rq

@rq@borg.social

Your favorite Internet niche nanocelebrity.

Any content posted on legal topics is not legal advice. I am not an attorney.

Follow: vibe checked
Interaction: feel free to
DMs in particular: feel free to
Any off-fedi means of communication: good luck

Fair warning: I will put nearly 100 posts per day on your timeline occasionally; this happens regularly, sometimes up to weekly. If you follow, I kindly suggest that you take appropriate measures to cope with this.

signify pubkey: RWQxpp0dQTgmGveGmXoKq3YrTywY+rX7T9pgWdinGdrE+FxlB84LLZGr

fedi alt (only used if this instance goes down): @eoaiuastwg

avatar made by @ryuuka

All posts starting 2023-03-28 are made available under the terms of CC0 1.0 (https://creativecommons.org/publicdomain/zero/1.0/), wherever possible. Renotes and replies do not have any implications on the copyright status the renoted or replied-to material, which belongs and continues to belong to their respective rightsholders.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

niconiconi, to random

"filing a bug against Windows 95: When you earned the cloaking device on level 58 [in Wing Commander III] or something, you couldn’t activate it. [..] The problem was that the hotkey [...] was Ctrl+C"

LMAO ​:blobcatlul:​

rq,

@niconiconi oldnewthing is a gem

rq, to random

Race condition over UDP

rq, to random

I don't want to be a content creator. I want to be a content encryptor.

rq, to random

5 cryptographic practices that are actually safe (number 3 will surprise you)

rq, to random

Some people are more scared of elliptic curves than they are of parsing X.509 and I think that's profoundly hilarious

rq, to random

Verifying you are human. This may take a few seconds.

rq, to random

Idle thoughts on my idea for an seL4+HACL*-based hardware security module...

For monetary reasons, I'd probably want it to run on an AArch64 chip to save on the power bill, which seL4 recently got support for, but it seems unclear if it would do constant-time 64-bit multiplications (https://bearssl.org/ctmul.html). I think I'd consider power-analysis out of scope, but timing issues are absolutely critical. The threat model isn't physical attackers all that much. This kinda pushes me into the x86 corner and I'm unhappy about this because where am I supposed to source one that consumes reasonable amounts of power?

Then there's the question how I'd want to divide userland. I definitely need a block device driver and on top of that a filesystem driver. The fs driver needs to log all accesses to certain paths, which means I need a logger for the rest of the system. The logs probably get blasted over the network using RFC 5424 with a few tweaks to unfuck the sizes. Obviously, there's going to be a dedicated cryptography module. Then I need a network driver. Then I need an interfacer that takes commands from the network and turns them into a sequence of parse request -> read key -> read block -> log -> do cryptography -> (log error ->) send reply. Finally, I need to know what the current time is, so I also need an NTP server. Then all of these need to be loaded from somewhere, so I need a loader (that respects checks signatures on the binaries before loading). These then need shepherding in the form of a process manager and a service manager.

It needs journaling because it'd suck if the keys went away due to filesystem failure. It might need wear leveling depending on what block device I plop on there. The filesystem definitely needs extra checksumming everywhere because a key going bad is worse than a key going away, at least you notice the latter pretty easily.

rq,

I need a team of at least three people to do just this part lmao

rq,

Looking for a software developer. Requirements:

  1. Must be willing to work for free.
  2. Has at least one osdev project on some kind of software forge that doesn't look like it was thrown together in a week.
  3. Strong written communication skills in English.
  4. Has seen a non-x86 architecture at least once in their life.
  5. No aversion to writing C. May choose C++ where not interfacing with C libraries.

Looking for a hardware person:

  1. Must be willing to work for free.
  2. Somehow puts this together. I don't really know how you folk do your things, you get what I mean.

Looking for a security engineer:

  1. Must be willing to work for free.
  2. Checks that the software developer didn't put in exploitable code.
  3. Ideally has found at least one bug in software that isn't their own before.
  4. You can also keep the juiciest exploits and sell them to Zerodium or someone idfk, you're not gonna be making money off this shit anyway.

I offer:

  1. Absolutely zero pay. You will not find an employer paying worse.
  2. No deadlines!
  3. Stealing your source code under "work made for hire" doctrine.
  4. Fully remote work.
rq, to random

IBM PC/AT&T

rq, to random

A strange game. The only winning move is not to play.

rq, to random

ok what if we took gRPC

but somehow made it not Google

rq, to random

DevOps is a meaningful term

rq, to random

You were born to deploy Kubunetes clusters

rq, to random

https://16years.secvuln.info/

Sixteen years and we still can't escape the Debian OpenSSL bug.

rq, to random

When you hyperoptimize a section of the code for a problem only to later run into a problem for which you require the generic solution that you just threw away

rq, to random

Any Internet Draft can be a standard if you misunderstand IETF processes hard enough

rq, to random

/kick, ban, it's all in the mind

rq,

@dwarf qakill my beloved

rq, to random

Google results telling you to ask a legal professional but you are the legal professional ​:blobsweats:​

rq, to random

Daily 7am touch point meeting

rq, to random

What are the odds

I don't know, do I look like Laplace's demon to you?

rq, to random

RFC 9562: New UUID versions out now!

https://www.rfc-editor.org/rfc/rfc9562.html

rq,

@astrid It is expected that everyone who could possibly be affected by this won't be alive by the time it becomes a problem, thereby avoiding it

ezio, to random
@ezio@akko.wtf avatar

I swear today i will NOT wath anime all day

rq,

@ezio Yeah, YouTube also needs some love

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • kavyap
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • tacticalgear
  • cubers
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • osvaldo12
  • ngwrru68w68
  • GTA5RPClips
  • provamag3
  • InstantRegret
  • everett
  • Durango
  • cisconetworking
  • khanakhh
  • ethstaker
  • tester
  • anitta
  • Leos
  • normalnudes
  • modclub
  • megavids
  • lostlight
  • All magazines
    •