I don’t think ive heard about any privacy issues regarding modems. They convert your data into the Level 1 format so that it can be moved to the next hop. There isn’t really anything to spy on, and its very hardware dependent (hence no open source software that can standardize across each device). There might be open source modems out there, but your ISP probably doesn’t support them.
- 0 Posts
- 21 Comments
Joined 1 year ago
Cake day: June 16th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
As you wish. But maybe open up to some new perspectives.
What does a healthy opinion of F-Droid look like though? Lol
Well, then its still 2FA. Something you are and something you have.
The website has to build in support for them. Youll start seeing it more over time.
To be fair, you cant use the passkeys unless you are logged into your password manager, which requires a password you “know”.
2·2 months agoThis blog is specifically for websites that are public facing. Sure, you can wireguard into your local network, but you can also SSH into your local network. Either way you have to poke a hole.
Good read.
I would just like to add some additional information that favors changing your SSH port to something other than the default. When crawlers are going around the internet looking for vulnerable SSH servers, they’re more than likely going to have an IP range and specifically look for port 22.
Now can they go through and scan your IP and all of its ports to look for the SSH service? Yes. But you will statistically have less interactions with bad actors this way since they might specifically be looking for port 22.
1·2 months agoYes, verified boot will have out-of-bands alerts for you by design. Without the online component, you will risk not being able to detect tampering.
If the hardware is tampered, it will not pass the attestation test, which is an online component. It will fail immediately and you will be alerted. Thats the part of verified boot that makes this so much harder for adversaries. They would have to compromise both systems. The attestation system is going to be heavily guarded.
Compromised hardware doesn’t know the signatures. Math.
If the hardware signatures don’t match, it wont boot without giving a warning. If the TPM/Secure Enclave is replaced/removed/modified, it will not boot without giving a warning.
Thats correct. Thats one of the many perks.
Its more about protecting your boot process from malware.
Why exactly am I re-reading your post? Im in complete agreement with you? Should I not be?
It’s in the draft phase from what I can see.
Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.
If your device is turned on and you are logged in, your data is no longer at rest.
Signal data will be encrypted if your disk is also encrypted.
If your device’s storage is not encrypted, and you don’t have any type of verified boot process, then thats on you, not Signal.
Phishing emails exploiting people who click every link possible affecting millions of users worldwide.