Mastodawn

Legislation cares a lot about information #security these days. When do we laws that keep companies from tainting security's public reputation by demonstrably abusing it for their own commercial interest against the interests of consumers?

Just one example: Bank uses proprietary hardware over #WebAuthn to avoid person-in-the-browser attacks. Workflow for the proprietary hardware allows that very attack. Bank doesn't care to fix it for a year.

CC @EUCommission @appzwang @fsfe

Show thread

Dimitri Bouniol 20h ago

Out of time, but started the process of transforming queue entries for backwards compatibility. Tomorrow night, let's go through the updating logic and see what we want to keep vs change. See you then!

🔜 Tomorrow’s stream: https://youtube.com/live/onvv7Sb_0d4
⏮️ Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m
📲 Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #Swift #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Late Night Silent Completions: Jiiiii — Part 909

YouTube

Show thread

Dimitri Bouniol 21h ago

I'm making a seasonal anime guide app, in the open for all to experience and learn from.

Short stream since I'm away from my usual setup, but let's start transforming the new queue items into the old kind for compatibility!

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Come chill with me: https://youtube.com/live/krc2rcgWxCM

Late Night Silent Completions: Jiiiii — Part 908

YouTube

Show thread

Dimitri Bouniol 1d ago

Cleaned up accesses to a user's queue and history list, specifically so it is always available. Tomorrow night, let's continue working through the queue route. See you then!

🔜 Tomorrow’s stream: https://youtube.com/live/krc2rcgWxCM
⏮️ Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m
📲 Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #Swift #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Late Night Silent Completions: Jiiiii — Part 908

YouTube

Show thread

Dimitri Bouniol 1d ago

I'm making a seasonal anime guide app, in the open for all to experience and learn from.

Let's take a detour and make special list indexes available!

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Come chill with me: https://youtube.com/live/e-uRmSlhzWA

Late Night Silent Completions: Jiiiii — Part 907

YouTube

Show thread

Dimitri Bouniol 2d ago

Got started migrating the recent queue route over to the new primitives. Tomorrow night, let's make sure we can properly index list special kinds. See you then!

🔜 Tomorrow’s stream: https://youtube.com/live/e-uRmSlhzWA
⏮️ Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m
📲 Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #Swift #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Late Night Silent Completions: Jiiiii — Part 907

YouTube

Show thread

Dimitri Bouniol 2d ago

I'm making a seasonal anime guide app, in the open for all to experience and learn from.

Let's start ripping the existing routes apart to call into the new list entry code!

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush

Come chill with me: https://youtube.com/live/UDZG0Pb5uG4

Late Night Silent Completions: Jiiiii — Part 906

YouTube

sayzard 3d ago

Passwords suck. Can passkeys replace them?

비밀번호는 피싱, 멀웨어, 중간자 공격, 데이터베이스 유출 등 다양한 공격에 취약해 다수의 데이터 유출 사고 원인이 되고 있다. 이를 대체할 수단으로 WebAuthn 기반의 패스키(passkeys)가 주목받고 있는데, 이는 개인 키를 기기에 안전하게 저장하고 공개 키를 서버에 저장해 네트워크에 비밀번호를 전송하지 않아 피싱 공격에 강하다. 패스키는 소프트웨어 또는 하드웨어 기반으로 구현되며, 2차 인증과 결합 시 보안성을 더욱 높일 수 있다. 다만 양자컴퓨터 시대에 대비한 포스트 양자 암호화 표준 도입과 계정 복구 방안 마련이 필요하다.

https://kerkour.com/passkeys

#webauthn #passkeys #authentication #security #phishing

Passwords suck. Can passkeys replace them?

Did you know that most, if not the majority of data breaches originate from hacked credentials? Yep, that's right, if all you private information (and your family's too) got stolen and leaked 20 times a year, it's because employees at companies and governmental agencies can't manage to keep their passwords

Sylvain Kerkour

Show thread

Dimitri Bouniol 3d ago

Spent the time re-understanding the existing queue loading code, and making a game plan to adapt it to the new list entries. Tomorrow night, let's start ripping it apart. See you then!

🔜 Tomorrow’s stream: https://youtube.com/live/UDZG0Pb5uG4
⏮️ Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m
📲 Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8

#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #Swift #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush