Recent searches

No recent searches

Search options

Not available on photog.social.
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
🌈 An inclusive place for your photos, silliness, and convos! 🌈

Administered by:

Server stats:

248
active users

photog.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.3

#https

4 posts4 participants1 post today
Dendrobatus Azureus

As I am browsing through the settings in firefox I see the odd setting of using it's own DNS over https enabled. My settings should be copied over from the account I use and I know that I've **never** turned this setting on.

I'm now on the SBC Pi5 running MX Linux Pi respin.

My own dns config is perfectly fine and Im changing it back.

Why is the firefox team doing this? IS there any protective benifit from having this setting on?

#InfoSec#AskFediverse#firefox
*
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

»HTTP/1.1 Must Die – It's time to acknowledge HTTP/1.1 is insecure«

Admittedly, I know pers. not how seriously you have to take this but I am only developing web servers set to HTTP/2.0, because HTTP/3 is not yet extensively supported.

🪦 http1mustdie.com

HTTP/1.1 Must Die - The Desync Endgame Begins
http1mustdie.comHTTP/1.1 Must DieUpstream HTTP/1.1 is inherently insecure, and routinely exposes millions of websites to hostile takeover. Join the mission to kill HTTP/1.1 now
#http#web#internet
*
Tommi 🤯

Can’t connect to public WiFi via Linux

I am using Fedora 42, and I am unable to access the captive portal of inOui TGV. I can connect to the WiFi with no problems, but I can’t get access to the Internet.

I have tried everything:

  1. Connecting to 192.168.1.1, to http://neverssl.com, to http://wifi.sncf via browser
  2. Running sudo dhclient -r and rebooting the device
  3. Running systemctl restart NetworkManager
  4. Also other stuff I tried in the past with other public WiFis. I am sure there is something wrong with my specific device configuration, it’s not this network.

Nothing works 😩

Can somebody who understands this stuff help me?

#help#mastoAiuto#Linux
Replied in thread
*
Erik van Straten

@jwildeboer : modern certificates are used for authentication only, not for secure connections.

OTOH, if you have no certainty that your software is communicating with the server you intended, a secure connection to it is pointless - but the connection remains secure.

Using TLS v1.3, the connection is even secured before the server is authenticated (if, after encrypting the connection, the authentication of the server fails, then the client should at least warn the user - if not immediately disconnect).

Yes, I know, these are boring details, but they are misunderstood way too often by people who SHOULD know how this works (I know you do, but please don't simplify things too much).

#TLS#https#X509
Preston MacDougall

Mexican-American comedian Diego Luna ended his week as guest host on “#JimmyKimmel Live” with a reminder that #American tax-payers spent $15 billion for a mostly non-existent #BorderWall between #Mexico and the #UnitedStates with built portions that have either been blown down by high winds or can be scaled with a makeshift ladder🪜! #https://www.huffpost.com/entry/diego-luna-trump-border-wall_n_685e215ce4b0bb504500091e

#Resist hilariously!

Autiste à :ch_Vaud:🌊 #woke

https-vd.ch/2025/06/15/le-logi

Découvrez le site du #HTTPS, le nouveau nom du #PartiPirateVaudois, obligé de rompre complètement les amarres avec le #PartiPirateSuisse, y compris en abandonnant la notion de #PartiPirate, pour ne pas être traîné dans ses dérives, et profitez-en pour lire l'analyse de @sebseb01 sur le #numérique #responsable à l' @etatdevaud et l'angle mort concernant le #libre et l' #opensource.

https-vd.chLe logiciel, talon d’Achille du numérique « responsable » vaudois – HTTPS
More from Sébastien Piguet
Alo Japan

alojapan.com/1290666/the-tmg-i The TMG is accepting applications for subsidies to attract Green Transformation (‘GX’) related foreign companies #Https://www.investtokyo.metro.tokyo.lg.jp/en/oursupports/gxSubsidy.html #https://www.investtokyo.metro.tokyo.lg.jp/en/oursupports/index.html #news #Tokyo #TokyoNews #東京 #東京都 TOKYO, JAPAN, June 4, 2025 /EINPresswire.com/ — In order to realize a decarbonized society and promote a “sustainable recovery,” the Tokyo Metropo…

*
Aral Balkan

👋🤓 Goodbye Site.js, Hello Kitten!

I started working on creating a Small Web¹ server (a peer-to-peer Web server) six years ago² with Site.js.

Building Site.js was my first attempt. And it resulted in:

• Auto Encrypt (automatic Let’s Encrypt certificates): codeberg.org/small-tech/auto-e

• Auto Encrypt Localhost (automatic localhost TLS certificates): codeberg.org/small-tech/auto-e

• @small-tech/https (drop-in Node.js https module replacement with automatic TLS certs everywhere): codeberg.org/small-tech/https

• JSDB: In-process, in-memory JavaScript database that persists to append-only JavaScript logs: codeberg.org/small-tech/jsdb

As Site.js reached an evolutionary dead-end, and as I learned from my experiements with replicated data types that replicated data types are *not* a prerequisite for a decentralised web (actual topological decentralisation and ease of use are), I started writing a new server/platform called Kitten from scratch while still making use of the tried and tested modules listed above.

Last week, I switched over our last site using Site.js to Kitten and, with that, today I’ve sunset³ Site.js:

sitejs.org

For its successor, please see Kitten:

kitten.small-web.org

If you want to support our work at the Small Technology Foundation, please consider becoming a patron:

small-tech.org/fund-us

:kitten:💕

¹ ar.al/2024/06/24/small-web-com
² ar.al/2019/08/26/introducing-s
³ Using our instance of Look Over There!: look-over-there.small-web.org

#SiteJS#SmallWeb#SmallTech
Replied in thread
*
Kevin Karhan :verified:

@GossiTheDog @signalapp it merely prevents #Screenshots by claiming it's #DRM'd content.

The correct solution for #Signal would be to alert all their users and specifically block #Windows in general or at least #Windows11 simply because it is a #Govware and empirically cannot be made private or secure.

But that would require them to actually give a shit, which thed don't, cuz otherwise they would've stopped demanding #PII like a #PhoneNumber and moved out of juristiction of #CloudAct.

  • I mean, what's gonna prevent the #Trump-Regime from threatening @Mer__edith et. al. with lifetime in jail for not kicking the #ICC (or anyone else he and his fans dislike) from #Signal's infrastructure?

Since they are highly centralized.they certainly are capable to comply with "#Sanctions" (or whatever bs he'll claim!)...

GitHubGitHub - kkarhan/windows-ca-backdoor-fix: Fixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefaehrden-SSL-Verschluesselung-2317589.htmlFixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefae...
#sanctions
TrendingLive feeds
About