madaidans-insecurities.github.io

GustavoM, to linux in Just read Madaidans Insecurities. Do you know how much is still relevant?
@GustavoM@lemmy.world avatar

Not really relevant, but I’ve got a “rule of thumb” for all security-related issues;

“If it doesn’t nuke my PC, then I’m good. If it does, then I’m still good since backups and logs exist, and if it was related to the latest seucirty issue? Then I make a quick patch and/or update. Then back to 1.”

TheAnonymouseJoker, (edited ) to linux in Just read Madaidans Insecurities. Do you know how much is still relevant?
@TheAnonymouseJoker@lemmy.ml avatar

Some stuff related to madaidan I wrote and compiled a couple years ago.

i.imgur.com/FiYhbkk.jpg: madaidan being very 4chan-y in terms of blaming the computer language for problems in particular software code (in this case Linux kernel), while dismissing everything when it comes to Windows. His blog page about Linux is a massive piece of “toilet paper” repeatedly debunked at this point. If you think the phrase “toilet paper” is mine, come, have a look.

web.archive.org/…/thoughts_about_an_article_talki…

web.archive.org/web/20220111035527/https:/…/item?…

archive.is/zxS72

TL;DR his blog has been dismissed enough at this point to consider it nothing more than digital rag. Security zealots are dangerous to FOSS community, like Brad Spengler/grsecurity, madaidan, GrapheneOS and so on. You can identify them as Big Tech security evangelists trying to shit on FOSS with arguments I would say do not end up being very intelligent and academic, and more reactionary and flakey.

Also a little note on security. You do not need as much security as much as you need privacy, freedom and anonymity. Security is variable, it only buys you the time against attacker, and is the least priority among these 4 things in computing.

bbbhltz, to linux in Just read Madaidans Insecurities. Do you know how much is still relevant?
@bbbhltz@beehaw.org avatar

As far as I recall, it never was relevant. It was generally viewed as a rant written by a non-professionnel. Perhaps I am wrong? Sorry if I am wrong?? Don’t start reporting me, please.

ReversalHatchery,

I remember reading there, when it wasn’t on github pages but it’s own website, the recommendation to keep your critical dotfiles permissioned to a different user account of yours. I don’t think that’s bad advice. Yes it is probably not needed if you use the system as a pro sysadmin for server purposes, but for desktop use it’s just natural that you’ll run a lot more programs in a much less controlled manner.

Of course there were ones that I thought they went overboard, but it has at least a few good pieces, if not more, I don’t really remember.

ReversalHatchery, to linux in Just read Madaidans Insecurities. Do you know how much is still relevant?

“This connection is untrusted” “SSL_ERROR_BAD_CERT_DOMAIN”

The irony.

Pantherina,

I mean the origin is still legit, so there is no real problem with it, right?

One cannot just register a site as github.com

ReversalHatchery,

I’m not sure if at this point the browser verifies whether the cert is even legit for github.com

Strit,
@Strit@lemmy.linuxuserspace.show avatar

It uses the github cert, but that is not set to use the github.io subpages that start with www.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #