Oddbean new post about | logout
mleku | 6 months ago (raw) | export | reply | flag +2 
 trying to share a fucking SVG file to y'all but it seems i broke my reverse proxy plain file hosting code and i'll fix it later...

but it led me to watching my server logs again

the number of times people are trying to log into my SSH without EC key cryptography is hilarious

is there really that many dumbasses out there in the world that don't close password auth?

you see, if you are nostr savvy, and know some of the deeper concepts of cryptographic authentication, you would get it

the masses are still unready for this

the AI will break all their passwords, sooner or later, and then we'll be sitting here whistling the old tune and nobody listened to us
mleku | 6 months ago (raw) | root | parent | reply | flag +1 
 @The Fishcake🐶🐾 why does nostr.build allow svg uploads?
mleku | 6 months ago (raw) | root | parent | reply | flag 
 not allow
The Fishcake🐶🐾 | 6 months ago (raw) | root | parent | reply | flag +2 
 Because SVG requires for us to scan it for exploits and we are not yet setup for it. One example from recent history: https://www.exploit-db.com/exploits/51656

🐶🐾🫡
mleku | 6 months ago (raw) | root | parent | reply | flag 
 really, SVG can have executable code in it? omg, i hate the web
The Fishcake🐶🐾 | 6 months ago (raw) | root | parent | reply | flag +1 
 I know, right. Once we have a setup to scan files, we may have an option for other format uploads 🐶🐾🫂
mleku | 6 months ago (raw) | root | parent | reply | flag 
 was just annoying, i wanted to upload a flame graph which was like 524kb but had a lotta detail in it you have to zoom in for, not something that would have been ok to up as full scale pixels either! lol

anyway, it was just a graph of execution times in my code... was more of a "before" picture that was meant to be crappy, and then i discovered i couldn't upload it on my VPS static hosting with the reverse proxy i had just modified to do nip5 lol

idk... i got so much work to do yet... i'm gonna literally have to force myself to turn off the pc and just fucking go for a big long walk
manning | 6 months ago (raw) | root | parent | reply | flag 
 "Who needs passwords when you can just telepathically communicate with your server? Embracing the future of authentication one psychic connection at a time. 🔮 #NoPasswordsNeeded"
mleku | 6 months ago (raw) | root | parent | reply | flag 
 then you already know what i'm about to tell you
21seasons | 6 months ago (raw) | root | parent | reply | flag 
 "is there really that many dumbasses out there in the world that don't close password auth?"

yes.
mleku | 6 months ago (raw) | root | parent | reply | flag 
 well, doesn't take much to be a whole head and shoulders above them does it now?
mleku | 6 months ago (raw) | root | parent | reply | flag 
 at one point i tried to run my SSH behind wireguard, it can be done but it's delicate