fmaury/seirdy.one
1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 21:02:09 +00:00
Code Issues Projects Releases Wiki Activity

Semantics: fix authorship

Browse source 
- Fix use of shortcodes in some pages so authorship is parsed correctly
- Explicitly show author for each entry in a data feed, so parsers don't
  get confused by reply-authors.
This commit is contained in:
Rohan Kumar 2022-10-19 13:12:40 -07:00
parent 7361bb6bca
commit 842e060532
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479
6 changed files with 7 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
content/notes/browser-development-moratorium.md
View file

@ -2,11 +2,11 @@
title: "Browser development moratorium"
date: 2022-06-18T13:38:34-07:00
---
What if Firefox and Chromium placed a year-long moratorium on all new browser features unrelated to security, accessibility, and internationalization? Effort not spent on those initiatives could be re-directed towards bugfixes.
Defining the word "major" might be hard but I think it's an interesting idea.
I'm not too worried about including Safari since it could spend those months catching up.
Inspired by a similar article by {{<mention-work>}}{{<indieweb-person name="Peter-Paul Koch" url="https://www.quirksmode.org/about/">}}: {{<cited-work name="Stop pushing the web forward" url="https://www.quirksmode.org/blog/archives/2015/07/stop_pushing_th.html">}}{{</mention-work>}}
Inspired by a similar article by {{<mention-work itemtype="BlogPosting">}}{{<indieweb-person itemprop="author" name="Peter-Paul Koch" url="https://www.quirksmode.org/about/">}}: {{<cited-work name="Stop pushing the web forward" url="https://www.quirksmode.org/blog/archives/2015/07/stop_pushing_th.html">}}{{</mention-work>}}

2
content/notes/more-aspects-to-contrast.md
View file

@ -3,7 +3,7 @@ title: "More aspects to contrast"
date: 2022-07-03T22:16:09-07:00
replyURI: "https://github.com/Myndex/SAPC-APCA/discussions/74"
replyTitle: "Dark Mode Color Palettes and APCA"
replyType: "https://schema.org/DiscussionForumPosting"
replyType: "DiscussionForumPosting"
replyAuthor: "Ayush Agarwal"
replyAuthorURI: "https://microblog.ayushnix.com/"
---

2
content/notes/openssl-replacements.md
View file

@ -3,7 +3,7 @@ title: "OpenSSL replacements"
date: 2022-07-06T09:31:42-07:00
replyURI: "https://social.treehouse.systems/@ariadne/108601160601729437"
replyTitle: "I am going to…write an OpenSSL wrapper for BearSSL and just make OpenSSL die in Alpine entirely"
replyType: "https://schema.org/SocialMediaPosting"
replyType: "SocialMediaPosting"
replyAuthor: "Ariadne Conill"
replyAuthorURI: "https://ariadne.space"
---

2
content/notes/re-spearphishing.md
View file

@ -9,7 +9,7 @@ replyAuthorURI: "https://xeiaso.net/"
---
I think that using a dedicated air-gapped machine just for opening PDFs is a bit much if you don't rely on assistive technologies to read PDFs. A much less nuclear option: Qubes OS has an excellent [PDF converter](https://github.com/QubesOS/qubes-app-linux-pdf-converter) to convert PDFs to safe bitmaps, and back into PDFs. The results are completely inaccessible, so I wouldn't recommend sharing the final artifacts; however, this approach is fine for personal use.
The Qubes blog covers this in more detail: {{<mention-work itemtype="BlogPosting" role="doc-credit" itemprop="citation">}}{{<cited-work name="Converting untrusted PDFs into trusted ones: The Qubes Way" url="https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html">}}, by {{<indieweb-person first-name="Joanna" last-name="Rutkowska" url="https://blog.invisiblethings.org/about/">}}{{</mention-work>}}
The Qubes blog covers this in more detail: {{<mention-work itemtype="BlogPosting" role="doc-credit" itemprop="citation">}}{{<cited-work name="Converting untrusted PDFs into trusted ones: The Qubes Way" url="https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html">}}, by {{<indieweb-person itemprop="author" first-name="Joanna" last-name="Rutkowska" url="https://blog.invisiblethings.org/about/">}}{{</mention-work>}}
SaaS can actually be helpful when it comes to processing potentially-malicious files. In high school, we had to make heavy use of Google Drive. One approach that I used to use was to open a PDF with Google Docs and export the resulting Google Doc.

2
content/posts/floss-security.md
View file

@ -152,7 +152,7 @@ Unfortunately, some components are poorly understood due to being obfuscated usi
Skochinsky's and Corna's analysis was sufficient to clarify (but not completely contradict) sensationalism claiming that ME can remotely lock any PC (it was a former opt-in feature), can spy on anything the user does (they clarified that access is limited to unblocked parts of the host memory and the integrated GPU, but doesn't include e.g. the framebuffer), etc.
While claims such as "ME is a black box that can do anything" are misleading, ME not without its share of vulnerabilities. My favorite look at its issues is a presentation by <span class="h-cite" itemprop="mentions" itemscope="" itemtype="https://schema.org/PresentationDigitalDocument">{{<indieweb-person itemprop="author" first-name="Mark" last-name="Ermolov" url="https://www.blackhat.com/eu-17/speakers/Mark-Ermolov.html">}} and {{<indieweb-person itemprop="author" first-name="Maxim" last-name="Goryachy" url="https://www.blackhat.com/eu-17/speakers/Maxim-Goryachy.html">}} at Black Hat Europe 2017: [How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine](https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf)</span>.
While claims such as "ME is a black box that can do anything" are misleading, ME not without its share of vulnerabilities. My favorite look at its issues is a presentation by <span class="h-cite" itemprop="mentions" itemscope="" itemtype="https://schema.org/PresentationDigitalDocument">{{<indieweb-person itemprop="author" first-name="Mark" last-name="Ermolov" url="https://www.blackhat.com/eu-17/speakers/Mark-Ermolov.html">}} and {{<indieweb-person itemprop="author" first-name="Maxim" last-name="Goryachy" url="https://www.blackhat.com/eu-17/speakers/Maxim-Goryachy.html">}} at Black Hat Europe 2017: {{<cited-work url="https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf" name="How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine" extraName="headline">}}</span>.
In short: ME being proprietary doesn't mean that we can't find out how (in)secure it is. Binary analysis when paired with runtime inspection can give us a good understanding of what trade-offs we make by using it. While ME has a history of serious vulnerabilities, they're nowhere near what [borderline conspiracy theories](https://web.archive.org/web/20210302072839/themerkle.com/what-is-the-intel-management-engine-backdoor/) claim.[^11]

7
layouts/_default/list.html
View file

@ -23,12 +23,7 @@
{{ .Title }}
</a>
</h2>
<p>
Posted <time itemprop="datePublished" class="dt-published published" datetime="{{ .Date.Format "2006-01-02 15:04:05Z07:00" }}">{{ .Date.Format "2006-01-02 15:04" }}</time>
{{- if gt (sub .Lastmod.Unix .Date.Unix) 3600 -}}
, updated <time{{ if not (.Params.evergreen) }} itemprop="dateModified" class="dt-updated updated"{{ end }} datetime="{{ .Lastmod.Format "2006-01-02 15:04:05Z07:00" }}">{{ .Lastmod.Format "2006-01-02 15:04" }}</time>
{{- end }}
</p>
{{- partial "post-meta.html" .}}
{{- if eq .Section "notes" }}
<div class="e-content entry-content" itemprop="articleBody">
{{- if .Params.replyURI -}}