Skip Navigation
The US government wants to label secure IoT devices with a 'Cyber Trust Mark' | Engadget
  • This is not a good idea. Labelling certifications for things like electrical safety or radio emissions standards make sense, as they’re meeting regulatory requirements.

    The problem with Cyber Security is there is no such thing as perfectly secure. A secure device today, could have a vulnerability discovered tomorrow. Additionally, a big part of Cyber Security for devices is maintaining software/firmware patching is up to date. A stamped mark to say something is secure would provide a false sense of security, and could reduce the awareness of the user to the potential risks of not maintaining their devices.

  • How ActivityPub is setting the stage to weave all your social media feeds together
  • Bizarre how the author completely overlooks Lemmy, kbin and a whole host of others when talking about the Fediverse here. If these platforms received half the media coverage that Threads did when it was announced, they’d have grown considerably

  • Personal Justifications for different phone life cycles
  • In the early days of Smart Phones I upgraded pretty frequently, going through iPhone 3G, 4, 5, 6s but my cadence steadily moved out as fewer major features that I cared about were being added. It got to a point where the camera was ‘good enough’ and the anything else being added was stuff I just didn’t care about.
    I’ve had my current iPhone for 3 years now, and I have no plans on upgrading any time soon. Despite the bug crack in the back.

  • Shortening the Let's Encrypt Chain of Trust
  • A year or so ago I was doing some market analysis for work into the most widely adopted CA’s across the Internet. I found this analysis from w3techs that had LetsEncrypt at number 5, and IdenTrust at number 1 (https://w3techs.com/technologies/overview/ssl_certificate)

    At the time I was pretty shocked. I’d never heard of IdenTrust, and half the internet seemed to be using LetsEncrypt… so how was this possible? It was only when I looked into it further I discovered that the vast majority of existing LetsEncrypt certificates were cross-signed by IdenTrust, so I suspect this analysis by w3techs was skewed as a result, classifying cross-signed LetsEncrypt certificates as signed by IdenTrust (as they kind of are).

    It’ll be really interesting to see what happens post 2024 when the last of the cross-signed certificates expire. My expectation is that IdenTrust will plummet in that ranking and LetsEncrypt will take the top spot.

  • InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)CH
    Chris_ni @kbin.social
    Posts 1
    Comments 7