Of course they are internal code names. That’s what code names are.
Before 9 they were just names.
Of course they are internal code names. That’s what code names are.
Before 9 they were just names.
Yeah the AOSP version did launch in early September.
The Pixel release should come in a few weeks.
Besides, saying that you “support something” does fuck all.
So what? Am I not allowed to express my opinion because of that?
Also, my politicians have already started to outlaw these practices. There is obviously still much work to be done but it’s happening.
Apples TOS is complete bullshit and I support anyone that breaks it.
Being a billionaire is so extremely rare so it doesn’t matter. Social mobility is the ability to move from lower to middle or upper class not from lower to the extreme upper class.
Oh, you had to be a billionaire to be middle class? I never knew that.
We have great upward mobility here though and it’s a capitalistic country.
Discord offers proper 2FA though.
Because they are a non profit which makes stuff one likes?
That’s perfectly fine for a home environment but don’t act like having a proper PKI is a bad or insecure idea.
Also I would be surprised if your server doesn’t have TPM unless it is very old.
Yeah, there is a lot they can do about it.
Email their CEOs or some shit instead.
I’m sure their support appreciates that a lot.
I typed it like that with the slim hope that someone would misinterpreted it, lol.
No VNC
50% more monthly is a lot more though.
That’s pretty similar to some of the bannings on Lemmy.
Yeah, at least the ones I used have some kind of console/terminal you can use and often you can access BIOS and reinstall the OS if you want.
I don’t mean them specifically, but that to me managing access to such a CA cert’s keys is security nightmare, because if I somehow get an infection, and it finds the cert file and the private key, it’ll be much easier for it to make itself more persistent than I want it.
If you can’t resist installing random shit on your CA server then sure. No attacker will really try to compromise a home CA so you really only have to worry about viruses which should be kept extremely far from the CA anyways. And obviously follow all other security precautions like good passwords or even passwordless with certificate login (remember that you have a CA server so you can easily issue authentication certificates and enroll them on a smart card or Yubikey)
The private key should also be in TPM (or a HSM like we do at work, but that’s a bit extreme for home use) and be non-exportable. Managing access to the private key isn’t really that hard, it should just never ever leave the CA server and you are pretty much good to go.
You can also do a two tier PKI with an offline CA and an issuing CA like I’m planning to do for an AD DS, AD CS, AD FS lab.
Personally I think wildcard certificates sound like a bigger security problem than a CA since that certificates will likely be placed on a lot of servers and if just a single one gets compromised the attacker can impersonate whatever subdomain they feel like. With a CA server you could issue individual certificates to each server/service
Private CA servers are very common and is actually a security positive. I’m not saying that everyone needs one at home, but you shouldn’t be afraid to setup one if you want too.
What do you mean?
Of course their own CA can sign certificates for whatever the fuck it wants, but it’s their CA so why would they do that?
You obviously shouldn’t trust anyone else’s CA unless you actually trust it. But if you don’t trust your own CA what’s the point of having a CA?
P.S. I’m guessing OP doesn’t actually have a CA and is just using simple self signed certificates without any private CA that has signed them.
He seems to only have been involved during roughly the first year of Mozilla’s existence.