you enjoy?
(DIR) Post #AdDjtiUo9ohn4sb6Qa by gradius@infosec.exchange
2023-12-27T02:20:04Z
1 likes, 0 repeats
@mttaggart woah this looks like a hyper-condensed answer to my question, tyvm!Very excited to dig in :D
(DIR) Post #AdDkpIWKtJ9vJQljRw by mttaggart@infosec.town
2023-12-27T02:30:37.969Z
0 likes, 0 repeats
@gradius Uhh I think @jerry just hugged it to death.
(DIR) Post #AdDlBS7LtFa5RpeBGa by gradius@infosec.exchange
2023-12-27T02:31:08Z
0 likes, 0 repeats
@mttaggart @jerry lololol oops.
(DIR) Post #AdDlBSzwcHFYB9BmMK by mttaggart@infosec.town
2023-12-27T02:34:37.630Z
0 likes, 0 repeats
@gradius @jerry Aaaand back
(DIR) Post #AdDlF2fkR90FgnRmhU by jerry@infosec.exchange
2023-12-27T02:34:41Z
1 likes, 0 repeats
@mttaggart @gradius sorry
(DIR) Post #AdDlF3QtbqiW31VRBo by mttaggart@infosec.town
2023-12-27T02:35:16.196Z
0 likes, 0 repeats
@jerry @gradius Lmao all good! It's an important lesson in what happens when federated URL fetches happen at scale.
(DIR) Post #AdDlPlZiLQJ9qejr7Y by jerry@infosec.exchange
2023-12-27T02:36:34Z
1 likes, 0 repeats
@mttaggart @gradius for sure. There’s a reason infosec.exchange has 10Gbps internet connections and two CDNs :)
(DIR) Post #AdDlQJnj5pibzxYWgK by mttaggart@infosec.town
2023-12-27T02:37:18.875Z
0 likes, 0 repeats
@jerry @gradius I...do not
(DIR) Post #AdDmKTbNqAmyc0Yprk by jerry@infosec.exchange
2023-12-27T02:42:39Z
1 likes, 0 repeats
@mttaggart @gradius there is some work pending in mastodon that will hopefully ease that a bit but having the originating instance capture/create the preview card, rather than each instance doing it themselves. The potential for abuse of that concerns me a little bit, but then I don’t know the details of how it will be implemented so may be fine.
(DIR) Post #AdDriJjWgPgwj3YbA0 by sickmatter@babka.social
2023-12-27T03:26:24Z
0 likes, 0 repeats
@jerry @mttaggart @gradius oh no does HTTPS need a non-repudiation extension? 🤔
(DIR) Post #AdDriKXrfFxRFB6nce by jerry@infosec.exchange
2023-12-27T03:47:06Z
1 likes, 0 repeats
@sickmatter that isn't really the problem. The issue is that the act of verifying the validity of a preview card created on another instance requires each of the 20000 fediverse instances to reach out an make a query to the linked website. The problem is the 20000 simultaneous connections @mttaggart @gradius
(DIR) Post #AdDrprmCVfuOKsPLIu by mttaggart@infosec.town
2023-12-27T03:49:07.908Z
0 likes, 0 repeats
@jerry @sickmatter @gradius There's a whole set of problems faced by targets and users when stuff goes viral on Fedi that current tooling is unequipped for. For example, oh my dogg, grouping notifications.
(DIR) Post #AdDv1hUwqkLnnOflMO by sickmatter@babka.social
2023-12-27T04:20:52Z
0 likes, 0 repeats
@jerry @mttaggart @gradius also lets RFC a non repudability extension for TLS. For more info, we can use the ristretto group
(DIR) Post #AdDv1iKLldT2MoioTo by sickmatter@babka.social
2023-12-27T04:21:31Z
1 likes, 0 repeats
@jerry @mttaggart @gradius sorry but wine Matt talks infosec when he shouldn’t