farthom

joined 1 year ago
sorted by: new top controversial old
Be careful. New platforms invite bad actors. in c/technology
[–] farthom@lemmy.ca 3 points 1 year ago

Yeah this is a TIL for me. I didn't realize they were separated out. It makes sense, though I grant I've never taken a close look at these files.

Be careful. New platforms invite bad actors. in c/technology
[–] farthom@lemmy.ca 4 points 1 year ago (4 children)

Yeah, seems highly unlikely to ever yield any results. Even if you did manage to read a file, you have to get lucky finding a password hash in a rainbow table or the password being shit enough to crack.

Be careful. New platforms invite bad actors. in c/technology
[–] farthom@lemmy.ca 29 points 1 year ago (19 children)

Holy shit this is kind of unsettling. Though I would expect ALL major browsers to reject reading any local files like this..... would this kind of thing actually succeed somewhere/somehow?

Broken DNSSEC on lemmy.ca in c/lemmy_ca_support@lemmy.ca
[–] farthom@lemmy.ca 5 points 1 year ago

Thanks for the prompt reply!!

Things didn't immediately work, but if you had genuinely changed something I know DNS can take some time for things to trickle down as caches/TTLs expire etc etc etc.

I'm happy to report things appear to be working normally this morning. I'm glad this was just a transition hiccup and not an outright misconfiguration!

Thanks so much for all your hard work keeping this thing running for us!

11
Broken DNSSEC on lemmy.ca (lemmy.ca)
 

Approx 30 mins ago, I suddenly lost access to lemmy.ca due to DNS resolution failures. I've managed to restore access by tossing the known good IP into my computers hosts file, in order to make this post.

It's worth noting I'm running my own DNS resolver (via PfSense router/firewall software) instead of the typical DNS forwarder offered by my ISP. As a result, my DNS ecosystem is likely a bit more fussy about the "correctness" of the DNS configuration.

My DNS server logs some entries complaining about DS and DNSKEY

debug: Failed to match any usable DS to a DNSKEY.
info: Could not establish a chain of trust to keys for lemmy.ca. DNSKEY IN

An attempt to verify the domain name using delv results in the following:

delv lemmy.ca 
;; broken trust chain resolving 'lemmy.ca/A/IN': 127.0.0.53#53
;; resolution failed: broken trust chain

Running an external DNSSEC check tool, currenly reports DNSSEC related issues. The tool I ran was:

https://dnssec-analyzer.verisignlabs.com/lemmy.ca

This gave me two issues:

None of the 2 DNSKEY records could be validated by any of the 2 DS records

The DNSKEY RRset was not signed by any trusted keys

Did something related to DNS get deployed in the last little while?

In any case, I've got a workaround in place and am not stuck, however a site admin may want to be aware of this information.

Thanks!!

How does a USB keyboard work? in c/technology
[–] farthom@lemmy.ca 4 points 1 year ago

Before I even clicked the link, I was hoping it would lead to Ben Eater's video! I've gone through many tutorials/guides/videos on the subject of USB, and this video is the only one which really broke it down and presented it in a comprehensible manner.

I highly recommend all of his content if you are interested in electronics at all.