just trying lemmy
- 16 Posts
- 53 Comments
teri@discuss.tchncs.deto
Technology@beehaw.org•Google plans to begin verifying the identity of all developers who distribute apps on Android, even if it's outside the Play Store, starting September 2026
0·11 months agoIt might not be ready for everything but more than a dream it is: https://postmarketos.org/
teri@discuss.tchncs.deto
Technology@beehaw.org•Google plans to begin verifying the identity of all developers who distribute apps on Android, even if it's outside the Play Store, starting September 2026
0·11 months agoCan’t wait for PostmarketOS to be mature enough everyday use.
teri@discuss.tchncs.deto
Technology@beehaw.org•The air is hissing out of the overinflated AI balloon
0·11 months agoPropaganda seems still a business case for me.
teri@discuss.tchncs.deto
United States | News & Politics@lemmy.ml•Part 1.. If you still think the war in Ukraine wasn’t premeditated - read this: a U.S. blueprint to drag Russia into a costly war, published by RAND Corporation in April 2019
0·11 months agoSeems like this source is know for disinformation and propaganda: https://en.wikipedia.org/wiki/Pravda_network
Would like to know the content of that page.
teri@discuss.tchncs.deto
Technology@lemmy.world•Windows Is Adding AI Agents That Can Change Your SettingsEnglish
0·1 year agoThanks Microsoft for admitting that Wimdows sucks. You didn’t even try really.
teri@discuss.tchncs.deto
Technology@beehaw.org•European Commission Bans All Huawei-Affiliated Lobbying Over Corruption Allegations
0·1 year agoMaybe they should also ban lobbying by Google, Microsoft etc.
teri@discuss.tchncs.deto
World News@lemmy.ml•US Has No Real Targets in Yemen, and It's Costing Taxpayers Billions
0·1 year agoAnd it costs innocent people their lives or makes it at least very miserable. Yeah, what to spend billions for…
teri@discuss.tchncs.deto
Free and Open Source Software@beehaw.org•Using NoScript to selectively block JavaScript across all websites has opened my eyes to the sewers we wade through online
0·1 year agoUse uMatrix and see more sewage
teri@discuss.tchncs.deto
Technology@beehaw.org•Bubble Trouble - An AI bubble threatens Silicon Valley, and all of us.
0·1 year agoLet’s poke the bubble.
teri@discuss.tchncs.detoGeneral Programming Discussion@lemmy.ml•US, a risk for open source repos?
0·1 year agoIn m opinion this is a real risk. In case od Organic maps already started happening. The FOSS community should move away from github and consider alternatives like codeberg.org (germany) or self-hosted forgejo instances to mitigate the risk.
teri@discuss.tchncs.deto
politics @lemmy.world•Republicans calls for probe of Trump officials' Signal chat grow
0·1 year agoDoes anybody care about people in Yemen? Such a fuzz about a stupid group chat while the big story could also be the airstrike and murder of people. What happened in Yemen?
Generally seems an okay idea to me because it allows you to use the rust tool-chain and you can more easily achieve compatibility with other rust code. In fact, there’s other languages which do something similar. I remember F* (f-star) which compiles to OCaml.
teri@discuss.tchncs.deto
Fediverse@lemmy.world•The basics of the Fediverse. Facebook, Twitter, Tiktok, Reddit, ... vs the Fediverse. What do you think?English
0·1 year agoIn thie fesiverse graphic each person has exactly 1 connection to a fediverse thing. But in reality, there can be more. I guess in practice there are often more than one.
teri@discuss.tchncs.deto
Open Source@lemmy.ml•is there something about rust which precludes copyleft licensing?
0·1 year agoThere’s nothing stopping you from using GPL.
But there is a culture - I think even explicit - of using MIT or APACHE licensing. In some sense is okay, because it simplifies crate compatibility. But it comes at the cost of feeding the usual suspects who now obviously turn against humanity.
My unconfirmed suspicion is that there are forces behind (Google, Microsoft, Amazon, Meta) who like permissive licenses because this makes it easier for them to exploit the work of the public.
teri@discuss.tchncs.detoGeneral Programming Discussion@lemmy.ml•Request for comments on a encrypted messaging protocol I'm developing
0·1 year agoMaybe you could also consider to extend an existing good PQC protocol (for example https://signal.org/docs/specifications/pqxdh/) by adding a shared secret. The shared secret could flow into the key derivation functions which are used to derive the symmetric encryption keys. This way you would have quite strong guarantees (forward secrecy) as long as nobody can break the PQC algorithm and still some guarantee of confidentiality when somebody breaks asymmetric primitives. In the protocol you outlined now, there’s no forward secrecy. Meaning that once a key is compromised, all past and future messages can be decrypted.
teri@discuss.tchncs.detoGeneral Programming Discussion@lemmy.ml•Request for comments on a encrypted messaging protocol I'm developing
0·1 year agoInteresting :)
A few quick questions & comments:
-
I don’t quite understand “If all users accept the introduction, a list of contacts is sent for each contact pair. These contacts are not used for messaging to prevent more than two parties from having encryption keys.” (line 66) What exactly are the “contacts”? Is it the same data as defined on line 8? Where do the encryption keys come from? Do initiators of introduction reveal encryption keys of their existing contacts?
-
After an introduction there’s the problem that newly introduced people cannot setup secret keys in a very clean way. Because this secret keys can be computed if an attacker gets hold of the introducer, has recorded traffic and is in possession of a large enough quantum computer (which you assume in your threat model). You therefore would need some sort of ‘upgrade’ mechanism which would allow either two people to meet in person to ‘upgrade’ their secure channel. Or you could add a asymmetric key-agreement or key-exchange on top (probably post-quantum algorithm).
-
I don’t quite get the combination of “HTTPS”, “Tor”, “symmetric crypto because of quantum computers”. Why HTTPS if Tor already provides confidentiality? HTTPS implies certificates, no? What about them?
-
What about nonces for GCM? How do you prevent replay attacks?
-
If you want to truly understand your protocol and get confident about it, I recommend studying something like this: https://tamarin-prover.com/ This allows you to model your protocol more formally, state your security claims and check if the protocol satisfies this claims :)
-









Begrenzung ist ein Vorwand. Es geht eigentlich um was anderes:
Treibende Kraft der Initiative: SVP
Die Zuwanderung in der Schweiz wird grossteils von Firmen verursacht die Arbeitskräfte brauchen. Diese Firmen werden gezielt durch Steueranreize angelockt. Treibende Kraft dieser Taktik: SVP. Die SVP hetzt dann gegen die “Ausländer” um Stimmen zu gewinnen. Widerspruch? Nein. Denn: es geht gar nicht um einen “Bevölkerungsdeckel” (der ist nämlich aus Gründen nicht mehr so hart sollte sich die Geburtenrate der Schweizer Bevölkerung steigern). Es geht darum dass Arbeiter:innen “illegal” in die Schweiz kommen und besser ausgebeutet werden können. Das drückt durch Konkurrenz auch die Löhne lokaler Arbeiter:innen. Gut für Reiche, Arbeitgeber, Konzerne. Die SVP macht schon immer Politik für Reiche.