Shadow

joined 1 year ago
sorted by: new top controversial old
Cisco to lay off more than 4,000 employees to focus on artificial intelligence in c/[email protected]
[–] [email protected] 34 points 9 months ago (1 children)

Really kind of them to let their investors know first, rather than the people impacted. I bet morale there is wonderful.

Core NGINX Developer Forks Web Server Into Freenginx in c/[email protected]
[–] [email protected] 2 points 9 months ago* (last edited 9 months ago) (1 children)

For sure, most of the good discussion was on hacker news here: https://news.ycombinator.com/item?id=39373327 and https://news.ycombinator.com/item?id=39373612

Megazone is one of the F5 security people and posted here: https://news.ycombinator.com/item?id=39374312

Core NGINX Developer Forks Web Server Into Freenginx in c/[email protected]
[–] [email protected] 16 points 9 months ago (3 children)

After reading more into this, the dev sounds like he's being a twat.

Nginx had some security bugs in alpha code. F5 issued cve's for it, the dev didn't want them to because it wasn't code in a stable release. That's the entire story from what I can tell.

I don't feel like f5 was in the wrong here, and running off to raise a stink seems like an excessive response here.

Opnsense and one ethernet port in c/[email protected]
[–] [email protected] 3 points 9 months ago

It's perfectly effective, they become fully isolated from each other. Yes vlans would work if they're all on the same host. If they're not on the same host you would need a vlan capable switch, or at least one that'll pass tagged packets through.

Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi in c/[email protected]
[–] [email protected] 18 points 9 months ago* (last edited 9 months ago) (1 children)

Because MS designed Lenovo motherboard for them and told them where to put the tpm debug pins? I think you're casting blame at the wrong vendor here.

Doesn't matter how good the software is if the hardware vendor fucks up like that.

Tunnelling a port from a separate computer in c/[email protected]
[–] [email protected] 8 points 9 months ago* (last edited 9 months ago) (6 children)

Check out tailscale

You would configure your pi to be a subnet router it should be stupid easy to get going.

Three million malware-infected smart toothbrushes used in Swiss DDoS attacks in c/[email protected]
[–] [email protected] 27 points 9 months ago (1 children)

This is a fake story.

https://news.ycombinator.com/item?id=39277990

BitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM in c/[email protected]
[–] [email protected] 6 points 9 months ago (1 children)

Nope. Never. It's pretty impressive.

BitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM in c/[email protected]
[–] [email protected] 30 points 9 months ago (6 children)

You're being downvoted because this is a hardware problem and not Microsoft's fault.

Just look at the Xbox one mod chip scene and you'll see MS can do security perfectly well.

BitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM in c/[email protected]
[–] [email protected] 117 points 9 months ago* (last edited 9 months ago) (4 children)

Watch the video. It just means external to the CPU, not an external device.

They demo the attack on a Lenovo laptop in the first minute of the video.

Edit: nm I just realized that was a 10 year old laptop and they're in all the modern procs. I'm a lot less impressed now.

Sounds like intel has external and amd internal with their ftpm?

I’ve just turned 40. What advice would you older lemmy users give me? in c/[email protected]
Boeing flags potential delays after supplier finds another problem with some 737 fuselages in c/[email protected]
view more: ‹ prev next ›