Notices by Kev Quirk (kev@fosstodon.org), page 103

@Keith @ignitionigel @lx @nextcloud that's the open source way. The community pulls together to help one another with any issues. 😊

@monsieuricon welcome!

@ignitionigel @lx @nextcloud will keep you guys posted.

@Keith might be an issue with the app. Give it a try through the website and let me know.

@Keith is it in the website, or via an app?

@lx @nextcloud nor can I haha.

@mwcz it's done through the admin portal, can't remember off the top of my head. I'll take a look later and let you know. @Gargron might be able yo help though.

My #RaspberryPi 3+ just turned up, along with case and power pack. Time to start playing with @nextcloud this evening! https://fosstodon.org/media/89OCFlBDQg1YnwqL1PI

@welshgeekboy great question. So when they do the key exchange as part of the TLS handshake, they only share their respective PUBLIC keys. This allows the data to only be ENCRYPTED. Each side then has their own PRIVATE keys, that is used to DECRYPT the data.

So even if an attacker is watching, all they can do with the keys they find, is Encrypt. They can't decrypt anything.

@elioqoshi Read your comment again, I'm with you, it works because it's unique enough for SEO. Yeah, I get that.

I wonder how well it would do for terms like "web analytics" etc.

@elioqoshi how does Matomo work? I'm not familiar with the word outside of what Piwik just rebranded to.

@RyuKurisu yeah, I completely get that. I suppose the purpose of this article isn't so much telling people that https is mire secure, as you say, most already know that. It's more to show people just how easy it is to get things like credentials, when you're not using it.

But yeah, on a more technical level, integrity etc. Is massively important.

@elioqoshi haha it wasn't a very helpful comment, you're absolutely right. But calling an analytics tool Matomo, or a video editor Kdenlive, or a text editor Pluma makes it much more difficult for users, especially new ones, to find these brilliant apps. 😉

@RyuKurisu absolutely, but I wanted a statement to show people how unsafe http can be. I didn't want to go too deep and start talking about things like integrity or nonrepudiation, as I may lose people.

One of the last lines in the article is something like "this is one of many ways https improves the security of http..."

What's the deal with this HTTPS thing anyway? Here is why it's important...

https://kevq.uk/why-https-is-important/

#Security #HTTPS #Internet

@lx @nextcloud ram is still 1gb, which is a limitation of the chip.

@lx @nextcloud that's probably similar to what my usage will be.

@Brennan @mattmcnutt @ignitionigel I have considered that, but most people are on Facebook, and would probably be unwilling to move. If it were a tech group, I'd be more inclined to do so, as people with those interests would likely be willing to move.

@mattmcnutt @ignitionigel I left Facebook for a few years, until I found out I had missed a reunion of my old army unit, because it was arranged o there. I re-joined, and now I run a fairly popular motorbike group on there, so I can't leave. ☹️

@stringlytyped I personally think they have their place, as long as they're not over used. They're a good way of breaking up a block of text if a picture isn't appropriate, or highlighting a useful tidbit of information.

On the other hand, I've read article that have 4 or 5 quotes within, they're just annoying and distracting, I find.