kereshnull

joined 1 year ago
sorted by: new top controversial old
Using git-crypt to obscure parts of my Nix Config: Is this a valid security practice? Can I do even better? in c/nixos@infosec.pub
[โ€“] kereshnull@infosec.pub 3 points 1 year ago

Good job for doing something. It all boils down to what you are comfortable with, adding security will always add a certain level of inconvenience. Ideally the next step would be to fully automate what you have.

Elaborate does not mean secure, often it's the opposite as adding complexity adds new ways of failure.

If you are talking about this SOPS https://github.com/getsops/sops it doesn't change much you need to store the master key somewhere. It makes it easier to operate, but your trust boundary does not move.

Reddit removes years of chat and message archives from users' accounts in c/technology@lemmy.world
[โ€“] kereshnull@infosec.pub 1 points 1 year ago

You cannot sell active data without explicit consent but what if data that has been "deleted" accidentally gets shared with a 3rd party ๐Ÿ™ˆ

Reddit removes years of chat and message archives from users' accounts in c/technology@lemmy.world
[โ€“] kereshnull@infosec.pub 23 points 1 year ago (11 children)

Smells like desperately trying to save on storage costs.