You made me check but there is a "birthday" field on the contact form and I can display a "Birthdays" calendar with events for the birthdays of my contacts.
Not if your readme also has to work on "not Github" like npm or pypi, or anything that repackages your release while using your readme.md as page content. Those images are going to have to be fully qualified URLs.
I've moved a few of my domains from Gandi to Cloudflare, though their selection of available TLDs is somewhat limited and until recently you couldn't register domains directly. I was considering moving back to Gandi from Cloudflare, but looks like I'll have to look around... again.
The fact that users have to delete the old Github key from their systems and accept a new one is what could lead to a MITM attack.
If your system doesn't know the public key of an SSH server, when you connect the first time, the SSH client will display a warning and ask you if you accept the server key. An attacker could be between you and Github and if you accept without checking it's the correct key, you would be toast.
Yes, GitHub's announcement provides the correct new public RSA key, and it also provides instructions for a curl invocation which does all the work if you don't trust yourself to copy-paste text or don't understand how.
Only if the https server cert wasn't compromised at the same time as the ssh key. For all we know, this entire announcement of "we have a new key" could be staged.
On Instagram, when you create an account, you now need to submit a selfie picture while holding a code given to you while registering. For suspicious account, it can even be a video selfie. I know bots are an issue but they should ask for this only when posting/commenting, not for browsing. No way I'll send a picture or video to facebook linked to my email/phone number.
I was thinking of signing up to Instagram to create a golf and fitness diary and connect with a few people I really care about. There goes that - fuck that noise!
Text is still a big challenge, I don't think I've seen any that have properly rendered the text you want. I wonder if handwritten text would be easier or harder since there's more variation.
I thought this was typically done on purpose to prevent exactly the types of situations described, I didn't think it was actually a technical limitation of the model.
https://opguides.info/posts/aiartpanic/ was on the front page a few days ago, and you can see from the results that the text is pretty mangled. If it were intentional, I’d expect it to be clean text, even if it didn’t make sense. It seems to genuinely have trouble with characters and combines glyphs a lot of the time.
I think asymmetric encryption is not usable for large amount of data, the only thing it is good for is to encrypt a passphrase or a binary signature (like a hash). If you can catch the process of encryption while it is running, it is likely that the passphrase is in memory (or used as a command line argument).
That's why you create a lengthy random key (that you know it cant be brute forced) and encrypt everything using it and symmetric encryption.
Than you store that random key encrypted with asymmetric algorithm.
Same goes for things like disk encryption. You never use the users key for encrypting the data. You always encrypt using random large key that is not brute-forcable and encrypt that one with user password, so the process of changing the user password is just decrypting the random key and encrypting it back with new password. Or you would have to re-encrypt the whole disk on password change
gpg supports using public / private keypairs to encrypt any amount of data you like. I use it for uni-directional backups from machines where trust is an issue.
Or is the reality of this that it's just encrypting a symmetric key with the asymmetric cipher, and then encrypting data using that key?
Everything is encrypted with a symmetric key. It is just that sometimes there is an asymmetrically encrypted symmetric key packet included in the message so that GPG (or whatever) does not have to ask you for the symmetric key. This is all fairly generic, if you actually have the symmetric key you can use it directly even if a key packet exists. This means that you can give some entity a key to decrypt a particular message/file without revealing your asymmetric secret key associated with your identity.
reply