Disclaimer: The majority of this list was created pre-COVID. Many other organizations are likely hiring remote now.
| --- | |
| # Playbook to update SecureDrop VMs configured with the latest stable release | |
| # to use the release candiate packages from apt-test.freedom.press (rather | |
| # than apt.freedom.press). Updates the apt repo pubkey with a testing pubkey, | |
| # and alters the apt source lists to point to the test server. | |
| # | |
| # Steps to use this playbook: | |
| # | |
| # 1. `git checkout 0.7.0` | |
| # 2. Provision prod VMs. |
by Tatiana Mac
Last updated 14 April 2021
As speaking comes with immense privilege, I have crafted a speaker rider to set expectations and boundaries around my engagement. I am grateful to all the conference organisers who have brilliantly hosted me. I would love to continue to exercise this privilege to speak at conferences, and use this privilege to make the landscape more accessible and beneficial to tech's most historically excluded and marginalised communities.
😫 I provide a lot of explanations for those of you who never had to consider these things. Most thoughtful conferences I've attended check most of these boxes intrinsically, particularly when conference runners are experienced speakers. They get it.
| #!/usr/bin/env python3 | |
| # Utility script to copy SecureDrop staging VM connection info | |
| # from a "securedrop" repo to a "securedrop-workstation" repo, | |
| # formatted for use in securedrop-workstation provisioning. | |
| # The CWD where this script is run should contain: | |
| # | |
| # * config.json - which will has its "hidserv.hostname" and "hidserv.key" overridden | |
| # * sd-journalist.sec - containing the private key whose pubkey is on SD Application Server | |
| # | |
| # Also make sure the fingerprint is correct (staging by default is |
| #!/bin/bash | |
| # Utility script for Qubes OS, to prepare vidchat VMs. | |
| # Handles attaching web & mic, also raises scheduling priority | |
| # to ensure that the vidchat VM stays snappy (reduces jitter). | |
| set -eu -o pipefail | |
| # Default to vidchat, but support overriding | |
| default_vm="${VIDCHAT_VM=vidchat}" | |
| target_vm="${1:-$default_vm}" |
| """Extension responsible for VM readable hierarchical key value stores""" | |
| import qubes.ext | |
| def _sdkv_get_key(feature): | |
| branch = "sdkv." | |
| return feature[len(branch):] if feature.startswith(branch) else None | |
People who take my TLA+ Class get a free specification review. Cory Myers asked for a review of his Reply.tla spec, reproduced from the PR below, and has graciously agreed to let me make it public. The review itself is here.
Note this is a "light" review: I'm looking for general TLA+ antipatterns and techniques that don't require me to deeply understand the problem domain. This represents about an hour of review.
(These instructions are for QA testing/evaluation purposes only)
ID=0x680D16DE, Fingerprint=5069A233D55A0EEB174A5FC3821ACD02680D16DEapt-get install libccid pcscd to install VeraCrypt's dependencies. (apt --fix-broken install to resolve dependency issues).dpkg. (These instructions will refer to veracrypt cli on Linux. For GUI instructions or Windows CLI instructions, see https://www.veracrypt.fr/en/Documentation.html)./dev/sda)veracrypt -t -c and follow the prompts. The VeraCrypt documentation will guide you through some of the options; if unsure, it's generally best to use the defaults they provide. Read
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that