Setting up PGP
Karl
gmkarl at gmail.com
Tue Oct 13 06:00:23 PDT 2020
On 10/13/20, grarpamp <grarpamp at gmail.com> wrote:
> Many corporates are fine with pulling down files
> to a bastion host behind firewall and building
> over to other non internet connected hosts from there.
>
> Swapping random storage devices (that have own cpu + firmware)
> among random machines, is probably more risk than an SCP
> pull connection over lan. Reproducible builds from OS vendor site,
> and friends East and West, can help verify the final pluggable
> boot and run media before perma stuffing it in the system.
> Then people play around with keygen, airgap, etc.
What OS vendors provide reproducible builds?
> Given the hardware is all closed, and software is bloated,
> cost to verify a system to any given book standard
> quickly become moot vs risk.
>
> Security is a continuum of tradeoffs, there are no absolutes.
Multiply the estimated dangers, I suppose, and compare.
> Besides NSA, who has available protocols and data rates for...
> 'dd /dev/urandom /dev/LCDscreen' --> air --> 'dd /dev/camera /dev/null'
Curious too. Here's what I have.
There's some old existing work at https://github.com/xloem/qrstream in
the 'Existing work' section. A glance at
https://stephendnicholas.com/posts/quicker-video-qr-codes implies 43
KB/s. You can get much more if you use multiple colors and more math.
All my links explaining the math, and the java app that demo'd
multichannel video with error correction, appear broken.
It seems a product of the r&d put into the protocol and the resolution
of the devices used, right now.
> Somebody already did lavalamp datarates.
> But the above is different camera target and use case.
>
>
> New PCIe-USB port mashups... direct to
> ram/cpu like old firewire... security insanity.
I infer this is normal now with USB3. So gpio pins, isolators, audio,
video are the things to think about.
>
>
>> if your main system were already infected?
>
> Give it to Juan to smash with his ragehammer.
This doesn't work at all when it's somebody's job to keep you
monitored. You need a working system to do things while you resist
around your ideals.
More information about the cypherpunks
mailing list