Is there any type of third-party certification for closed source software, similar to how we have ISO9001 for quality management? I’d prefer companies provide their software as open source, however I can imagine cases where the software genuinely doesn’t do anything malicious but might still contain trade secrets that the...
Took them long enough. Most Linux distros have a simple toggle for Disk encryption for years. And as far as i am aware Apple has it too. And basically every mobile OS is encrypted by default as well. iOS and Android
There are even reported cases where Microsoft support used that tool to activate Windows Licenses when there are problems with the License of a customer.
You could use things like ray tracing to determine if one player can be seen by another on the serverside and only send packages when they can see.
But to resource heavy to do that.
Edit: Thinking about it, you simply have to render the whole map with all players server side and based on that determine which players can see each other and based on that send the information to the clients.
Passkeys are not passwords. When you authenticate using passkeys you will proof that you have the secret (passkey), but you will never reveal that secret to the service you are authentication against.
So even if someone is able to steal that package containing the answer, that answer will not be valid a second time.
The user does not need to understand it. A user does not understand https or hashing and salting. Still, every one of these is important these days for online security.
I am not a huge fan of passkeys themself, especially when the secrets are held by big tech, but they promise better security and protection against command n attacks like phishing.
Its like the key in the Chip. But yes fundamentally it is like that. Now the Key needs to be stored somewhere safe like in your Phones secure enclave or in the case of your credit card a so called smart card (or sim card etc.)
DoT also encrypts the request, so the ISP cannot spy on the Domain Name you have requested.
And thanks to Https the ISP only sees the IP address which cannot in every case be resolved to a unique Domain, especially large sites that are hosted on service providers like Cloudflare, amazon etc etc
That does not do much in practice. When a user is compromised a simple alias put in the .bashrc can compromise the sudo password.
Explicitly limit the user accounts that can login so that accidentally no test or service account with temporary credentials can login via ssh is the better recommendation.
Security by obscurity is no security. Use something like fail2ban to prevent brute force. When you use a secure password and or key this also does not matter much.
Who the hell is pulling the docker-compise.yml automatically every release? I find myself already crazy by pulling the latest release but the compose file is just a disaster waiting to happen.
The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.
Depends on the country you life in. And even in the USA it is to my knowledge not correct. They can try to crack it themself but you have not to comply.
The EU’s Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising....
Certification for closed source software
Is there any type of third-party certification for closed source software, similar to how we have ISO9001 for quality management? I’d prefer companies provide their software as open source, however I can imagine cases where the software genuinely doesn’t do anything malicious but might still contain trade secrets that the...
Windows 11 24H2 will enable BitLocker encryption for everyone — happens on both clean installs and reinstalls (www.tomshardware.com)
Worth the effort to obtain a copy of MS Office on the high seas? *SOLVED
It’s for my mother, who so far cannot stand LibreOffice.
Would this flow work with Immich & Syncthing to copy images and auto upload and delete?
I would like new images to be uploaded to Immich from my phone and deleted after 30 days automatically, so I was thinking about this flow:...
Tarkov studio claims it actually doesn't have the server capacity for everyone who bought the game for $150 to play its upcoming PvE mode, still wants players to pay extra (www.pcgamer.com)
Passkeys: A Shattered Dream (fy.blackhats.net.au)
*Cough Cough...* Chrome... *Chough*... (slrpnk.net)
What are common practice's for hardening/securing your server?
Immich v1.102.0 - ⚠️ Breaking Changes (OPT-IN ONLY) (github.com)
Cops can force suspect to unlock phone with thumbprint, US court rules (arstechnica.com)
The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.
EU tells Meta it can't paywall privacy (www.theregister.com)
The EU’s Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising....