Notices by Mister M. T. Sack (thatbrickster@shitposter.club), page 49

Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:29:39 EDT Mister M. T. Sack

Blockchain, coming to a loanshar- I mean, creditor, near you soon(tm). https://www.coindesk.com/barclays-rbs-r3-cut-property-transaction-times-in-blockchain-trial
In conversation Friday, 05-Apr-2019 19:29:39 EDT from shitposter.club permalink
Attachments
1. Invalid filename.
  
  Barclays, RBS, R3 Cut Property Transaction Times in Blockchain Trial
  
  By Yogita Khatri from CoinDesk
  
  Barclays, Royal Bank of Scotland, R3 and more say they've reduced property transaction times to "less than three weeks" using a distributed ledger.
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:27:45 EDT Mister M. T. Sack

Internet of Shite 2.0
https://www.coindesk.com/bosch-and-wien-energie-demo-blockchain-powered-refrigerator
In conversation Friday, 05-Apr-2019 19:27:45 EDT from shitposter.club permalink
Attachments
1. Invalid filename.
  
  Bosch and Wien Energie Demo Blockchain-Powered Refrigerator
  
  By Daniel Palmer from CoinDesk
  
  Electronics giant Bosch and power supplier Wien Energie have revealed a blockchain fridge aimed to enable better control of electricity consumption.
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:25:30 EDT Mister M. T. Sack
- star star baby
@xj9 Phew. A past ellipsis then.

In conversation Friday, 05-Apr-2019 19:25:30 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:24:44 EDT Mister M. T. Sack

That ZeroNet thread was the most satisfaction I've had from a fedi discussion in a bloody long time.

More long threads like that, please!

In conversation Friday, 05-Apr-2019 19:24:44 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:23:50 EDT Mister M. T. Sack
- star star baby
@xj9 So, is it available in your ellipsis?

In conversation Friday, 05-Apr-2019 19:23:50 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:22:29 EDT Mister M. T. Sack

I still want to believe that I can ditch email for I2P-Bote.

In conversation Friday, 05-Apr-2019 19:22:29 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:20:23 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 You're welcome. :)

It has been a while since I last used ZeroNet, I wasn't sure if any progress had been made about using it without JS. Didn't want to give you a bad answer, glad @jeff could at least confirm what I wanted to say would've been right.

@izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:20:23 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:17:58 EDT Mister M. T. Sack
- jaff
- Xeon²
@jeff Basically, yeah.

@0 @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:17:58 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:17:05 EDT Mister M. T. Sack
- Dewoo Alt
@dwaltiz While they had Who Wants To Be A Millionaire you guys have Who Wants To Beat Up A Millionaire.

Post-Brexit game industry on suicide watch.

In conversation Friday, 05-Apr-2019 19:17:05 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:14:06 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 As there is a probability that ZeroNet sites may require JS (as I believe it can also make clearnet requests) I would be limiting my accessibility to what ZeroNet has to offer.

And that's another thing. I2P, for example, keeps within itself. ZeroNet can make external requests which explains the Tor recommendation.

I simply cannot consider it as a good Internet alternative as it shares some of the biggest security concerns with it. Perhaps it's good for those whom want to experiment with the technology but not for those looking for something that addresses what's wrong with the current state of the Internet.

@jeff @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:14:06 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:08:59 EDT Mister M. T. Sack
- jaff
- Xeon²
@jeff That's what I meant by 'sanitise it completely'. Burn it to the ground. :)

@0 @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:08:59 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:07:28 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 eepsites (I2P sites) don't use JS. Using it would weaken the security of the network and there's no reliable way to harden the execution environment except from defence-in-depth measures which only try to workaround its unsafety.

It only takes a single web page to compromise the browser. As ZeroNet is made for 'dynamic content' it will never be suitable for security-conscious purposes as it allows pages to execute JS in the first place.

@jeff @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:07:28 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:02:01 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 ZeroNet runs a lot of code in the browser. That code is supposedly sandboxed. If the browser's sandbox is not adequate, and it manages to run code outside of it, any mitigations mean nothing.

We know JS is powerful in both good and bad ways. The only way to make it 'safe' is to sanitise JS entirely.
@jeff @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:02:01 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 19:00:44 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 They're not mitigated, I2P doesn't use or need JS. Period.

@jeff @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 19:00:44 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:58:46 EDT Mister M. T. Sack
- jaff
- Xeon²
@0 The frontend is a gateway to the backend. Heck, it doesn't even need to touch the backend. If what runs up front can escape the sandbox it's running in then you're pretty screwed.

The dev acknowledges ZeroNet should be run in a VM or other isolated environment. You shouldn't have to do that.
@jeff @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 18:58:46 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:56:46 EDT Mister M. T. Sack
- jaff
- Xeon²
@jeff Browsers are complicated and do too many things. Many attack vectors exist regardlessless of sandboxing.

What's more, Pale Moon's aiming to remove it from Mozilla code (at least from a process isolation perspective).

It's as unpredictable as AI. Who knows what could happen if/when it goes wrong? Those who do already don't make use of it.
@0 @izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 18:56:46 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:53:49 EDT Mister M. T. Sack
- Dewoo Alt
@dwaltiz A store local to my former workplace had a Fallout 1 and 2 collection. I think they were asking either £6 or £10 for it.

In conversation Friday, 05-Apr-2019 18:53:49 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:51:12 EDT Mister M. T. Sack
- Xeon²
@0 It was an issue for a while.
https://github.com/HelloZeroNet/ZeroNet/issues/962
https://www.reddit.com/r/zeronet/comments/4fcm86/problem_with_zeronet/

Even with the CSP mitigation I still don't know if I would feel safe using it.
@izaya @louisoft01 @pantsu
In conversation Friday, 05-Apr-2019 18:51:12 EDT from shitposter.club permalink
Attachments
1. Invalid filename.
  
  Javascript security · Issue #962 · HelloZeroNet/ZeroNet
  
  from GitHub
  
  Browsers are known to have a big attack surface around JavaScript, often leading to user tracking (loss of anonymity), cookie hijacking and even remote code execution. Projects like the Tor Browser...
2. File without filename could not get a thumbnail source.
  
  r/zeronet - Problem with Zeronet
  
  from reddit
  
  2 votes and 12 comments so far on Reddit
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:44:49 EDT Mister M. T. Sack
- Xeon²
@0 ZeroNet also makes heavy use of JavaScript. I don't care if it's 'trusted', I would never want to execute it in my browser if I could avoid it.

@izaya @louisoft01 @pantsu

In conversation Friday, 05-Apr-2019 18:44:49 EDT from shitposter.club permalink
Mister M. T. Sack (thatbrickster@shitposter.club)'s status on Friday, 05-Apr-2019 18:41:00 EDT Mister M. T. Sack
- 私
- Turks Crafting
@orekix It's called 'Smilodon' because of the forced smile my 'smart' toothbrush will make me do when I'm not going to sleep in my 'smart' bed because I'm too busy on my 'smart' phone shitposting to a federated network.

@tuxcrafting

In conversation Friday, 05-Apr-2019 18:41:00 EDT from shitposter.club permalink

After
Before

Public

Notices by Mister M. T. Sack (thatbrickster@shitposter.club), page 49