- 0 Posts
- 28 Comments
Joined 2 years ago
Cake day: June 18th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Probably saw this in passing. It doesn’t seem to indicate fully broken just this instance.
https://www.reddit.com/r/math/comments/wc4gkx/supersingular_isogeny_diffiehellman_broken/
Similar to a diffie-hellman key exchange maybe? https://en.m.wikipedia.org/wiki/Diffie–Hellman_key_exchange
I believe this has been broken but that is the general gist.
I believe I understand what you want. “Zero” login. So when a user comes to your site or first boots up your app a private key gets generated locally. It will then do a handshake with the server, where that the server understands that these encrypted messages are from this user, this uniquely identifies the user, and also can be used for e2e.
Reference https://dev.to/spalladino/a-beginners-intro-to-coding-zero-knowledge-proofs-c56
Mozilla really needs the corporate ear. That’s what really did them in, google integrated into Active Directory group policy effectively making it a pretty good choice for corporate deployments. This would give leverage to have bigger donors. Outside of that is just to diversify but the vpn/privacy market is pretty saturated right now.
I would reconsider docker because if a specific application leaks some sort of shell access or system file access you’ll be protected out side of container host escalation.
Unrelated to security, I prefer docker because it leaves the server very clean if you remove different apps. Can also save time configuring more complex applications or applications that conflict with system libraries.
Add fail2ban on your list of applications it watches logs for invalid logins and puts them on firewall block rules after so many failed attempts.
I made the jump to a full server a few years ago and there’s some pretty high limits but you can get them spec’ed pretty low. Something like a dell r730 Single 8 core xenon 32gb ram and a couple tb of storage running 4-500$. They can be upgraded over time to be dual 16 core xenon 1tb ram and petabyte of storage.
I guess some perspective on some other comments here. I have a dell r720xd dual xenon’s 16 total cores 128gb ram it uses roughly 200watts per hour with the 11000w power supplies. it can get fairly loud when using lots processing power. I bought a 12u rack to mount it nicely in my office. It is also my guest bedroom, while everyone we have had doesn’t mind the noise not all guests would appreciate the white noise even with many of the cpu intensive stuff turned off and it as quiet as it goes. Fans full tilt would be obnoxious and hard to concentrate.
Having unit and automated integration tests backed by both requirements and high code coverage. As a lead I can verify that not only you made the change to support the requirements though these unit tests but also a really quick verification that other functionality may not have changed based on your large scale change. Helps a lot for significant refactoring too
Opensearch will be the most performant. Anything sql will likely start to stumble with lots of stories or really long stories where this is exactly what lucene based search engines (solr, elastic, opensearch) are designed to do. Could an SQL solution solve your problem, yes, but it may be a bit on the slow side as your amount of stories and size grows.