LaoC
@LaoC
Best posts made by LaoC
Latest posts made by LaoC
-
RE: A fool and his not-really-money are soon parted
@dkf said in A fool and his not-really-money are soon parted:
any con where you are feeling excluded (intentionally or otherwise) is a terrible experience
I'm sure any con will feel right at home on a crypto con.
-
RE: A fool and his not-really-money are soon parted
Some snark to behold.
And the Lord looked down upon the crypto bros and He was grieved in His heart. So the Lord said, "I will send down upon thee a flood to wash out thy crypto conference."
*"Liquidity" jokes abounded as attendees posted footage from the TOKEN2049 floor showing people tiptoeing about in ankle-deep water. *
-
RE: UI Bites
Nice try, OVH, but could I interest you in [% $TemplateSystem %] written in {{ .language_of_the_day }} that will be so much easier than your current <shit>?
-
RE: The Official Funny Stuff Thread™
@Arantor said in The Official Funny Stuff Thread™:
@homoBalkanus gh as in enough, but not as in though or bough.
Ah, I was wondering what that JGHIGH format was supposed to be.
-
RE: Nope, you eat it
@Benjamin-Hall said in Nope, you eat it:
@Arantor I guess it's better than trying to oxygenate water and ending up with H2O2.
But it's healthy!
Don't forget your all-natural antioxidants though. -
RE: Hacking News
@Bulb said in Hacking News:
@HardwareGeek linked an [article] in Hacking News that said:
There are instances where this vulnerability can be exploited without the need to compromise a server in advance.
One such case is the use of SSH keys for signing Git commits. A common setup involves using Pageant, the ssh-agent of PuTTY, locally and forwarding the agent to a development host.
Here, you configure Git to use OpenSSH to sign Git commits with the SSH key provided by Pageant. The signature is then generated by Pageant, making it susceptible to private key recovery.
Who in their right mind does that‽
Git commits should be signed by keys that are part of some public key infrastructure, but SSH doesn't have any method of signing certificates or even certificates at all.
It does. SSH certs are little known although they have existed for a decade or so. (Ed )
Although it doesn't sound like they were being used in this scenario.NIST P-521 curve
Has anybody already started using that? I've been using the smaller ed25519 curve for over a decade, but still have to have an RSA key for quite a few systems that don't support it.
I see no reason to switch. Supposedly the algorithm is faster (which doesn't matter at all in SSH), but DJB & Tanja Lange say it's crap and quite a few things coming out of NIST turned out to be smelly so I would prefer not to.
-
RE: Nope
@DogsB when something is literally orders of magnitude (10x or 100x) more expensive than another variety of something, you can be almost certain that it is not that amount of times better.
At that stage, the price difference is purely a marker of "I can afford it" rather than quality.
The best status symbols have negative use value, like gold leaf on your dessert that tastes either like nothing or like tinfoil, a Lamborghini on a Lao city street, or a diamond ring that never leaves the safe.
-
RE: Nope, you eat it
Sure, you get the barbecue food delivering itself to your camp for free, but still, nope.
-
RE: WTF Bites
It decided that not only should it install that, it should also ruthlessly prune things it thinks are out of date, like
slightly not current versions ofPHP.