Posts by Anarcat@kolektiva.social
(DIR) Post #AUlE3K3BpujNtgatwu by Anarcat@kolektiva.social
2023-04-18T01:13:13Z
0 likes, 0 repeats
@mjg59 i wonder if *any* current install (including Debian) has this setup right. this laptop has been setup in September 2022 with a Debian bookworm alpha installer, and it's still got PBKDF2... ouch.
(DIR) Post #AUlEEb2f0EdnmSiqfY by Anarcat@kolektiva.social
2023-04-18T01:15:14Z
0 likes, 0 repeats
@mjg59 and *actually* even running `sudo cryptsetup luksConvertKey /dev/whatever --pbkdf argon2id` on my system here doesn't change the Digests output in luksDump, what gives?
(DIR) Post #AUlEYNJjjwlh0S8nUu by Anarcat@kolektiva.social
2023-04-18T01:16:20Z
0 likes, 0 repeats
@mjg59 sigh, i read your post exactly the opposite of what it was supposed to mean, sorry :(
(DIR) Post #AUlEiWbY45kyhqJP5U by Anarcat@kolektiva.social
2023-04-18T01:12:27Z
0 likes, 0 repeats
@f00fc7c8 @mjg59 to figure out if you're affected, run this: `cryptsetup luksDump /dev/sda3 | grep -e Version` and ` cryptsetup luksDump /dev/sda3 | grep PBKDF`. unless that says "2" and "argon2id", you are affected
(DIR) Post #AUlEiXRewLRNJSh1JQ by Anarcat@kolektiva.social
2023-04-18T01:18:43Z
0 likes, 0 repeats
@f00fc7c8 note that a previous reply of mine stated that you need to grep for Digests, that's explicitly what @mjg59 tells you *not* to do. in general, don't listen to me and listen to him
(DIR) Post #AUlFCXShRTS63JU7AO by Anarcat@kolektiva.social
2023-04-18T01:21:40Z
0 likes, 0 repeats
@f00fc7c8 @mjg59 phew!
(DIR) Post #AUlFOZpWSmy6s7tsJM by Anarcat@kolektiva.social
2023-04-18T01:27:28Z
0 likes, 0 repeats
@mjg59 i do wonder how one distribution (say Debian) is supposed to deal with this on upgrades... maybe we should add that to the release notes along with your procedure? i'm also considering doing such a procedure fleet-wide here... i can't help but think this is rather risky...
(DIR) Post #AUmJLfFwQW1zo55Gnw by Anarcat@kolektiva.social
2023-04-18T13:47:08Z
0 likes, 0 repeats
@mjg59 could you expand a bit on the actual possibility of cracking a PBKDF2 key derived 20-character password? last time i did that math, it would have taken something like more than 5 billion years for the bitcoin network to crack that... (math was https://gitlab.com/anarcat/crypto-bench/-/blob/master/benchpasswords.py)
(DIR) Post #AaDN3UKtZJCSrRp3hI by Anarcat@kolektiva.social
2023-09-28T04:23:39Z
0 likes, 0 repeats
@jgoerzen i've been doing this with gandi for a while until i moved all my DNS servers "in the cloud" during an emergency, never went back
(DIR) Post #AaRFm3pMtUa2G1G2vQ by Anarcat@kolektiva.social
2023-10-04T21:06:48Z
0 likes, 0 repeats
@mjg59 i hate it when that happens
(DIR) Post #AaoY7ObgyQpqsXgm7E by Anarcat@kolektiva.social
2023-10-16T02:54:49Z
0 likes, 0 repeats
@mjg59 was that a rhetorical question or is "because the american empire is built on oligopolies that control all markets that will destroy the planet and have specifically destroyed the US train system" a valid answer?
(DIR) Post #AaoYLt3OZOZTMVYZyC by Anarcat@kolektiva.social
2023-10-16T02:55:50Z
0 likes, 0 repeats
@mjg59 i guess that's not specific to PIT<>DC though
(DIR) Post #AaoYfcPg9I55XmO8zw by Anarcat@kolektiva.social
2023-10-16T02:59:00Z
0 likes, 0 repeats
@mjg59 yeah, second answer then: there *is* a good way, and it's get a car or hitch a ride hippie. ;)
(DIR) Post #AaoYfdYvsN4r6lj33o by Anarcat@kolektiva.social
2023-10-16T03:00:24Z
0 likes, 0 repeats
@mjg59 i agree it's frigging ridiculous, it keeps blowing my mind how bad trains are in the US... there's no universe in which it's actually expensive in any meaningful way to build a working train there, except one where "expensive" only counts "car and gas companies"
(DIR) Post #AbEw00U62UNlhTgDtQ by Anarcat@kolektiva.social
2023-10-28T20:22:59Z
0 likes, 0 repeats
@mjg59 also test before going, wear a mask and just don't fucking go if you have any symptoms even if mild?
(DIR) Post #AbLdKeK4SS5oPfO25I by Anarcat@kolektiva.social
2023-11-01T01:57:28Z
0 likes, 0 repeats
@mjg59 this looks like the kind of thing a proper error message would have fixed right off the bat for you
(DIR) Post #AbcIONiOQC0hXgppMu by Anarcat@kolektiva.social
2023-11-09T02:49:46Z
0 likes, 0 repeats
@mjg59 now come on, we're in the future, i write Python code that uploads itself onto remote servers and runs shell scripts that sed config files, please
(DIR) Post #AbpQH5VyGyFjONza0e by Anarcat@kolektiva.social
2023-11-15T02:16:02Z
0 likes, 0 repeats
contributor license agreements (CLAs) are such a turn-off for frequent drive-by contributors like me
(DIR) Post #AbpQH6lbcKLxHAJa1A by Anarcat@kolektiva.social
2023-11-15T02:16:56Z
0 likes, 0 repeats
it's simple: i don't want to "register" or read your legalese right now; it's bad enough with license proliferation, now we're served with a proliferation of project-specific CLAs that are often longer than the original licenses #wtf #cla
(DIR) Post #AbphzuGycB86mJw4XI by Anarcat@kolektiva.social
2023-11-15T14:13:43Z
0 likes, 0 repeats
@FreePietje yeah so i know the "politics" of it and the debate, frankly I'm not talking about this at all here. i think CLAs are bad in general for the reasons you mention, but I think they are *particularly* bad (and should have an exception) for small contributions