Profile cover photo
Profile photo
Konstantin Ryabitsev
905 followers -
Linux Foundation IT/security guy
Linux Foundation IT/security guy

905 followers
About
Posts

Optical illusions are speculative execution bugs in your brain.
Add a comment...

Post has attachment
I was thrilled to find the Wireguard client app in F-Droid! And I get ipv6 tunneling built-in. Nice.


Photo
Add a comment...

Post has attachment
Quick, who wants to do the math on the diameter of the electrical cable+insulation needed to safely push 75kWH in 5 minutes? :)

If possible, this most certainly won't involve humans at any step of the process. I envision some kind of platform that lifts from the floor and plugs directly into the vehicle.

Add a comment...

Post has attachment
I love it that it's being done in Sweden, because this means they will actually consider things like snow, ice and road salt. As opposed to things conceived in California, where such things are seen as bizarre corner cases.


Sweden tests roads that charge electric vehicles as they drive

http://flip.it/M6O8t9
Add a comment...

[root@pac-sjc-korg-edge-1.fe ~]# yum update
Loaded plugins: fastestmirror, versionlock
Loading mirror speeds from cached hostfile
* base: sjc.edge.kernel.org
* epel: sjc.edge.kernel.org
* extras: sjc.edge.kernel.org
* updates: sjc.edge.kernel.org

By golly, fastestmirror works. :)
Add a comment...

Signal Protocol and PGP overlap to a large degree, but you shouldn't think of it as a "more modern replacement for PGP." Moreover, Signal protocol does not fix any of the hard problems we have with PGP, like:

- how to bootstrap trust
- how to delegate trust in a way that scales
- how to securely manage keys
- how to improve the protocol while remaining compatible with old implementations

If you're looking at the Signal Messenger and saying "well, THEY did this somehow, because clearly it is both secure and usable," then you should keep in mind that Signal Messenger is just a walled-garden implementation of the Signal Protocol. You can have the exact same walled-garden experience with PGP if you set up an account on protonmail.com -- you'll be able to exchange PGP-encrypted emails with the same ease-of-use as with Signal... with the important caveat that it will only work when you communicate with another person who is also using protonmail.

I very rarely use PGP for encrypting emails -- in my mind, its niche is for code-signing. We still have the problems of bootstrapping trust, but with the recent move towards greater reliance on Trust-On-First-Use (TOFU) and Web Key Directories (WKD), I believe we'll eventually have a way to piggyback trust on top of the worldwide CA infrastructure while keeping the web of trust functionality for those people to whom it is essential.
Add a comment...

Post has attachment
Blockchain is crappy technology and a bad vision for the future

http://flip.it/0zsjWK
Add a comment...

Post has attachment
If you have a Raspberry Pi lying around gathering dust, you can turn it into a Tor relay node using this bootstrap script I adapted:

https://github.com/mricon/tor-relay-bootstrap-rpi

It expects to be running behind a residential router doing NAT translation, so will automatically tell it to forward the needed ports to the rpi.
Add a comment...

Post has shared content
uBlock Origin will also block WebRTC leakage of your IP addresses when on VPN, but firejail with netns (or virbr0) is a more wholesome way of doing it.
Konstantin Ryabitsev shows how to use VPNs and Firejail to protect your Internet traffic and how to test whether your setup is sufficiently secure:

https://www.linux.com/blog/learn/2018/5/how-and-why-secure-your-linux-system-vpn-and-firejail
Add a comment...

Post has attachment
More and more indication that Linux is on the way out of Android, to be replaced by a microkernel.

https://twitter.com/MishaalRahman/status/989568912768499713
Add a comment...
Wait while more posts are being loaded