First of all KUDOS to Debian’s new release this month, Debian 10 (Buster).
Notable to me is the effort for reproducible binaries, which aligns with my security Source Certification Contract (SCC) goals of Are You Who You Say You Are? Trust the Source, User.
Debian’s Buster release PR accordingly:
Thanks to the Reproducible Builds project, over 91% of the source packages included in Debian 10 will build bit-for-bit identical binary packages. This is an important verification feature which protects users against malicious attempts to tamper with compilers and build networks. Future Debian releases will include tools and metadata so that end-users can validate the provenance of packages within the archive.
Continue reading “Debian 10 (Buster) ZFS Live Image Recipe”
Functional cryptography, meaning something that works, is feasible for the masses and suits a purpose. Spoiler: They (not only Germany) want to remove that right from you once again.
I remember, back then I used loop-aes for my whole disk encryption. I like this clean module, because it is fully functional. It fulfills the purpose of creating perfect noise over the whole block storage media. No cryptography header or anything else which could raise a flag. Why else would one apply whole disk-encryption if not to at least attempt full deniability? Conventional wisdom dictates that a system is compromised if hardware access has been achieved. Deniable disk encryption is one last resort in these cases. Sadly the Linux kernel community didn’t include this module in its base tree and one would suspect politics were the issue at hand. Instead, we have some soft disk encryption per default, which IMHO is useless as deniability can’t be achieved. Continue reading “Will making Noise become a Crime?”
After relaunching our website using a more up-to-date layout, the new wordpress privacy module asked me to setup a privacy disclosure.
Having recapitulated my professional life while updating my CV just days earlier, I thought it might be a good idea to start maintaining a security checklist, as follows Continue reading “Privacy & Security Checklist”
Currently implemented in modules GlueGen and JOGL. TODO: JOAL and JOCL.
jogamp-next points now to the signed beta build gluegen_410-joal_213-jogl_489-jocl_424-signed.
See how it (NApplet) works online on the new JOGL Applet Test page.
Without the need for using
- our Applet-Launcher
- the JNLP extension
- setting up the native library folder for applications
we automatically Continue reading “JogAmp Deployment Enhancements: Automatic loading of native JARs (Applet/Application)”
You probably have read the latest news about WebGL security and Chrome’s native ‘applet’s’
security in general: Continue reading “JOGL Applet Security ..”