osy

TPM provides zero practical security

TPM (Trusted Platform Module) is as useful for preventing real attackers as the TSA is at preventing real terrorists. The architecture is fundamentally flawed and most existing implementations are completely broken. I thought this argument was settled decades ago[1] when "trusted computing" was introduced mostly as a way to provide DRM and ownership capabilities to organizations. It has largely failed to impact the consumer market when it was introduced back in the early 2000s. However, recently there seems to be a movement by certain parties to reintroduce this failed product back to the market. Microsoft argues that in order to use Windows 11, you need TPM 2.0 compatible hardware because[2]:

The Trusted Platform Module(TPM) requirement ena

alexander-hanel

Learning Rust

Rust has kind of a steep learning curve but fortunately the Rust community has created some amazing resources for it. The approach I have taken is an iterative one using the following five resorces.

1. The Rust Programming Language
2. Rust by Example
3. Introduction to Programming Using Rust
4. rustlings
5. Learning Rust by Working Through the Rustlings Exercises

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

christophetd

# Ensure the AI services opt-out policy type is enabled on the Organization
resource "aws_organizations_organization" "organization" {
  enabled_policy_types = [
    # ...
    "AISERVICES_OPT_OUT_POLICY"
  ]
 }

# Create the AI opt-out policy
resource "aws_organizations_policy" "ai-optout" {

steven2358

FFmpeg cheat sheet

A list of useful commands for the FFmpeg command line tool.

Download FFmpeg: https://www.ffmpeg.org/download.html

Full documentation: https://www.ffmpeg.org/ffmpeg.html

Basic conversion

xrstf

Let's Encrypt on Ubuntu 14.04, nginx with webroot auth

This document details how I setup LE on my server. Firstly, install the client as described on http://letsencrypt.readthedocs.org/en/latest/using.html and make sure you can execute it. I put it in /root/letsencrypt.

As it is not possible to change the ports used for the standalone authenticator and I already have a nginx running on port 80/443, I opted to use the webroot method for each of my domains (note that LE does not issue wildcard certificates by design, so you probably want to get a cert for www.example.com and example.com).

Configuration

For this, I placed config files into etc/letsencrypt/configs, named after <domain>.conf. The files are simple:

grugq

Simple Security Guidelines

Using an iDevice? (Best option)

• Use an iPod or an iPad without a SIM card
• Use an iPhone
• Do not jailbreak
• Always upgrade to new iOS versions
• Use Brave browser

Need Secure chat?

DmZ

#!/bin/sh
 
if git rev-parse --verify HEAD >/dev/null 2>&1
then
    against=HEAD
else
    # Initial commit: diff against an empty tree object
    against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
fi
 

plentz

# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048