Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 83 of 151.
Joanna Rutkowska @rootkovska
"not many people have inspected user namespaces and the various interactions with other parts of the kernel." https://t.co/iHjzisIpTc — PolitiTweet.org
jessie frazelle 👩🏼🚀 @jessfraz
Let's work together to future-proof & fix Linux kernel namespaces! It will take a village but we might have fun 🐧🔒❤️ https://t.co/pSLsJ…
Joanna Rutkowska @rootkovska
RT @jessfraz: Let's work together to future-proof & fix Linux kernel namespaces! It will take a village but we might have fun 🐧🔒❤️ https://… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@halvarflake In practice, most VMMs include I/O emu, etc, all into TCB, which brings us to the silliness you pointed out. But not all VMMs. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@halvarflake Consider e.g. the syscall/POSIX API interface vs. the hypercall interface. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@halvarflake Here I don't agree. The actual advantage one can get when moving to a higher level, is that interfaces get *simplified* there. — PolitiTweet.org
Joanna Rutkowska @rootkovska
This! https://t.co/VTO5rocrM8 — PolitiTweet.org
halvarflake @halvarflake
I am (in)famous for my opposition to soft mitigations - many do not stop attackers, but add unnecessary (and risky) complexity. Data point:
Joanna Rutkowska @rootkovska
@yawnbox Besides Twitter, I don't think the others scale well for use in bulletin-board like scenarios, no? (Not sure what semaphore is?) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Don't agree. Alternatives: 1. GitHub-hosted pages + Cloudflare. Other? https://t.co/MvXZ5Eh5Jk — PolitiTweet.org
zeynep tufekci @zeynep
Basically, if you're a small dissident group, you *have* to be on Facebook or Google platforms to avoid being censored via DDOS. #enigma2017
Joanna Rutkowska @rootkovska
"a tired sysadmin, working late at night (...) accidentally deleted a directory" https://t.co/6Zyh7oBvrj — PolitiTweet.org
The Register @TheRegister
https://t.co/cT94SUlKnN melts down after backup fail and data loss https://t.co/Rs7nw3yrGa
Joanna Rutkowska @rootkovska
(Although, I must admit I'm a bit surprised that you used a client-side enforcing for this "policy", @FastMail..) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Thanks! That's all I wanted :) (Might not be that "secret" anymore, though...) https://t.co/BgOhUb9IQr — PolitiTweet.org
FastMail @FastMail
@rootkovska @dlmetcalf However, there is actually a secret bypass: hold down alt+shift to enable the button. Just don't lose your keys…
Joanna Rutkowska @rootkovska
RT @veorq: Shamir's 15 predictions for next 15 years https://t.co/shBrYg1dHA https://t.co/hysEGbAWLT — PolitiTweet.org
Joanna Rutkowska @rootkovska
We need regulations to prevent selling IoT devices which cannot be used without a WAN connection. Or else no hope… https://t.co/6ACdBe1T4T — PolitiTweet.org
Joanna Rutkowska @rootkovska
Bought @netatmo weather station. Had a smart plan to let it access only isolated net (b/c mic). Turned out won't work w/o WAN access.. #WHY
Joanna Rutkowska @rootkovska
@FastMail If you are ok with the user removing the number, then why not introduce an option that let's the user skip this step? @dlmetcalf — PolitiTweet.org
Joanna Rutkowska @rootkovska
@FastMail Can you introduce an option of a recovery passphrase which I could store in a vault and use when loose the 2FA? Without SMS, ok? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@FastMail Can you please elaborate more on this, pls? I.e. what exactly happens when I (attacker) clicks "I lost my 2FA token"? — PolitiTweet.org
Joanna Rutkowska @rootkovska
Bought @netatmo weather station. Had a smart plan to let it access only isolated net (b/c mic). Turned out won't work w/o WAN access.. #WHY — PolitiTweet.org
Joanna Rutkowska @rootkovska
@iamcorso I really wonder why Intel didn't introduce a simple '--print-mrenclave' switch? @veorq @sweis — PolitiTweet.org
Joanna Rutkowska @rootkovska
@iamcorso We thought about it, but the format (although simple) is not *officially* documented, so subject to change :/ @veorq @sweis — PolitiTweet.org
Joanna Rutkowska @rootkovska
@BronGondwana otherwise the attacker will simply click "I lost my 2FA, please SMS me reset code". This would make me very sad. @toholdaquill — PolitiTweet.org
Joanna Rutkowska @rootkovska
@iamcorso i.e. I would like to get a #define with expected MRENCLAVE that I can use in some other code. @veorq @sweis — PolitiTweet.org
Joanna Rutkowska @rootkovska
@iamcorso Sure, I know. But Q was can I easily integrate it into a build process without modyfing the signer sources? @veorq @sweis — PolitiTweet.org
Joanna Rutkowska @rootkovska
@BronGondwana That's the job of recovery passphrase for the 2FA that you should give me. Look how GitHub does it. @toholdaquill — PolitiTweet.org
Joanna Rutkowska @rootkovska
#SGX Is there a way to calculate MRENCLAVE value at the build stage? /cc @veorq @sweis — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @dakami: We fight for him. And if you hate him, we will fight you, and we will win. https://t.co/ewfWwdRHZ7 — PolitiTweet.org
Joanna Rutkowska @rootkovska
@FastMail https://t.co/d0gLlaLCnO — PolitiTweet.org
Joanna Rutkowska @rootkovska
Also, a pity I can't use the (otherwise cool) "app passwords" to allow a less trusted VM to access my calendar but not email :/ @FastMail — PolitiTweet.org
Joanna Rutkowska @rootkovska
Silly, because this forces me to actually *weaken* the security of my account after I enable 2FA. https://t.co/junsNLpxZX — PolitiTweet.org
Joanna Rutkowska @rootkovska
Dear @FastMail, this is silly -- I want 2FA, but I don't want to be forced to give away my account to whoever can i… https://t.co/W3nZt5pCT1
Joanna Rutkowska @rootkovska
RT @rootkovska: Dear @FastMail, this is silly -- I want 2FA, but I don't want to be forced to give away my account to whoever can intercept… — PolitiTweet.org
Joanna Rutkowska @rootkovska
Dear @FastMail, this is silly -- I want 2FA, but I don't want to be forced to give away my account to whoever can i… https://t.co/W3nZt5pCT1 — PolitiTweet.org
