Do you have a #cyberdeck for daily use?
Any cool gadgets or #techwear?
Souped up terminal prompt beyond oh-my-zsh?
Any other useful desktop apps which help you trough the day?
All the RGB you can fit into your room?
Preaching the gospel of #Arch Linux?
I kinda feel pretty un-cyber these days and was wondering…
The remaining problems are generally #browsers that haven't implemented #SSL/#TLS correctly, mishandling it when a visited URL includes the trailing dot. It sounds like #Safari - maybe only on #IOS? - is one of those. They report an invalid #certificate because the #URL of the page includes a trailing dot on the domain, while the CN in the cert doesn't have it (as those are always absolute).
We strongly warn against the currently proposed trilogue agreement, as it fails to properly respect the right to privacy of citizens and secure online communication; without establishing proper safeguards as outlined above, it instead substantially increases the potential for harm.
TIL you can show only the SAN list of a cert via openssl: echo| openssl s_client -connect www.bbc.co.uk:443 -showcerts 2>/dev/null | openssl x509 -noout -ext "subjectAltName"
I'd always parsed that out manually..🤦🏻♂️. #OpenSSL#TLS#InfoSec#DevOps#SysEng
I had to install #Git on a #Windows machine today and OH MY GOD I forgot how complex of a set up process it is. I went through it again just to count the unbelieveable number of steps it took:
License agreement.
Which components to install (includes proper nouns like "Git Bash", "Git LFS", and "Scalar"). Notably does not enable automatic updates by default.
Default editor for Git (doesn't include #Emacs as an option).
Very cool new Wireshark @wireshark feature "TLS Keylog Launcher" (1) can automatically set the SSLKEYLOGFILE environment variable (2), start an application/browser (3) and directly decrypt the data (4) so you can see the cleartext (5) of TLS connections. No need to manually configure the environment/file anymore. #wireshark#tls#encryption#network#security
It's basically a #Govware#Backdoor mandated into basically everything because in the end everything uses #SSL / #TLS (with fewer and fewer exceptions like @torproject#Tor )...
And since that would be mandatory, it would be trivial to plant false evidence under people.
#TLS in a private home network: is there anything being worked on to make this easier? The options seem to be:
get a valid cert using a purchased domain name and use it internally
become your own root CA and install root certs on each device
Both have significant downsides. But if you do neither you don't get that sweet sweet HTTPS that is needed for so many web features (webcam access, PWA, etc..)
Is any work being done to help improve this situation?