TIL we can use hash chain to do authentication without sending password to server first i calculate argon2(my_password, salt) then i hash it 1000 times finally i just send you the 1000th hash when i want to authenticate myself to you, i just send you 999th hash. next time, 998th hash. next time, 997th hash... bruh and when i only have for example 100 hashes, i can just generate new hash chain with argon2(my_password, another_salt). and send you the new 1000th hash with 100th hash... more bruh #server #client #api #auth

My tpm2 setup is this right now: ``` systemd-cryptenroll --wipe-slot=tpm2 \ --tpm2-device=auto \ --tpm2-pcrs="0+1+2+4+7+11+15:sha256=0000000000000000000000000000000000000000000000000000000000000000" \ /dev/nvme0n1p2 ``` i mean it works. my laptop is old so it don't get any new bios updates. my threat model is just fallback to password in luks screen when evil-maid attack happens. but the thing is... i am still not sure if its enough to detect evil-maid attacks. but at least it will allow me to use my laptop with different user account in school or when i am outside the sources i got help are: -

Bypassing disk encryption on systems with automatic TPM2 unlock | oddlama's blog

-

NixOS Discourse

A Modern and Secure Desktop Setup

I probably need to note that TPM2 unlocking is dangerous and difficult to do correctly. Not impossible, but difficult (and I’ve yet to see it don...

-

NixOS Discourse

A Modern and Secure Desktop Setup

The trouble is that it depends on the setup. In your case, where there’s just an encrypted partition with a btrfs file system on it, it’s as si...

#luks #linux #nixos #tpm #tpm2

i think embedding models from huggingface + FAISS + distance-weighted kNN is pretty good and cheap for classification. i wish i had the executive function to implement it in a nostr client ;-;

guys... how to make proof of work memory-hard, completely sequential, post-quantum safe and easy/cheap to verify :sobs:

nsite are cool. but what about an optional NIP for using relays as reverse proxy? relays are not gonna need to store anything in this use case. and can do their usual rate limiting things it would allow anyone to make their web apps accessible behind VPNs. imagine you are deploying your web app behind nymvpn by using your npub #asknostr

idk if its even possible to win over our dictator in Türkiye. like... they control nearly the whole media. i can't just expect people to use decentralized social media. and i recently started to watch this documentary: its dark... very dark. even when there are like very few people outside to protest, they instantly bring many polices to attack and arrest. maybe you can say "what if more people protest? don't be few?", then they just blockade the protesters. and while all of these are happening, media is showing things like football. when you start to share your opinions on social media, they block your account and arrest you many of us (opponents) are saying things like "our people are stupid". but i say "nope. they control media". and it feels like... Erdogan won... #politics #protest

i fucking love obtainium!