aussiematt

joined 1 year ago
[–] aussiematt@lemm.ee 5 points 1 year ago

Then change the title of the post to something open-ended like "How vulnerable is Lemmy to DDOS attacks?". Taking out a major node which hosts many key communities is going to have an adverse impact.

[–] aussiematt@lemm.ee 6 points 1 year ago (1 children)

Jimmy clearly ripped off my website. His website even has my name in the contact information at the bottom! The gall of some people...

[–] aussiematt@lemm.ee 11 points 1 year ago (3 children)

It looks really good, just like one I set up recently myself...

[–] aussiematt@lemm.ee 1 points 1 year ago

The TOTP feature in Bitwarden works, if you paste in the whole otpauth:// URI to Bitwarden's Authenticator Key (TOTP) field. The URL specifies that the hashing algorithm should be SHA256. If you just import the secret= value into Authy, it probably defaults to using the SHA-1 algorithm, which may be why the codes generated by Authy don't work.

SHA256 is more secure than SHA-1, which I guess is why Lemmy has chosen to use it for its 2FA feature.

[–] aussiematt@lemm.ee 21 points 1 year ago (2 children)

It would have to be Gödel's Incompleteness Theorem. Such a beautiful proof that shakes mathematics to its core.

The science communicator Veritasium made a nice video about it: https://youtu.be/HeQX2HjkcNo

I first learned about it in Douglas Hofstaedter's masterpiece Gödel Escher Bach: An Eternal Golden Braid

[–] aussiematt@lemm.ee 20 points 1 year ago

Ah, the nouveau "landed gentry" has arrived... :-)

[–] aussiematt@lemm.ee 9 points 1 year ago

just goes to show: size is relative :-)

[–] aussiematt@lemm.ee 6 points 1 year ago

Thanks for the resources. I'm old school, and so far haven't really looked into Rust; I look forward to watching the talk you linked to.

[–] aussiematt@lemm.ee 16 points 1 year ago (8 children)

When I compiled that program, the executable was around 10MB. I wrote the same program in C, and the executable was 15kB. That's about 3 orders of magnitude difference. Is Rust really 1000 times better than C? :-)

[–] aussiematt@lemm.ee 26 points 1 year ago (1 children)

He called Zuck a cuck?

princess-bride-meme

[–] aussiematt@lemm.ee 3 points 1 year ago

Very good. I think a feature where a user can revoke all their cookie sessions is still worthwhile, and maybe I'll look at raising a feature request for that, but it is good to know that cookies stolen during the recent hack have already been addressed.

[–] aussiematt@lemm.ee 6 points 1 year ago (2 children)

It seems there is no way in Lemmy to invalidate all your session cookies? Without that, how can you secure an account which has a stolen session cookie?

 

My Google Pixel 2 was abandoned my its maker a few years back, stranded on Android 11. Today I found it again as I was rooting around in a drawer, and decided to see if it could be given a new lease of life through a custom ROM.

Many of the more recent privacy-related custom ROMs such as GrapheneOS, CalyxOS and iodéOS do not support the Pixel 2. I did discover the LineageOS does support it, so my next topic to research was how to provide Google Play services to those apps which require it.

The official LineageOS supports the installation of the Google Apps suite. However, as I am trying to de-google my life, I came across a fork of LineageOS that supports the microG implementation of google services, similar to how CalyxOS and iodéOS do it.

The installation process didn't look too difficult, so I prepared the phone my unlocking the boot loader, installed a recovery image, and tried to flash the phone. It just sat there, saying it was "verifying the image", with no apparent progress. I tried different cables with both my linux machine and my Mac, but no joy.

Eventually I discovered that using USB-C to USB-C cables can be problematic. With my Mac, there is no choice, but my linux server still has some USB-A ports. I found a USB-A to USB-C cable, and it turned out this was the missing magic. The LineageOS for microG image was flashed to the phone, and I was up and running in short order.

I put my Bitwarden password manager on the phone, and then hit a snag when it tried to do 2FA with my Yubikey. I was half expecting this, not sure whether Fido2 WebAuthn 2FA would be possible. I tried installing the chromium-based Brave browser, and found that together with the microG services, I was able to successfully authenticate with the Yubikey via NFC.

I am very happy that I managed to get my old phone working again with an updated de-googled OS. In the coming days I'll experiment some more to see what else is possible.

view more: next ›