12 Matching Annotations
  1. Nov 2020
    1. Long term keys are almost never what you want. If you keep using a key, it eventually gets exposed. You want the blast radius of a compromise to be as small as possible, and, just as importantly, you don’t want users to hesitate even for a moment at the thought of rolling a new key if there’s any concern at all about the safety of their current key.

      You want to blast radius of a compromise to be as small as possible

      Therefore a long-term key is almost never what you want. You don't want users to hesitate about rolling out a new key if they suspect theirs is compromised.

  2. Jun 2020
    1. Not taking breaks leads to decision fatigue, where we make simplistic choices because we lack the mental energy to ponder our options properly.
  3. May 2020
    1. You want to execute SSH commands from the build environment to a remote server You want to rsync files from the build environment to a remote server If anything of the above rings a bell, then you most likely need an SSH key.
    1. There is a serious weakness in DSA (which extends to ECDSA) that has been exploited in several real world systems (including Android Bitcoin wallets and the PS3); the signature algorithm relies on quality randomness (bits that are indistinguishable from random); once the PRNG enters a predictable state, signatures may leak private keys. Systems that use ECDSA must be aware of this issue, and pay particular attention to their PRNG.
  4. Mar 2020
  5. www.graphitedocs.com www.graphitedocs.com
    1. Own Your Encryption KeysYou would never trust a company to keep a record of your password for use anytime they want. Why would you do that with your encryption keys? With Graphite, you don't have to. You own and manage your keys so only YOU can decrypt your content.
  6. Oct 2019
  7. Aug 2017
  8. Feb 2017
    1. One of them tastes it; considers it; and after mature reflection pronounces the wine to be good, were it not for a small taste of leather, which he perceived in it. The other, after using the same precautions, gives also his verdict in favour of the wine; but with the reserve of a taste of iron, which he could easily distinguish. You cannot imagine how much they were both ridiculed for their judgment. But who laughed in the end? On emptying the hogshead, there was found at the bottom, an old key with a leathern thong tied to it.

      They were both subjectively in the right, but the objective truth was something unexpected. Is that a fair assessment of this anecdote?

  9. Sep 2015