I have a couple. One I use a lot, loaded with disinformation. Two are even
less complete, but rarely used.
I lost access to a fourth by accidentally trying to login over tor, and it
insisted on ID to unlock it...so I just ignore that one now.
On Fri, 1 Feb 2019 22:58:31 +
"'awokd' via
unman wrote on 2/1/19 4:05 PM:
On Mon, Jan 28, 2019 at 01:44:37PM +, 'awokd' via qubes-users wrote:
unman wrote on 1/27/19 5:21 PM:
(As an aside I'm always baffled by people querying
how they can use Facebook under Tor or Whonix. What are they thinking?)
There are good reasons for it.
On Mon, Jan 28, 2019 at 01:44:37PM +, 'awokd' via qubes-users wrote:
> unman wrote on 1/27/19 5:21 PM:
> > (As an aside I'm always baffled by people querying
> > how they can use Facebook under Tor or Whonix. What are they thinking?)
>
> There are good reasons for it. See
>
unman wrote on 1/27/19 5:21 PM:
(As an aside I'm always baffled by people querying
how they can use Facebook under Tor or Whonix. What are they thinking?)
There are good reasons for it. See
https://www.wired.com/2014/10/facebook-tor-dark-site/ for example. To
the thread's topic, using
On Mon, Jan 28, 2019 at 01:30:29PM -0800, goldsm...@riseup.net wrote:
> On 2019-01-28 19:46, billol...@gmail.com wrote:
> > On Monday, January 28, 2019 at 10:27:32 AM UTC-5, gold...@riseup.net wrote:
> >> On 2019-01-27 19:15, billol...@gmail.com wrote:
> >> > On Sunday, January 27, 2019 at
On 2019-01-28 19:46, billol...@gmail.com wrote:
> On Monday, January 28, 2019 at 10:27:32 AM UTC-5, gold...@riseup.net wrote:
>> On 2019-01-27 19:15, billol...@gmail.com wrote:
>> > On Sunday, January 27, 2019 at 12:22:03 PM UTC-5, unman wrote:
>> >>[snip]
>> >> Qubes provides a framework for
On Monday, January 28, 2019 at 10:27:32 AM UTC-5, gold...@riseup.net wrote:
> On 2019-01-27 19:15, billol...@gmail.com wrote:
> > On Sunday, January 27, 2019 at 12:22:03 PM UTC-5, unman wrote:
> >>[snip]
> >> Qubes provides a framework for using software - it doesn't take away the
> >> onus on
On 2019-01-27 19:15, billol...@gmail.com wrote:
> On Sunday, January 27, 2019 at 12:22:03 PM UTC-5, unman wrote:
>>[snip]
>> Qubes provides a framework for using software - it doesn't take away the
>> onus on users to use that software properly, and to ensure they are aware
>> of good practice.
On Sunday, January 27, 2019 at 12:22:03 PM UTC-5, unman wrote:
>[snip]
> Qubes provides a framework for using software - it doesn't take away the
> onus on users to use that software properly, and to ensure they are aware
> of good practice. (As an aside I'm always baffled by people querying
>
On Sun, Jan 27, 2019 at 02:37:16AM -0800, goldsm...@riseup.net wrote:
> On 2019-01-27 01:34, unman wrote:
> > On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote:
> >>
> >> Am I right in thinking that the recently discovered apt vulnerability
> >> (DSA 4371-1) in Debian based
On Sun, Jan 27, 2019 at 02:37:16AM -0800, goldsm...@riseup.net wrote:
> > 2/
> > Imagine that apt-transport-https *had* been adopted - have you actually
> > looked at the list of vulnerabilities in libcurlnd the various
> > breakages in the TLS CA system?
that. plus, apt is running as root and
On 20190127 at 01:34 + unman wrote:
> I would rule some things out. And in this case it looks like a simple
> mistake.
It could even be intention. Most of you do not think about the cost
associated with TLS (and growing with key lengths). But there always
were (and will be) discussions
On 2019-01-27 01:34, unman wrote:
> On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote:
>>
>> Am I right in thinking that the recently discovered apt vulnerability
>> (DSA 4371-1) in Debian based systems could and should have been
>> mitigated against many years ago by
On 2019-01-27 01:34, unman wrote:
> On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote:
>>
>> Am I right in thinking that the recently discovered apt vulnerability
>> (DSA 4371-1) in Debian based systems could and should have been
>> mitigated against many years ago by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 26/01/2019 7.34 PM, unman wrote:
> On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net
> wrote:
>>
>> Am I right in thinking that the recently discovered apt
>> vulnerability (DSA 4371-1) in Debian based systems could and
>> should
On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote:
>
> Am I right in thinking that the recently discovered apt vulnerability
> (DSA 4371-1) in Debian based systems could and should have been
> mitigated against many years ago by downloading and activating an apt
> package;
Le samedi 26 janvier 2019 à 04:39 -0800, goldsm...@riseup.net a écrit :
> If "apt-transport-https" is the magic bullet, why in the past hasn't
> it
> been implemented by default? And, why for the future, is it not being
> implemented immediately by Qubes, Debian et al?
Furtermore, very few Debian
Am I right in thinking that the recently discovered apt vulnerability
(DSA 4371-1) in Debian based systems could and should have been
mitigated against many years ago by downloading and activating an apt
package; "apt-transport-https", which forces apt updates via https? The
researcher (Max
18 matches
Mail list logo