Hacker Poesy
  • FAQ
  • Login
  • Public

    • Public
    • Groups
    • Recent tags
    • Popular
    • Directory

Timeline for engineer list by rozzin, page 25

Joshua Judson Rosen rozzin engineer Thursday, 29-Nov-0001 19:00:00 EST
  • Subscribe
Listed 1 Subscribers 0
  1. Joshua Judson Rosen (rozzin)'s status on Wednesday, 10-Jul-2019 03:37:55 EDT Joshua Judson Rosen Joshua Judson Rosen
    • FoxtrotGPS
    !FoxtrotGPS 1.2.2 is out! https://lists.osgeo.org/pipermail/foss-gps/2019-July/001772.html
    (and if you missed the release of 1.2.1, there are some notes on that as well)
    Wednesday, 10-Jul-2019 03:37:55 EDT from web permalink
  2. Joshua Judson Rosen (rozzin)'s status on Monday, 08-Jul-2019 15:00:26 EDT Joshua Judson Rosen Joshua Judson Rosen
    There seems to be a "somethingsomething Piano Movers" truck sitting outside my house blasting out a very loud guitar solo from its radio right now.
    Monday, 08-Jul-2019 15:00:26 EDT from web permalink
  3. Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 10:32:33 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    So, "what am I doing when I get a new key from someone and check the signatures to see if there are any people in common" depends heavily on what you mean by "check the signatures" and "people in common". If you mean "trace through signature-chains with no #trust #metrics to find *reachable* signatures", then no you're not using #WoT verification, you're making your own inferences based on something else.
    Wednesday, 03-Jul-2019 10:32:33 EDT from Qvitter permalink
  4. Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 01:15:55 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    That #Tails "use the WoT" download #verification guide is telling you to do 2 distinct things:
    1) use #PGP WoT metrics to identify someone who is a Tails developer (but not AFAICT to identify that person *as* a Tails developer);
    2) make a WoT-less leap from "this is Bob" to "Bob is verified as a Tails developer AND his signatures mean something".

    In that "→A→B→C" chain of mixed ops, #WoT only takes you to B.
    Wednesday, 03-Jul-2019 01:15:55 EDT from Qvitter permalink
  5. Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 00:56:58 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    It may also matter that when I say "#PGP", I really mean "#GnuPG" because AFAICT GPG is the PGP that everyone actually uses these days. There are "trust signatures" in #OpenPGP, and GPG can make and use them..., but they're a whole different thing from "trust", "signatures", and #WoT. And I don't think I've ever actually seen one in the wild. Some other PGP implementation might use tsigs by default? But I doubt it?
    Wednesday, 03-Jul-2019 00:56:58 EDT from Qvitter permalink
  6. Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 00:49:32 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    That #PGP's #WoT metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #myth; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #trust and #identity #certification" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before.
    Wednesday, 03-Jul-2019 00:49:32 EDT from Qvitter permalink
  7. Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 00:33:56 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    There is a chance I've misunderstood what you mean when you say "trust paths" if by "path" you didn't mean "linked lists that may be >1 indirection long". If so, sorry!☺
    Wednesday, 03-Jul-2019 00:33:56 EDT from Qvitter permalink
  8. kat (boneidol)'s status on Tuesday, 02-Jul-2019 08:38:09 EDT kat kat
    Remote profile options...
    • Joshua Judson Rosen
    @rozzin help me out!
    what am I doing then when I get a new key from someone I've not communicated with, and check the signatures to see if there are any people in common ? 

    What are the people at Tails doing here ?  https://tails.boum.org/install/linux/usb-download/index.en.html#install-inc-steps-download.inline.web-of-trust  https://indy.im/attachment/138158

    It looks to me like building a human connection through the WoT 
    Tuesday, 02-Jul-2019 08:38:09 EDT from indy.im at 32°58'59"N 49°7'59"E permalink Repeated by rozzin
  9. Joshua Judson Rosen (rozzin)'s status on Tuesday, 02-Jul-2019 08:12:09 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    Contrary to popular belief, "trust paths" are not actually a thing in #PGP.
    Tuesday, 02-Jul-2019 08:12:09 EDT from AndStatus permalink
  10. Joshua Judson Rosen (rozzin)'s status on Monday, 01-Jul-2019 15:50:40 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    • Cryptography
    ALSO, I'm reminded that there was this other #HKP #keyserver released a few years ago, compatible w/ #SKS but written in #Golang, which might relieve some of "zomg unmaintainable!" problems with the SKS servers: https://hockeypuck.github.io/ !crypto #PGP #GnuPG
    Monday, 01-Jul-2019 15:50:40 EDT from Qvitter permalink
  11. Joshua Judson Rosen (rozzin)'s status on Monday, 01-Jul-2019 15:42:36 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    • Cryptography
    Also it seems kind of inappropriate to be using "poisoning" as its being used here: https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f !crypto
    Monday, 01-Jul-2019 15:42:36 EDT from Qvitter permalink
  12. Joshua Judson Rosen (rozzin)'s status on Monday, 01-Jul-2019 15:40:24 EDT Joshua Judson Rosen Joshua Judson Rosen
    • kat
    • Cryptography
    @boneidol The signature-flooding attack on the SKS #keyservers (and DoS of their users) is bad but doesn't actually sound like any kind of #apocalypse, and has basically nothing to do with the #WoT; signature-chains maybe, but that's something else entirely. !crypto
    Monday, 01-Jul-2019 15:40:24 EDT from Qvitter permalink
  13. kat (boneidol)'s status on Sunday, 30-Jun-2019 07:39:51 EDT kat kat
    Remote profile options...
    oh Shit... the GPG web of trust is dead https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
    Sunday, 30-Jun-2019 07:39:51 EDT from indy.im permalink Repeated by rozzin
  14. Joshua Judson Rosen (rozzin)'s status on Friday, 28-Jun-2019 12:13:21 EDT Joshua Judson Rosen Joshua Judson Rosen
    Spent yesterday optimizing an uploader, and today half of the data in my datasets are now uploading at "infinite speed". So... proud? I guess? Hope I don't turn into a salamander....
    Friday, 28-Jun-2019 12:13:21 EDT from Qvitter permalink
  • After
  • Before
  • List
  • Listed
  • Subscribers

Listed

  • Joshua Judson Rosen

Subscribers

    (None)

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • Privacy
    • Source
    • Version
    • Contact

    Hacker Poesy is a GNU social hub. It runs version 1.1.3-beta3, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All Hacker Poesy content and data are available under the Creative Commons Attribution 3.0 license.

    Switch to mobile site layout.