@rootkovska Tweets | PolitiTweet

Joanna Rutkowska @rootkovska

@FrozenFire You mean, all these services under the USG jurisdiction, vulnerable to NSLs...? Or am I missing something? @DrWhax — PolitiTweet.org

Posted Nov. 11, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@FrozenFire But I don't know the *real* @DrWhax key -- I'm asking keybase to provide one. What stops them from faking this? — PolitiTweet.org

Posted Nov. 11, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@FrozenFire Who signs these proofs? @DrWhax — PolitiTweet.org

Posted Nov. 11, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@FrozenFire What is Keybase client? What does it mean for it to be trustworthy? @DrWhax — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@DrWhax Signed by... which key? — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@DrWhax Interesting, what makes you think keybase is a trustworthy service? What stops its admins from presenting fake keys to select users? — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@AndreaBarisani "thought otherwise"*, of course. — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@AndreaBarisani I haven't thought so even for a second, especially knowing how the USB Armory is designed ;) — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

Tamper-proof on endpoints is wrong. It prevents users from learning what code is there. #Transparency4Endpoints https://t.co/m7q2pCAwUu — PolitiTweet.org

Posted Nov. 10, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

BTW, another use-case for the Qubes' PDF converter ;) https://t.co/5b7tXq9pJO https://t.co/UIkpAdxqeH — PolitiTweet.org

Posted Nov. 10, 2015 Hibernated

Joanna Rutkowska @rootkovska

@alxmyst No, I don't think so. We'd rather go this direction: https://t.co/xh4mbEe5v2 @docker — PolitiTweet.org

Posted Nov. 9, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@ln4711 LOL ;) — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@mjos_crypto How compares to @cperciva's spipe? @solardiz @mtrojnar — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@solardiz What if a new version of ssh implements some new form of, say, X11 forwarding? @tehjh — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@solardiz Right. Still, don't you guys worry that need to pass a "full set of no-*" makes this a bit tricky? @tehjh — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@tehjh Interesting, wasn't aware you can do it per-key. — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@tehjh https://t.co/Upfkhnbn4K @mtrojnar — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@solardiz How does spipe differ from stunnel, socat? @cperciva @mtrojnar — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@tehjh https://t.co/287sxIBVSB @mtrojnar — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@JanStette I want stdin/stdout tunneling, but not necessarily granting one party authority (shell access) over the other. — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@rootkovska socat? stunnel? something else (but not ssh)? Also: cross-platform, pls. /CC @mtrojnar — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

So, which program's best to build an encrypted (+integrity-protected) channel over TCP/IP between 2 processes (stdin/stdout forwarding)? — PolitiTweet.org

Posted Nov. 8, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

Brad Spengler's critique of the Linux kernel security (and capitalism?). Worth a thought, especially the latter. https://t.co/C2izOS2Oo0 — PolitiTweet.org

Posted Nov. 8, 2015 Hibernated

Joanna Rutkowska @rootkovska

RT @memory_dump: @rootkovska I think in future we'll see our current omnivorous diet just like we see slavery today. — PolitiTweet.org

Posted Nov. 8, 2015 Retweet Hibernated

Joanna Rutkowska @rootkovska

@attractr can you explain in a tweet how does it compare to keybase.io? @DrWhax — PolitiTweet.org

Posted Nov. 7, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

@DrWhax because: 1) it's not automated, 2) requires an extra effort, 3) there is no tangible immediet reward nor punishment. — PolitiTweet.org

Posted Nov. 7, 2015 Deleted after 7 years Hibernated

Joanna Rutkowska @rootkovska

And BTW, congrats to Switzerland for generously granting women the right to vote in... 1971. — PolitiTweet.org

Posted Nov. 6, 2015 Hibernated

Joanna Rutkowska @rootkovska

Everybody should watch "Suffragette". And consider what some of us fight for today, that will be taken for granted in the next decades? — PolitiTweet.org

Posted Nov. 6, 2015 Hibernated

Joanna Rutkowska @rootkovska

RT @csoghoian: Linux needs to start taking security seriously. A fantastic long read by the WaPo's @craigtimberg https://t.co/A3Z9rmpyYQ — PolitiTweet.org

Posted Nov. 6, 2015 Retweet Deleted Hibernated

Joanna Rutkowska @rootkovska

My critique of the Xen security process: https://t.co/rkvFKNV7Wg — PolitiTweet.org

Posted Nov. 6, 2015 Hibernated