Posts by apreiml@fosstodon.org
(DIR) Post #AQCKJcVcwmACZ3N4O8 by apreiml@fosstodon.org
2022-12-02T13:38:41Z
0 likes, 0 repeats
HTTPS requests of course.
(DIR) Post #AQhnYRkCAq665lMgkK by apreiml@fosstodon.org
2022-12-17T17:32:03Z
2 likes, 1 repeats
I've managed to make the hare-tls server accept a connection from openssl s_client: https://paste.sr.ht/~apreiml/8414eab90faf1d87916d1ee2291f26a3302ade6d It's very experimental code with many shortcuts and hacks. But I think I've got a good understanding now on how to organize the code. The next step is to rewrite large chunks of it.The ev lib of @drewdevault comes also right on time. I can now work on a proper API design that works well with ev. #harelang
(DIR) Post #AS24rKx3oQQU2qMSiO by apreiml@fosstodon.org
2023-01-26T09:45:13Z
1 likes, 0 repeats
Seems like u-boot is on its way to become a full-featured OS itself: https://www.linaro.org/blog/http-now-supported-in-u-boot/How long until unauthenticated firmware updates on plain HTTP or broken HTTPS?
(DIR) Post #AT2rudOnkhHCp4nlcu by apreiml@fosstodon.org
2023-02-25T15:26:21Z
1 likes, 1 repeats
Finally the rewrite of the hare-tls record layer is showing some success. I've hacked https support into hare-http to see how it works.Next step is to clean up the code and an initial release for the brave to try.Note that there is no certificate validation at all. This will be my next focus, besides refactoring the other parts.#harelang
(DIR) Post #AUgORm4hf2otTa50uu by apreiml@fosstodon.org
2023-04-15T17:13:25Z
1 likes, 0 repeats
@sebastian hare-tls: x509 cert parsing and verifying.
(DIR) Post #AV39w3C3D4ZycLIJsW by apreiml@fosstodon.org
2023-04-24T19:18:13Z
2 likes, 1 repeats
Everytime I have to work with the gpg command, I'm so close to start writing a openpgp implementation in #harelang
(DIR) Post #AayAXLhrOFXHgophx2 by apreiml@fosstodon.org
2023-10-20T17:57:32Z
1 likes, 1 repeats
Well done incident report:"Encrypted traffic interception on targeting the largest Russian XMPP (Jabber) messaging service"https://notes.valdikss.org.ru/jabber.ru-mitm/TLS alone might not always be enough. My takeoff is to take a closer look at certificate transparency monitoring.
(DIR) Post #AayAXOe4SnHsnw5Dxg by apreiml@fosstodon.org
2023-10-20T18:07:29Z
0 likes, 0 repeats
But I wonder. I if has been the companies itself, they could've just extract the private key from the VPS.
(DIR) Post #AayCTAxfb7Md7AMjUu by apreiml@fosstodon.org
2023-10-20T18:31:46Z
0 likes, 0 repeats
@lanodan Monitoring certificate transparency is something the owners of the services need to do. The log lists only which certificates have been issued when. The owner has the knowledge of authentic certificates and can check, if there aren't any additional certificates issued..As a client you can't differentiate between a forged and a valid one, in this case.
(DIR) Post #AayDp8hilpv8RGwVPc by apreiml@fosstodon.org
2023-10-20T18:48:24Z
0 likes, 0 repeats
@novenary @lanodan Exactly, the MitM certs where valid Let's Encrypt certs, that where present in the log. In this case I don't see how a client could detect the attack.
(DIR) Post #Ab0LB6OH8oYjd5BdOy by apreiml@fosstodon.org
2023-10-21T19:17:23Z
1 likes, 2 repeats
Hare-tls status report:https://lists.sr.ht/~apreiml/hare-tls/%3C11733aef-98e6-444f-a9df-da762ee06667%40strohwolke.at%3E#harelang
(DIR) Post #Abb7XagCINnBhh2L0i by apreiml@fosstodon.org
2023-11-06T20:06:41Z
0 likes, 1 repeats
io::stream is such a good interface. I really like streams. Did I write some streams today? I must write more streams!#harelang
(DIR) Post #AcNLfHONs0OCmenTVI by apreiml@fosstodon.org
2023-07-20T14:06:42Z
0 likes, 1 repeats
Made some progress on hare-tls this week. It can "verify" certificate chains and I've ported EC from BearSSL. That means it can verify certificates against 99% of the certificates of the mozilla trust source. It's not bulletproof yet though, there are some shortcuts and some critical steps I still need to implement.Code is in the "making it work" phase. I'll probably add certificate verification to TLS and then I'll slowly start to refactor and rework most of it to make it good. #harelang
(DIR) Post #AcNLgOI3i1KQT1Mtiy by apreiml@fosstodon.org
2023-06-21T07:04:18Z
0 likes, 1 repeats
yesterday I had to use gpg again, so I've started https://git.sr.ht/~apreiml/hare-openpgp :D Let's see where this goes. #harelang
(DIR) Post #AsxAfdSDgqq3HPvQg4 by apreiml@fosstodon.org
2025-04-10T15:35:55Z
0 likes, 0 repeats
Finally I was able to upgrade my framework BIOS through fwupdmgr.But the latest BIOS update made my (Intel 12thgen) throttle the CPU on load so much that I can do barely anything worthwhile. It's even lagging when watching videos. @frameworkcomputer what good is a repairable Laptop, if the firmware sucks? Even if you are able to fix the firmware, how long will you provide bug fixes for your older models?#framework #framework12
(DIR) Post #AsxAfeYzZ9qkii6Ls8 by apreiml@fosstodon.org
2025-04-10T15:37:49Z
1 likes, 0 repeats
@frameworkcomputer please fix this and provide the means so that the OSS community can also take care of such problems themselves in the future.
(DIR) Post #AtRnNfd9AavyIvi5AG by apreiml@fosstodon.org
2025-04-25T10:29:07Z
0 likes, 0 repeats
efibootmgr works well for me.Pro tip: Have a `fix-boot.sh` script ready on your /boot partition that recreates the boot entry, if something messes up your EFI configuration.
(DIR) Post #AyVjjjVm5bb41Y5e4G by apreiml@fosstodon.org
2025-09-23T18:52:00Z
0 likes, 0 repeats
I'm glad that the editor war is now finally over after everybody has realized that vim is the better editor.
(DIR) Post #B0hTclQxXRr84joHMe by apreiml@fosstodon.org
2025-11-28T09:10:46Z
0 likes, 0 repeats
Can someone recommend a good terminal emulator for use in a tiling window manager?I've switched from alacritty to ghostty, but ghosttty seems to hang sometimes and sometimes it doesn't react to hotkeys (Ctrl+C et al.).I just want it to be as robust as possible.
(DIR) Post #B2DDjamV9atSB4QMGu by apreiml@fosstodon.org
2026-01-12T15:00:23Z
1 likes, 0 repeats