12·
25 days agoGo read the FIDO threat model if you want to understand how it protects against specific attacks. It is pretty secure.
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html
- 2 Posts
- 11 Comments
Joined 2 years ago
Cake day: June 26th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
It is hard to do well which is why I worry. Google probably has the best overall account security, you could fo worse than modeling after them.
The short answer to your question is Passkeys. But you need a whole system of account recovery around them.
I love Lemmy and Voyager and the Fediverse. That said, if it were to become mainstream I forsee some problems. The fact that the login relies on only passwords is pretty terrible. Also, this makes the service vulnerable to bots, sock puppet accounts, brigading, etc.
What are you scared of?
If you are worried your parents will see your browsing history, that is you threat model.
If your concern is government surveillance, you need to do more than just clear your browsing history.
2·1 month agoSource mod tools not to be confused with Sourcemod tools.
1139·1 month agoI feel like OP missed an opportunity to title this post “Fedora Flatpaks Fall Flat”
Great article, BTW
According to Framework support, there are no supported models as of yet.
I have a Framework 13 AMD running Linux Mint. It works great and I love it. Modular IO ports are super nifty.
Here are the downsides as I see them:
- Price
- No touch screen
- No wifi 7
I expect 2&3 will come in the future and I can upgrade! The fact that I can upgrade rather than throw it away in the future offsets 1.
A VPN transfers trust from the ISP to a VPN provider
Encrypted DNS does not stop ISPs from seeing the ip addresses of the websites you visit
For anonymity use TOR
I remember when SFC was first introduced, I excitedly wrote a script to invoke it remotely so I could use it on a user’s pc when they called to fix their problem. To this day I have never run that script. This was in 1998.
Typically the GPL covers the source code. Compiled, packaged and branded binaries are sometimes licensed separately. This is how Red Hat works for example.