Did my taxes via government website... And now I want to scream about #smartcard support on #Linux...
Why the hell login via identity card is so much pain every damn time?!?
This crate paves the way for convenient handling of #OpenPGP card User PINs, for users whose threat model allows persisting the PIN locally on the host computer.
If a User PIN is stored, applications can obtain it via this crate, and perform cryptographic operations without prompting the user for PIN entry.
Currently org.freedesktop.Secret is supported for storage.
This SSH agent explores an absolutely streamlined UX for doing ssh backed by OpenPGP card-based key material.
After persisting the User PIN once, like this: "$ openpgp-card-state put --user-pin 123456 0000:01234567", the ssh agent can be used without any user interaction.
Hey, it would be fun to have a #webassembly interpreter on a #smartcard! Load webassembly modules through a globalplatform channel, and have APDUs execute a predefined wasm export. Add ability to import code from other wasm library modules.
Just migrated my #offline#gnupg and #ssh key setup to a new #smartcard. This only took about 8 hours whereas when I last did this in 2015, it took much longer. I guess this is a sign of process! But these things are still too painful. At least now, the software just works right out of #Debian.
Deux épisodes de l'émission américaine "The Computer Chronicles" qui parle des technologies Françaises en 1990 avec le Minitel, la carte à puce et le TGV
So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus...
Teens Hacked #Boston#Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got Sued
four teens extended other research done by 2008 #hacker team to fully #reverseengineer "#CharlieCard," #RFID#smartcard used by Boston's #transit system. Hackers can now add any amount of money to a card or invisibly designate it a discounted student card, senior card, or even an #MBTA employee card that gives them unlimited free rides. "You name it, we can make it," says Campbell https://archive.ph/KjWsL#selection-527.0-527.90
I hope this gains similar traction as #FIDO2/#WebAuthn/#U2F/#CTAP support in browsers, especially with the recent push for #Passkeys, as smart cards are very widely deployed in orgs and slimming down the stack would definitely be a win here.
Just spent 2.5 shockingly productive hours debugging something in @keyoxide@keyoxide#keyoxide . It looks like Twitter might be blocking keyoxide.org -- or proxy.keyoxide.org -- from accessing the oembed endpoint that (I think) it presently uses for validating Twitter proofs. Or maybe the hosted version of the software at keyoxide.org is just older than the dev branch in the repo. I didn't see any recent commits concerning the issue though, so...
I'm curious to see if my suspicion turns out to be correct, or if my "productive" time... wasn't. Haven't felt this "tech-capable," if you will, in nearly a year. And I didn't want to yeet my computer into the garbage dump, a la Ron Swanson, either.
I also managed to put my #gpg subkeys -- on an #airgapped environment via #TAILS without connecting to any networks (yeah yeah, not technically a full airgap I suppose; but better than nothing) -- onto a newer #SmartCard earlier today. Well, "new" as in "I bought two of them nearly a decade ago on the assumption that one of them would eventually break," which... one of them did.
I did not follow #smartcard chips for a while now.
Are there freely programmable ones with #NFC + contacts that are not Javacards and let me do baremetal stuff w/o NDA bullshit?
Smartcard Setup Help-Request for RHEL8 Using Active Directory without IDM
So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus...