udunadan

joined 1 year ago
MODERATOR OF
[–] [email protected] 1 points 1 year ago

Glad to be of use!

3
Summary: MTE As Implemented (googleprojectzero.blogspot.com)
[–] [email protected] 2 points 1 year ago

Absolutely no problem, happy if you liked it!

[–] [email protected] 1 points 1 year ago (2 children)

The issue had been made public only on July 25. The point of sharing the bug isn't notifying users to patch their browsers but to inform browser vulnerability researchers of a valuable data point.

[–] [email protected] 2 points 1 year ago

It was an ITW 0-day at the moment of reporting and has probably retained the issue header from back then which I had copied.

[–] [email protected] 2 points 1 year ago

Popped up on my Twitter feed somewhere

[–] [email protected] 1 points 1 year ago

Thanks for notifying us!

[–] [email protected] 6 points 1 year ago

The content is really bounded by tech stuff, but I guess that's due to migration being important for tech-savvy users. It is true that appending "reddit" to search queries and following the results is still inevitable (but hey, libreddit and teddit still work). But vibe is completely different, very organic, very active, I like it a lot. I think there is a lot of potential in this feeling of authentic communication. Let's hope it grows.

Lemmy is much better replacement for Reddit than Mastodon is for Twitter.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Well, the malicious actors can setup their own instances as well and exploit the inherent trust between the participants by design. P2P sold as security property in the scenario where participants are unknown and multiple in numbers is misconception. It does not square well with basic security mindfulness, and shouldn't be taken as improvement in that regard.

I think that federation and all this stuff is not about improving security, it is a form of grassroots communication based on certain principles. If you need security, you use other tools, and treat these things as public, hostile spaces.

[–] [email protected] 5 points 1 year ago (1 children)

Such guides should probably warn that instances run by volunteers do not have dedicated security teams and that OPSEC has to be adjusted accordingly. Not that centralized services are essentially safer (they are juicier targets), but nevertheless it is still important to remember.

view more: next ›