●● IRC: #techbytes @ FreeNode: Tuesday, November 24, 2020 ●● ● Nov 24 [03:46] *gry (~test@unaffiliated/gryllida) has joined #techbytes ● Nov 24 [06:50] *GNUmoon2 has quit (Ping timeout: 240 seconds) ● Nov 24 [07:12] schestowitz ce forgotten out of i [07:12] schestowitz
  • [07:12] schestowitz
    Evaluating Precursors Hardware Security
    [07:12] -TechBytesBot/#techbytes-www.bunniestudios.com | Evaluating Precursors Hardware Security bunnie's blog [07:12] schestowitz
    [07:12] schestowitz

    Hardware security is a multi-faceted problem. First, there is the question of can I trust this piece of hardware was built correctly?; specifically, are there implants and back doors buried in the hardware? We refer to this as the supply chain problem. It is a particularly challenging problem, given the global nature of our supply chains, with parts pulled from the four corners of the world, passing [07:12] schestowitz through hundreds of hands before reaching our doorstep. Precursor addresses this problem head-on with open, verifiable hardware: the keyboard, display, and motherboard are easy to access and visually inspect for correct construction. No factory or third-party tool is ever trusted with secret material. Precursor is capable of generating its own secret keys and sealing them within the hardware, without additional tools.

    [07:24] *GNUmoon2 (~GNUmoon@gateway/tor-sasl/gnumoon) has joined #techbytes ● Nov 24 [08:12] schestowitz >> This theme we've used since 2006 was never fluid and assumes screens at [08:12] schestowitz >> least as wide as 800px (otherwise scrolling). [08:12] schestowitz > Yes, layout has always been a problem with the site. :/ [08:12] schestowitz > [08:12] schestowitz >> Changing it would break lots of assumptions in actual posts, e.g. width [08:12] schestowitz >> of images we use and contents of documents with 
    .
[08:12]	schestowitz	> If there is an update someday, I do hope that TR will use relative
[08:12]	schestowitz	> measurements so that it is possible to scale.
[08:12]	schestowitz	That would be a trade-off, messing up the layout of some past articles.
[08:12]	schestowitz	>> Above the link "#boycottnovell log as text" the image/icon still links
[08:12]	schestowitz	>> to the HTML version instead of the text version
[08:12]	schestowitz	>>
[08:13]	schestowitz	> Thanks.  There was one left.  I'll check one more time with tomorrow's.
[08:13]	schestowitz	>
[08:18]	schestowitz	Seems perfect today
[08:20]	schestowitz	> I don't trust RPM-based systems not to fall over with updates.  Yet, it
[08:21]	schestowitz	> is past time to schedule something.
[08:21]	schestowitz	>
[08:21]	schestowitz	> $ sudo yum check-update | sed '/^$/,/^Obsolet/!d; //d;' | less
[08:21]	schestowitz	>
[08:21]	schestowitz	> $ sudo yum check-update | sed '/^$/,/^Obsolet/!d; //d;' | wc -l
[08:21]	schestowitz	> 316
[08:21]	schestowitz	>
[08:21]	schestowitz	> The upside is that it would clear the way to add HTTPS.
[08:21]	schestowitz	Yes, and either way patching something that's end of life in a matter of months might not be worth the risk. Better to start with a newer OS. And that takes a lot of work.
[08:21]	schestowitz	I'm waiting for the newly-provisioned machine to be dealt with.
● Nov 24
[17:12]		*rianne_ has quit (Quit: Konversation terminated!)
[17:12]		*rianne_ (~rianne@host81-154-173-112.range81-154.btcentralplus.com) has joined #techbytes
● Nov 24
[18:42]		*rianne__ (~rianne@host81-154-173-112.range81-154.btcentralplus.com) has joined #techbytes
[18:42]		*rianne__ has quit (Client Quit)
[18:42]		*rianne_ has quit (Read error: Connection reset by peer)
[18:42]		*rianne__ (~rianne@host81-154-173-112.range81-154.btcentralplus.com) has joined #techbytes
● Nov 24
[20:59]		*GNUmoon2 has quit (Ping timeout: 240 seconds)
● Nov 24
[21:47]		*GNUmoon2 (~GNUmoon@gateway/tor-sasl/gnumoon) has joined #techbytes