We hypothesise that the production of fully entangled sheep is easy, given how hard it can be to disentangle their coats in the first place. The logistics of assembling the tens of thousands of sheep necessary to factorise RSA-2048 numbers is left as an open problem

Omg, I simply cannot! Thanks for brightening my day with this paper XD

“Wow, me too! Let’s go and fuck some shit up!, so that we are going to both hells!” XD

Are there any infos about what an attacker can do with this? The article didn’t say this. Remote Code execution? With the privileges of the app? Reading all files? Or only some? The impact information seems important here.

On big flash memory you typically have more memory on the chips, than ia presented to the OS. Flash has significantly less write cycles, before the block breaks, so the controller monitors the health and won’t use it anymore when it will soon fail. Instead it uses a block from its unused extra space. (Details might be different, I’m not sure about that). This way the lifetime of the SSD is significantly improved. SD cards do the same, I think.

So the data in the retired blocks will remain and cannot be overwritten by the OS. If they are encrypted and the keys deleted, that won’t matter

You can get the image SHA. If you then provide the corresponsig tag, that you used, an application could check if a new image is available. Or maybe if you use docker compose, the app could get the tag from the compose file, and even check for new tagged versions based on a specific pattern.

Wow, thats one kind of a project. I’m impressed. Though it doesn’t really fit my problem. It has to be something webbased, where everyone of us can use it without an app, without seeing each others information. From the github page it looks like a local tool. And also focused trading similar items. The presents in our secret santa are highly individualized, so randomly trading does not make much sense. And if the interface is too clunky, my non-tech siblings will just reject using it. I want to keep them from deciding for some free privacy nightmare app.

But I thank you for the suggestion. Its an interesting project

Security noob here. Would it be sufficient (in addition to only local authorized access) to directly put the file in an unprivileged container, watching its log output? And of course limiting resource use and execution time of the container (don’t know if common container tools like docker or podman have a way to limit resources out of the box)

So lets say a simple interface for the file upload behind an authentication service, based on lets say python cgi, ramping up an unprivileged nonroot docker container, killing the container after a fixed time (a few seconds).

That looks promising. And I can contribute with a translation for another language

I will try it, when I’m home again. The commit history starts and ends about 5 months ago, so yeah, probably not fully finished. Thanks for the suggestion

I run headscale on my VPS. The tailscale clients are already open source, though by default they connect to the companies servers for coordinating the net. Headscale is open source and replaces the companies servers with your own. Best to not rely on some corporate service, which could cease to exist or be enshittiefied.

Thats why other countries are doing it that way. The problem is, that the US system makes it very difficult to get an ID for its long list of undesireables. And with that I mean everyone, who is not white, heteronormative, cis and not-poor. If the US fixes these problems and issues IDs for every of its citizens, then requiring the ID for voting is a good idea. Unfortunately that is a big big If, carrying a lot of weight.

Eh, I’m pretty sure it is. Haven’t had Kodi running for a while, but I used it on a Raspberry Pi with an USB HDD with my content long before I had Jellyfin. Though it cannot stream the content over network, just display it on the machines video output (which is what media PCs do)

No, it was only focused on that one biometric. You can always just add another for security, though it is good to keep in mind, that bionetrics aren’t necessarily as secure as they are often marketed as. Fun fact: In the science fiction book “Qualityland” by Marc-Uwe Kling one biometric after another was shown to be insecure, leading to the people having do kiss their tablets/phones for authorizing money transfers, using OneKiss™, which is so more secure than other ways of authentication (trust me bro).

A few years ago I saw a talk how some hackers where able to fool arm vein scanners. I think it was a talk on the chaos communication congress

Ooohhhh, now I see that it is Ellen. I first thought it was Bernd Höcke, a current polititian for the nazi party AfD in germany XD

Sorr-, you are already way too deep in your rabbit hole. Nobidy of us will get you out there. Probably truth.social is a better platform for your views (judging from your profile).

The OP doesn’t say that they have a trademark. For me it sound as they don’t have one. Only a registered domain and the name of the software on github. The letter came on the grounds of the oponnents trademark.

Though having cash is not enough. The stores also need to be able to accept cash without internet usage. I think we had a case in germany a few years ago, where some supermarkets could not sell anything, because the servers, to which the local payment system connected (also uses for cash) didn’t work. Not sure, if that was because of a security incident.

In germany - I think - blood and plasma donations are most commonly done with the DRK (German Red Cross). I might be wrong, but DRK is not a for profit organization, but “gemeinnützig”. Organizations with that status get controlled by the government for it, so they are non-profit. I think the 25€ are an incentive to come and donate, just as the chocolate and drinks and the small goodies, that you get there. And you only can get the money, if you go to one of the fixed DRK locations. If the DRK comes to somewhere near you (as they often do with churches, town halls, schools and universities) you don’t get any money. I can at least believe, that these two are monetarily similar for the DRK. If you come to them, they don’t need to pay for getting the equipment and people to you. And providing incentives for donating blood is in effect a good thing, as they are working, thus we have more blood to save lifes.

Ofcourse actors later in the chain are probably profit oriented. Though there I would see the discussion disconnected from the donation. It is more about if we want profit oriented actors in healthcare.

And - as always - the US healthcare system seems to do the worst thing possible every time. Sorry, americans, don’t want to bash you, but capitalism…

An interesting customer base might be small communal organisations. At our local scouts troop I had a discussion with a friend, who is also in IT. His idea (not fleshed out) was to provide small local organizations with a stack of already configured open source software to support the typical needs of such organizations (like a wordpress website, a nextcloud for file storage and common calender, limesurvey for surveys and event registration, mailman3 for mailing lists,…). Depending on the needs you could sell the initial setup process (your personal work in setting up and skill transfer) or ongoing support. Though such organizations normally don’t have much money to give away. So probably its not really worth your time financially (though probably really appreciated in the community).