Cryptography nerd
Fediverse accounts;
Natanael@slrpnk.net (main)
Natanael@infosec.pub
Natanael@lemmy.zip
Lemmy moderation account: @TrustedThirdParty@infosec.pub - !crypto@infosec.pub
@Natanael_L@mastodon.social
Bluesky: natanael.bsky.social
Jerry passed me control of !crypto@infosec.pub already (via my modhammer alt), started posting to it to get it started
This is a UX issue rather than a cryptographic fault, but it’s definitely notable because the security of any algorithm once implemented is dependent on its usability
Yes, but not as widespread.
Multiple toolmaking skills has been lost and had to be rediscovered. Metalworking, mechanical computers (clockworks), etc.
Secrecy in trades and lack of documentation used to be the main cause. Now the cause is lack of interest…
Interviewers look for excess confidence, not skill
The list of management tools available for it isn’t exactly short. Others mentioned specific tools too.
https://github.com/cedrickchee/awesome-wireguard
Before you vent by attacking it and attacking everybody recommending it, how about explaining your problems and what you’ve already tried?
No.
Let each server sign a timestamped counter of total votes from their own users, sending that to the hosting server for the post voted on. Then it can update the vote count as needed. The host then displays combined votes, and can display votes per server too, with signatures to prevent manipulation of counts.
If any server has suspicious vote counts it can get filtered out.
Some people only browse global feeds and downvote stuff as if they’re trying to train the Netflix recommendation algorithm, completely ignoring the rules of the community it originates from
If that’s the concern it’s better to have each server send a signed counter of votes coming from its own users to the hosting server for the post being voted on, then people can see which servers three there’s how many votes from.
This provides the same privacy as intended before (your account host knows your votes, nobody else does) and you can see which servers are acting suspiciously while allowing everybody to get a consistent view of votes (the host simply tally up the votes from each other server, and offer up the signed counts on request)
Hashing alone if it’s just usernames isn’t enough. Need something like keyed hashes, but then malicious servers can lie about numbers of votes.
Otherwise you need something ridiculously overengineered like public but encrypted logs of user actions and Zero-knowledge proofs of correctness mapping everything to a distinct existing user without revealing who it is.
As I mentioned in another post: for consistency is better to have each server count total votes from their own users, send a signed & timestamped message with the count to the host of the post being voted on. Then the host can display a consistent vote count to everybody that shows where votes are coming from without manipulation of external votes.
Each individual server can lie about its count, but not by too much or else it will be detected and the server can get defederated (or have its votes ignored).
Especially in federated networks where the data isn’t under access control, doubly so if the privacy extension is optional
The steam controller didn’t really fail, but the patent fight was a mess that took way too long (much too late disqualified patent over paddle buttons). That sucked a lot of energy out of the project. Don’t forget the steam deck kept those touch pads (although with a different design)!
Steam Link IMHO also wasn’t bad, but there didn’t seem to be much interest in it then. (interestingly enough I think it could be recreated today in a Chromecast-like form factor)
Stream machines was definitely a big mess however, there just wasn’t enough interest, too limited compatibility, the machines just wasn’t versatile enough for average Joe to pay for one.
“yes”? He’s definitely not building any significant fraction himself, but if he didn’t care for these things he wouldn’t let the company put so much resources into them.
Credit for the things built goes to the people building them. Credit for it being possible to build goes to the people who founded and funded the teams
… Does it not have granular access right control? The FAQ doesn’t describe any delegation
Edit: ok, “trusted” users can have specific permissions. Need to check details. Would be great if it could be extended to recognize forum specific mod teams, and for example let teams share specific rules (on reddit it’s common that certain subs share intel on spammers, etc)
Edit 2: will go through it tomorrow. Will port a bunch of rules from the reddit automoderator setup. About time I convert some of the stuff to regexp.
I’ll see what I can do. Don’t have hosting ready for anything automated though.
Separate question, is there any automoderator equivalent around here?
Hi all. This is the same Natanael which now has a moderator account here, this is my regular posting account!
So the new account only sees posts less than a year old, but this account (also on the very same host!) sees that plus older posts 🤷
Edit: ignore that, found the right settings. Weeeird
Redirects or mirror used in a block will usually specify who is hosting the warning