Post B1IPaXGs0tjsbTI2t6 by alison@burningboard.net
 (DIR) More posts by alison@burningboard.net
 (DIR) Post #B1HENHVW1CIPIJepsm by alison@burningboard.net
       2025-12-15T04:46:40Z
       
       0 likes, 0 repeats
       
       I'm delighted to hear @unnamedre back on the air again.  The most recent episode https://reverseengineering.libsyn.com/076-living-in-a-vast-world-of-crazinessis an interview Dan Walters of Bytetinker, who runs an ISP-hacking village at Cyphercon.   The news here is not reassuring!    While the Kernel Hardening and Linux Zero-Day projects are exemplary and important @kees , the networks through which our packets pass are not so secure.  Yes, encryption protects the contents of messages, but cannot save them from DNS hacks ( @kyle ) or a variety of man-in-the-middle attacks.  We end up with heavily armored secure enclaves surrounded with rather scary transits between them.
       
 (DIR) Post #B1HENIVCJrdUNcW61g by kyle@mastodon.kylerank.in
       2025-12-15T15:36:11Z
       
       0 likes, 0 repeats
       
       @alison @unnamedre @kees Wrapping everything in TLS has done a lot to mitigate the sorts of DNS attacks people were worried about when DNSSEC was being pushed. There are gaps of course. I've never been that crazy about DoH or other tunneling approaches any more than relying on VPNs for the same threat model--you are just transferring trust to a different entity (who very much would like to gather data from your packets), and once packets leave their network they still face the same threats.
       
 (DIR) Post #B1IPaXGs0tjsbTI2t6 by alison@burningboard.net
       2025-12-16T05:16:25Z
       
       0 likes, 0 repeats
       
       @kyle @unnamedre @kees Dan Walters made the same comment about VPNs: why trust them more than your ISP?  From what I've read about cell towers, the situation is even worse.