Natanael

Wireguard is most reliable in terms of security. For censorship resistance, it’s all about tunneling it in a way that looks indistinguishable from normal traffic

Domain or IP doesn’t make much of a difference. If somebody can block one they can block the other. The trick is not getting flagged. Domain does make it easier to administer though with stuff like dyndns, but then you also need to make sure eSNI is available (especially if it’s on hosting) and that you’re using encrypted DNS lookups

Telegram has been under fire from the start, lol. 'we have math PhDs" 🤷

There’s also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don’t have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren’t getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: !crypto@infosec.pub

Looks like the same dev from reddit

https://www.reddit.com/r/crypto/comments/1iumxl3/how_far_can_i_push_closesource_code_towards_being/

Your workaround is precisely why I said “more practical”. Any updates to your tooling might break it because it’s not an expected usecase

You don’t want FIDO2 security tokens for that, use an OpenPGP applet (works with some Yubikeys and with many programmable smartcards). Much more practical for authenticating a server.

BTW we have a lot of cryptography experts in www.reddit.com/r/crypto (yes I know, I’m trying to get the community moved, I’ve been moderating it for a decade and it’s a slow process)

It is encrypted, but the security of the encryption varies between implementations (some have been found to generate keys insecurely or screw up session management, etc). For most modern devices it’s decent, as long as you’re not actively targeted by some kind of intel agency

Display mirroring with airplay?

Spamhaus, spamcop

The main program is open, but the development tools are not

You need to set up a publicly accessible device (in this case the VPS) as your IPv6 gateway

So you set up your VPN connecting your network to the VPS (should probably be set up from the router) and set your router to advertise an IP adress for the VPS which is routable from your local network as the gateway address (and should probably also run DHCPv6 for your network)

(note, I have not set up this stuff myself so I can’t help with implementation details)

Robots can definitely flip burgers.

Some can even do it twice!

Exclusively using Discord as a support channel should get you banned from the internet

An application password, basically

For extra fun, how much into the future they’re sent can be based on party stats + enemy stats

Wand of cut-and-paste

It’s also a thing in the Loki TV series

That what the brits did to get Germans to talk in WW2

And while they tried to DRM it, the DVD standard still ended up having to maintain compatibility across all readers and discs, but for bluray they regularly deprecate older readers who no longer can play newer movies because new releases use new encryption keys which the old readers don’t have access to (and for this reason the PS consoles are the best bluray movie players because Sony keeps them updated)

As you turn around a bigger joke arrives