Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 62 of 151.
Joanna Rutkowska @rootkovska
@XenoKovah E.g. many XSAs are issued for things such as h/v memory leaks (which are pretty harmless) or things whic… https://t.co/XakPAcnvjy — PolitiTweet.org
Joanna Rutkowska @rootkovska
@XenoKovah Of course I do :) See: https://t.co/zSHrHqEULW — PolitiTweet.org
Joanna Rutkowska @rootkovska
@XenoKovah Heh, no my point was that not every CVE counts the same, and thus it's often rather pointless to count them. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@GyrosGeier @debian @DrWhax But main Q is if the actual ISO/installer building are deterministic also? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@GyrosGeier @debian @DrWhax Install ISO does not need to contain all packages. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@DrWhax @debian @Tails_live Sure thing, but I'd appreciate it more if I could see that N *other* people/orgs also got the same hash... — PolitiTweet.org
Joanna Rutkowska @rootkovska
@DrWhax @debian Perhaps it's time then, for you guys to start publishing *multiple* signatures (by various people)… https://t.co/LDlBCz7mKg — PolitiTweet.org
Joanna Rutkowska @rootkovska
@DrWhax @debian This suggests it should be easy to compose some Debian installer ISO which builds deterministically… https://t.co/kUvAQdZm3X — PolitiTweet.org
Joanna Rutkowska @rootkovska
@DrWhax @debian Isn't that the case for the latest stretch-based Tails though? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@debian @DrWhax Do (some of) the install ISOs also build deterministically now? — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @EFF: European Parliament Committee recommends end-to-end encryption for all electronic communications https://t.co/vJ4gdo8dFY — PolitiTweet.org
Joanna Rutkowska @rootkovska
@XenoKovah See also: https://t.co/nktkK1cTxW — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @CopperheadOS: Not aware of any available mobile device other than Nexus / Pixels where an OS like CopperheadOS can be installed with fu… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @CopperheadOS: Google ships devices with unlockable bootloaders while still having full verified boot, and offering that to third party… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @laparisa: TFW when your brain has too many tabs open. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Enno_Insinuator I really would love to see a "reasonable default" for an MMU ;) Or for IOMMU ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@hanno Do you realize how subjective, vague & volatile the term "(un)needed" is? E.g. I think computers are unneeded, really ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@CodesInChaos @Ctzn5 @halvarflake Good point. But that somehow falls into the scalability problem, right? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@iLikeTheShower @io_r_us Don't agree the effort is useless: 1. https://t.co/FObjX41SrN 2. Even w/o #1, most of your… https://t.co/A4b0RXkIHe — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @Ctzn5: @rootkovska @halvarflake my usual retort to people who disagree is "ok, try and separate obscurity and entropy. i'll wait" — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @Ctzn5: @rootkovska @halvarflake related, my fave is "security by obscurity isn't security". sure it is. the problem is obscurity doesn'… — PolitiTweet.org
Joanna Rutkowska @rootkovska
Just like there are no simple truths about what makes things beautiful, likewise there are no simple "laws" which'd assure security. #IMHO — PolitiTweet.org
Joanna Rutkowska @rootkovska
I could go on with the list almost to no end. E.g.: - Linux (OpenBSD :P) vs MS-DOS - network filtering - Authentication & authorization — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Ctzn5 @halvarflake See last para in: https://t.co/dJpynfvwWo — PolitiTweet.org
Joanna Rutkowska @rootkovska
Directly inspired by thread: https://t.co/ym8oGiwXsj — PolitiTweet.org
halvarflake @halvarflake
Observation of the day: There are tons of short, clever-sounding but wrong "truths" about security.
Joanna Rutkowska @rootkovska
Obviously that doesn't mean that complexity _adds_ security. Only that general oversimplifications in infosec are often worthless. — PolitiTweet.org
Joanna Rutkowska @rootkovska
"Complexity is enemy of Security"... Now think: - MMU - ASLR, seccomp, etc - crypto protocols ...all add complexity! #InfosecTruthsThatArent — PolitiTweet.org
Joanna Rutkowska @rootkovska
@TimelessP I see. That's quite surprising, though ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@TimelessP ? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@halvarflake My fav is: "Complexity is always bad for security". Now think about SSH vs. Telnet. Or a protected memory (MMU) CPU vs 8086. — PolitiTweet.org
