Posts by airtower@queer.af
(DIR) Post #APuRtfRSiqCov3HQVE by airtower@queer.af
2022-11-23T22:36:47Z
0 likes, 0 repeats
@Natanox The problem is, to quote the manpage: "Use of apt-key is deprecated […] apt-key(8) will last be available in Debian 11 and Ubuntu 22.04."The current recommended thing is to place the key file in /etc/apt/keyrings/ and set it for the repository using the Signed-By field in the sources.list file.
(DIR) Post #AQpPVzuLqzcZXr5ttA by airtower@queer.af
2022-12-21T10:12:26Z
0 likes, 0 repeats
@bfdi @ulrichkelber Ich bin sehr froh, daß da angesprochen wird, daß Patient*innen ohne Android/iOS-Gerät ausgeschlossen werden. Allerdings geht die Kritik m.E. nicht weit genug: Nicht nur die App-Kompatibilität ist ein Problem, sondern der Zwang eine Gematik- bzw. Krankenkassen-App zu benutzen (auch fürs eRezept). Ich will meine Client-Software frei wählen können, nicht „unsere oder keine“, aus Sicherheits- und ethischen Gründen. Es muß offene Schnittstellen geben, die mit entsprechender Authentifizierung von jeder Software benutzt werden können.
(DIR) Post #AUaFckvmiXzvfMXnsm by airtower@queer.af
2023-03-29T10:26:17Z
3 likes, 2 repeats
Is there no-one on the Chromium team who knows about #OCSP stapling? Or does Google not like having to keep OCSP responses for stapling in their servers? https://www.chromium.org/Home/chromium-security/root-ca-policy/moving-forward-together/They say they want to reduce #TLS certificate lifetimes because there's no good revocation mechanism, and all the problems they mention could be solved by strictly requiring stapling with the TLS feature extension in certificates (using RFC 7633). Stapling doesn't place a huge burden on CAs (because only the server using a certificate has to update its cached response now and then), it doesn't expose client behavior to CAs (because clients only need to talk to servers they want to talk to), and if stapling is required by the certificate it fails closed in case of revocation as soon as the last positive response expires (currently CAs usually issue responses with a lifetime of about a week, but that could be reduced easily).Shorter certificate lifetimes aren't necessarily a bad thing, but the reasoning doesn't make sense.
(DIR) Post #AV51TvfTBYD9qt3Rb6 by airtower@queer.af
2023-04-27T14:20:47Z
1 likes, 0 repeats
@tebicat Pretty much anything using TCP, if the proxy allows the CONNECT request method which just tunnels packets back and forth. In practice it's often limited to specific ports (e.g. 443 to let HTTPS work without breaking encryption). :blobcatcoffee: https://datatracker.ietf.org/doc/html/rfc7231.html#section-4.3.6
(DIR) Post #AW71iAK6I3zCI117ho by airtower@queer.af
2023-05-27T17:48:49Z
0 likes, 1 repeats
@kendraserra This is not just the problem with "AI" (it's a misnomer) in law, it's the problem with it in about everything. I hear about people being excited about "AI in medicine". Doing what those lawyers did in medicine could easily get people killed. The problem is that things like ChatGPT make it easy to generate a load of plausible sounding nonsense, while showing (or even just noticing) that it is nonsense takes actual work. Automated Gish Gallop, basically.
(DIR) Post #AXwhbkeni4IiBH2qVE by airtower@queer.af
2023-07-22T07:42:17Z
0 likes, 0 repeats
@mjg59 "Lock out desktop users while still allowing mobile web" is already happening, in the clumsy "you have to use our app for that" way. Sure, that's not really "mobile web" any more, but it demonstrates that locking out desktop (and mobile non-Android/iOS) users is something companies are totally willing to do. And then often those apps require ridiculous permissions and won't run on rooted phones. :meowTilt:
(DIR) Post #AXwyEpmcBRr8dhMFTU by airtower@queer.af
2023-07-22T10:48:34Z
0 likes, 0 repeats
@mjg59 To a degree, yes. Though I fear something like that Google proposal might make it simpler and appear more acceptable.
(DIR) Post #AatMNV5nrhSRZ2Iq12 by airtower@queer.af
2023-10-16T16:32:34Z
0 likes, 1 repeats
„Freie Fahrt für freie Bürger*innen“ wäre eigentlich ein ganz gutes Konzept, wenn es um die #Bahn ginge statt um Autos. :catThink: 🚆