Posts by hcf@infosec.exchange
(DIR) Post #AxffK9QXf05lBkn8uO by hcf@infosec.exchange
2025-08-29T19:02:49Z
0 likes, 0 repeats
@stux The requirements.txt was introduced for a reason
(DIR) Post #Ay4XxwiOOv5wfGbVmi by hcf@infosec.exchange
2025-09-10T19:08:13Z
0 likes, 0 repeats
@mrclon @Lemonid Да и флайт радар, по-моему, с задержкой обновляется, может даже специально. Скорей всего, специально. И именно из этих соображений, против таких террористов.
(DIR) Post #AyDfwofm78cRNGcsIS by hcf@infosec.exchange
2025-07-12T21:38:39Z
0 likes, 1 repeats
This is cool! #Mastodon can #markdown. Let me try...FormattingBullet points are usefulTo list stuffAnd I can bold the wordsI can quote your messageSo I can reply with a reference.Tables| Syntax | Description || ----------- | ----------- || Header | Title || Paragraph | Text | Code blocksfor (int i=0; i < n; i++) { // do something a = b *c*;}
(DIR) Post #AyDjVCQeazQulEdjlY by hcf@infosec.exchange
2025-09-15T05:29:54Z
0 likes, 0 repeats
@mrclon Yeah, I noticed that too. Also, I think it depends on the client you use. It's purple in web but plain no color in #Moshidon or #Tusky. # Let's try a title(I'm just trying, let's see)And as this is a pretty old post later I was told I'm not on a vanilla Mastodon instance but on a so called Glitch Soc mod.
(DIR) Post #AyaZA9d7TbxuqvimXI by hcf@infosec.exchange
2025-09-26T01:19:35Z
0 likes, 0 repeats
@omgitsmishenka Т.е. значит, если я без определенного места работы, или жительства, мне записаться будет нельзя? Прав не имею, и профессия мне не светит?
(DIR) Post #Ayn2M2rhgNYZum5HTU by hcf@infosec.exchange
2025-10-02T06:02:44Z
0 likes, 0 repeats
@omgitsmishenka @vint Если хорошо продаётся, то почему бы и не продавать. Свободный рынок.
(DIR) Post #Az4L3DzZI3i3jpowt6 by hcf@infosec.exchange
2025-10-10T14:35:22Z
0 likes, 0 repeats
@alrs @aria The idea of Proton is encrypted storage of your email messages. From a user perspective it's simply a password but what is happening under the hood is pretty clever. All decryption is done on the user's device. So nobody, not even Proton, can read your messages. That's why IMAP cannot be used directly. IMAP is too basic and very old protocol, it was designed to access plain text mailboxes on remote servers. It can't be used if the remote data is encrypted and you want to decrypt it on the device locally (privately)
(DIR) Post #Az4QkgSJq1cgEvoL7w by hcf@infosec.exchange
2025-10-10T15:39:11Z
0 likes, 0 repeats
@alrs @aria The web app is running locally in the web browser on the device too.
(DIR) Post #Az4Vi9Aj7BS4ChBxoW by hcf@infosec.exchange
2025-10-10T16:34:46Z
0 likes, 0 repeats
@alrs @aria If curious you might want to find and read respectable papers rather than taking it from a rando on the internets (me). But in short, in cryptography there's a way to prove that you know your password without the other side knowing the same password. It's called Zero-Knowledge Password Proofs, or ZKPP for short.
(DIR) Post #Az4lsdkZsYwrCdzDpg by hcf@infosec.exchange
2025-10-10T19:35:53Z
0 likes, 0 repeats
@alrs @aria How does it keep stored email "unreadable" to Proton? When you prove that you own your password, effectively authenticate yourself, the server lets you (your web app) download an encrypted blob that contains your keys, that you decrypt locally with your password. Then the same way you can download encrypted blobs with emails and decrypt them locally with the keys you just obtained. Proton still doesn't, and doesn't have to, know your password.why is it that I can access stored email via password over web but not IMAP?IMAP is an outdated protocol. It wasn't intended to manipulate encrypted data or do key exchanges. The max you can do with it is to encapsulate it into the TLS. But even in that case IMAP needs an agent on the other end that can manipulate messages in mbox format. But mbox is a plain text file which is not acceptable in this zero knowledge model.
(DIR) Post #Az4odyxf2CPkVSoAZE by hcf@infosec.exchange
2025-10-10T20:06:56Z
0 likes, 0 repeats
@alrs @aria The user didn't use VPN therefore got their IP exposed. But this horse has been dead for quite a few years already. I'm not getting into this discussion.
(DIR) Post #B0a8RV4UZi4F00MxbE by hcf@infosec.exchange
2025-11-24T20:12:43Z
0 likes, 0 repeats
@johan @shuro @ashed Ит'с шайн бус хальтен штелле, тут вам не инглиш
(DIR) Post #B0aArhjwIQFTj9NY24 by hcf@infosec.exchange
2025-11-13T00:07:59Z
0 likes, 0 repeats
@johan I wonder how to translate this sentence to English preserving its humor if at all possible 🤔
(DIR) Post #B1Q3wHUEjjBCIDBYeG by hcf@infosec.exchange
2025-12-19T21:11:32Z
0 likes, 0 repeats
@Chia @wthinker Меня эти всякие ваши "итоги года" всегда вгоняли в уныние. Какое их вообще собачье дело, сколько я потратил или заработал. Какие я песни слушал. Что ел. Что искал. Чем интересовался. Хитите меня носом утереть, как подробно меня трекаете своим аппом, чтоли?
(DIR) Post #B2HuCU4EAX8cSX0wXA by hcf@infosec.exchange
2026-01-14T20:54:00Z
0 likes, 0 repeats
@johan @shuro @oleg_ru @wthinker Из американского фольклора подслушал:Пробив колесо в километре от шиномонтажки...Невезучий восклицает: ох, до шиномонтажки километр!Везучий восклицает: ха, до шиномонтажки километр!
(DIR) Post #B2YIg4LRb5OGXGcHXE by hcf@infosec.exchange
2026-01-22T17:01:00Z
0 likes, 0 repeats
@shuro Окрашивание говна в приятные тона, это мозг пытается преодолеть когнитивный диссонанс и хоть как-то функционировать. Тут, в общем-то, мало места для свободы выбора для каждого индивида.Крайний пример: дети, родившиеся во время войны и не видевшие другого образа жизни, не могут знать об "а чо, так можно было чтоли?"