Using git-crypt to obscure parts of my Nix Config: Is this a valid security practice? Can I do even better? by kereshnull in c/nixos@infosec.pub
[-] kereshnull@infosec.pub 2 points 1 year ago

Good job for doing something. It all boils down to what you are comfortable with, adding security will always add a certain level of inconvenience. Ideally the next step would be to fully automate what you have.

Elaborate does not mean secure, often it's the opposite as adding complexity adds new ways of failure.

If you are talking about this SOPS https://github.com/getsops/sops it doesn't change much you need to store the master key somewhere. It makes it easier to operate, but your trust boundary does not move.

Reddit removes years of chat and message archives from users' accounts by kereshnull in c/technology@lemmy.world
[-] kereshnull@infosec.pub 1 points 1 year ago

You cannot sell active data without explicit consent but what if data that has been "deleted" accidentally gets shared with a 3rd party ๐Ÿ™ˆ

Reddit removes years of chat and message archives from users' accounts by kereshnull in c/technology@lemmy.world
[-] kereshnull@infosec.pub 23 points 1 year ago

Smells like desperately trying to save on storage costs.

Crown Jewels Analysis by kereshnull in c/cybersecurity@infosec.pub
[-] kereshnull@infosec.pub 2 points 1 year ago

Good summary, a bit heavy on the acronyms but explains the concepts well, thank you for the effort.

Federation and new community creaton is disabled by kereshnull in c/infosecpub@infosec.pub
[-] kereshnull@infosec.pub 1 points 1 year ago

Thank you for all your efforts!

kereshnull

joined 1 year ago