Hacker Newsnew | past | comments | ask | show | jobs | submit | augunrik's commentslogin

You can try out AstoCAD, a reskin of FreeCAD. The author also fixes a lot of FreeCAD bugs.


From the initial feature set it sounds like Mozilla SOPS.


Mise already supported sops and age (https://mise.jdx.dev/environments/secrets/), so I'm assuming there's something more to it. (Existing or planned.)


I was gonna say the same. Not that there is anything bad in having alternatives, but if you like fnox, you might want to have a look at SOPS as well.


Kinda weird when they secure shop sites where you enter your payment information into. IKEA does this, for example.


I love when people do this! Now we only need alternative software and the hardware is finally purchasable!

Would be cooler if the hardware was more OS before but I take what I can get…


Just let Signal operate via Satellites and you are fine: https://de.m.wikipedia.org/wiki/Weltraumtheorie


No, you’re not fine.

They can ban that as well.

The only way anything can continue working in practice is if it’s decentralized, and served by different websites secured bu https rather than one app in one app store. Hard to take them all down.

Perhaps Moxie Marlinspike now better appreciates decentralization behind messengers. I have written here years ago as a response to him exactly this scenario: https://community.intercoin.app/t/web3-moxie-signal-telegram...

The thing with https of course is that the governments can insist that browsers include their backdoored certificates. But the browsers are large enough that it’s difficult to get them to do it. China’s Great Firewall probably can. But in order for that to happen they have to prevent packets encrypted with the non-backdoored certificate chain from being routed. That requires serious control over all the networks.

This is partly why I started Qbix. So people can host whatever they want on computers of their choice. Without this decentralization, the governments are two steps away from mandating ALL your voice conversations are scanned, transcribed and analyzed by AI at the edge. Microsoft Recall + message and voice scanning = 1 step away from total panopticon of everyone everywhere. And with superintelligent AIs doing precrime based on everyone’s conversations!


If CAs start to get backdoored, people can operate a la web of trust or other asymmetric protocol where the public key is posted on a public board and the server can verify its ownership of the private key without a third party other than the public notice. More work but should be doable.


They won’t be able to operate that over public networks in China, because the routers will drop their packets.

You’d need to roll your own mesh network — definitely doable in local areas but the question is how to connect them over wider distances without going through the Great Firewall. Satellites?


There are methods to bypass the Chinese Firewall though. the issue is getting people to use them.


How can people use them for long if they get a knock on the door, from authorities who noticed an anomaly?


What anomalies are they looking for? There are protocols that make traffic look like something mundane.


Have you seen what classifier AI can do?

Go make a protocol that fools all the AIs from every angle, that are scanning 24/7. They can get you on the metadata pattern alone, nevermind even the content.


I suppose you could use stenography or something to embed chats in pictures that are client-side scanned.

I use grapheneos and can create storage scopes so that the scanning app would only have access to files I deliberately allow.

Doesn't solve traffic analysis. Maybe some more advanced methods that encrypt over https could work.


Unless a lot of people are using it, they’ll just go after anyone who is doing suspicious things like using grapheneos


Yes, but in what way? Short of the outlaw of general computing, what could they possibly do to stop it?


We already have this - it's called Tor and I2P.


Could there be a way to do everything in JavaScript? I imagine the problem would be in the anchors of trust.


JWTs are best practice for OAuth as it can transport claims. It’s up to your application if you continue to use it after the initial flow. You are fine to convert it, but most apps don’t as it’s easier.


Is there some information on why they need to store this much data for immediate retrieval? And why is it so much?


I use Strongbox and store my Passkeys in a Keepass File. Vendor agnostic, private syncable and locked by my passphrase. I like them and wish more services would implement them properly.


Can you also see if every job position was filled in the end?


Kinda sounds like OPA (Open Policy Agent) [1], but a different implementation.

[1] https://www.openpolicyagent.org/docs/latest/


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: