[HN Gopher] Adding a "duress" password with PAM Duress (2021)
___________________________________________________________________
Adding a "duress" password with PAM Duress (2021)
Author : marcodiego
Score : 172 points
Date : 2022-03-06 17:02 UTC (5 hours ago)
(HTM) web link (lwn.net)
(TXT) w3m dump (lwn.net)
| lillesvin wrote:
| This kind of reminds me of the Travel Mode of 1Password:
| https://support.1password.com/travel-mode/ and I imagine it'd be
| most useful in similar situations.
|
| Obviously the usefulness of measures like this is likely pretty
| low if your dealing with tech-savvy adversaries, but if some
| random border guard or police officer forces you to log into your
| computer and -- I don't know, I'm not very well-versed in these
| scenarios -- show your Facebook messages or your password vault,
| you could use your duress password to clear cookies and other
| stuff to show that you don't have a Facebook account or a
| password manager ... or whatever, you get the general idea.
|
| Or you could use it to not change anything but simply log in and
| additionally alert your work place that you're under duress and
| they can cut off your access to critical systems. Provided that
| you have some sort of internet access of course...
| nunez wrote:
| Something like this would be great for online voting. If a voter
| is under duress (i.e. being watched while they vote, etc), they
| can enter a specific ballot unique to them that discards the
| ballot and allows them to re-vote in a safer environment.
| HideousKojima wrote:
| Or just completely get rid of anything internet connected or
| electronic for voting and go back to pen and paper. Any claims
| that online voting can be secure should be kept far away an
| buried as though they were radioactive waste.
| teddyh wrote:
| "Wear gloves."
|
| -- https://xkcd.com/2030/
|
| Longer explanation:
| https://www.youtube.com/watch?v=w3_0x6oaDmI and
| https://www.youtube.com/watch?v=LkH2r-sNjQs
| farhaven wrote:
| I have a feeling that "Is pam_duress.so configured in any file in
| /etc/pam.d, and if so turn on a big red light" is a pretty
| trivial thing to add to those "plug the person's computer in here
| and have them log in to their machine to decrypt everything,
| otherwise they won't go through customs/leave our dingy bunker"
| solutions.
|
| These duress passwords seem to be for kind of contrived
| scenarios, to me. Either your threat model is "someone breaks
| into my hotel room and steals my laptop", in which case it's
| useless, or "The $OpposingSideSecretService got me and hits me
| until I give them my password" in which case it seems to be
| equally useless.
| vorpalhex wrote:
| There are a lot more threat models than the ones you list.
|
| 1. A journalist who has a legal right to protect their sources
| from discovery
|
| 2. A check on your encrypted electronic device at the border
|
| 3. A snooping housemate or someone else logs into your machine
|
| That was in <30 seconds of thought on this problem.
| nyolfen wrote:
| > You could even spawn a process to remove the pam_duress
| module so the threat actor won't be able to see if the duress
| module was available.
| ptd wrote:
| I think this falls squarely into daydreaming about how to
| stop a home invasion territory.
| nyolfen wrote:
| that's pretty fun too
| [deleted]
| Brian_K_White wrote:
| I think I first encountered the idea of essentially using
| passwords as commands for a variety of custom actions in a Larry
| Niven book from the 60s? Earlier?
|
| It must be as old as passwords, meaning as old as language,
| relatively straightforward to implement in any kind of software,
| yet I've never seen it actually implemented in all this time.
| Closest has been the single triggered action to wipe everything
| after n failures.
| c0balt wrote:
| Huh, my phone used to have miui, an andrdoid skin by xiaomi,
| installed from the factory. It featured the ability for a
| second user profile that could be either entered through the
| settings or by setting up a custom unlock pattern for entering
| it when unlocking the phone.
|
| I tought this was quite a clever feature for e.g. giving your
| phone to your children with an isolated profile.
| jcadam wrote:
| Duress codes have been used in physical security systems (i.e.,
| pin pads to open doors) for a long time.
|
| Personally, I'm wondering why ATMs don't have this feature.
| guitarbill wrote:
| Because people struggle to remember even one PIN, especially
| if it's needed infrequently or in a stressful situation. I'm
| not being snarky here, it's happened to me. Could not
| remember my one, main PIN on one particularly stressful day.
| Went home, slept, and no problem the next day.
|
| So remembering a PIN that most people will never need to use
| in a stressful situation? Unlikely to be useful for the
| majority of people.
| amlib wrote:
| I think this could be solved by having the duress code be
| as simple as entering your PIN backwards
| metafunctor wrote:
| Backwards is way too difficult to figure out for many
| people under duress. It should be the PIN, with the last
| digit entered twice. The cost of a false positive is not
| that big.
| kevml wrote:
| Remembering this seems hard. And doing it under pressure
| seems very hard. I've forgotten my own zip code at a gas
| station before.
| martyvis wrote:
| This was patented over 35 years ago but not implemented,
| and only spread as a good hoax. https://en.wikipedia.org/
| wiki/ATM_SafetyPIN_software?wprov=s...
| littlecranky67 wrote:
| Way easier, just have a set of 9 icons (flower, sun, etc)
| shown after every pin entry. Your "true" icon will
| proceed, all other icons will trigger duress and proceed.
| justinpowers wrote:
| This is brilliant. Can you offer any more insight or
| background to this? Is there a name for this technique?
| littlecranky67 wrote:
| No, it is an obvious solution to anyone who wants to
| solve the problem, and have never seen this in the wild
| (probably because I live in a relatively safe country
| where you don't have to fear to get mugged at an ATM).
|
| EDIT: This should be coupled with a "secret" icon that is
| shown (or a specific order of the 9 icons you have to
| chose from) to prevent MITM/Phishing attacks. If you
| realize the icon/order is not the one you are used to,
| you are being phished.
| reaperducer wrote:
| _Way easier, just have a set of 9 icons (flower, sun,
| etc) shown after every pin entry. Your "true" icon will
| proceed, all other icons will trigger duress and
| proceed._
|
| This is familiar.
|
| I had a bank that, when you set up your PIN, required you
| to also pick an icon. There was a flower, and a cat, and
| a dog, and some other generic pictures.
|
| When you put your card in the ATM and entered your PIN,
| you also had to pick the right icon.
|
| I wonder if this was the start of a duress system the
| bank was setting up. The bank ended up getting eaten by
| another bank and then another bank, and the icon
| selection system went away.
| j4yav wrote:
| How would it know if you entered it backwards if it was
| 1221, for example?
| TacticalCoder wrote:
| Well the obvious solution if one was to use this scheme
| (which I'm not saying is good or bad) would be, at PIN
| creation time, to disable palindrome.
| cortesoft wrote:
| That eliminates all palindrome numbers as possible pins,
| which is bad for security.
| benatkin wrote:
| Because it reduces the number of possible combinations?
| Good reason to keep moving from 4 digits to at least 6
| digits.
| gizmo686 wrote:
| At 4 digits, with a 10 character alphabet, you are
| looking at a 1% reduction in pin space. Contrast this
| with the 90% reduction in pin-space you get by not using
| a 5th digit.
| 3np wrote:
| Found the person with a palindrome pin
| GekkePrutser wrote:
| Still it could be very useful for those of us that can
| remember it and do care.
| kevml wrote:
| If we had duress codes for ATM, and it's widely known, then
| someone with a gun will just threaten me to not use my duress
| code. I'm not going to bet my life in that scenario.
| TacticalCoder wrote:
| Then make it so that the duress code allows you to withdraw
| $300, not $2000.
|
| The duress code could also mean instant warning sent to the
| police. This would deter some bad guys too if it was widely
| known.
| willcipriano wrote:
| Don't change anything about the behavior of the ATM, just
| alert the police. If people are being robbed at gunpoint
| don't try and be a hero over a couple grand.
| gnicholas wrote:
| Can you withdraw $2k from an ATM? I've never had a
| personal limit above a few hundred, and it never occurred
| to me to ask for a higher limit.
| reaperducer wrote:
| ATMs can be configured for all kinds of amounts. It's up
| to the bank.
|
| In the mid-90's, my father's bank would let him specify a
| withdrawal amount down to the cent. He could take out
| $53.17, and the machine would spit out $53 in bills, and
| 17 cents would roll down a chute into the coin tray.
|
| In the late 90's, I had a bank that allowed almost any
| withdrawal amount. I know I took out $700 once for an
| emergency car repair.
|
| I think a big reason the banks limit the amount of money
| you can take out is so they don't have to refill the
| machines as often. It's a cost-saving measure for them.
| gnicholas wrote:
| I wasn't even thinking about the ATM's limit -- all of my
| bank accounts have had limits around $200-350 per day.
| KennyBlanken wrote:
| First off, just because they have a gun doesn't mean
| they're going to risk a capital crime over under a grand in
| cash. Sure, some people will, but that number is much
| smaller than the number of people not even holding a real
| gun.
|
| The duress code could do any number of things, too. Trigger
| a silent alarm, for example, at the bank branch and/or
| police. Show a randomized, lower available balance. Mark
| the dispensed bills.
|
| Fact of the matter is that banks don't care; it's not
| "their" money when someone steals from you at an ATM.
| That's why you never see any sort of anti-robbery systems
| in ATM lobbies.
|
| Cops don't care either. If you're lucky they write a
| report.
|
| But...steal from the _bank_ and every cop in town will hunt
| you down.
| djur wrote:
| It's been implemented in video games, at least! The "NARPAS
| SWORD" password in Metroid comes to mind.
|
| The practical issue here is that a secret password to release
| the hounds or whatever is only useful if someone is able to use
| it at the appropriate time. It's hard to memorize a password
| you don't use. The number of cases where a "release the hounds"
| password is going to be usable and useful where a "log into
| admin account which has a 'release the hounds' button" wouldn't
| be is going to be very low.
| giantg2 wrote:
| The fact that you remember the one from a videogame, makes it
| seem like that would be a good candidate password for this
| purpose. If it's used to wipe the data (which is backed up),
| then it shouldn't need to be as secure as a regular password.
| In fact, it might be preferable to be less secure so that
| someone trying to brute force would hit the duress password
| first.
| djur wrote:
| If we're talking about the specific case of duress
| passwords, sure. Although in that case the better defense
| against brute forcing is to wipe the data after too many
| failures. And at some point you might as well just put a
| "self destruct" button on there and skip the need for a
| password.
| jbay808 wrote:
| It would be really annoying if my cat could wipe my hard
| drive just by walking on the keyboard when I'm in the
| bathroom.
| giantg2 wrote:
| "the better defense against brute forcing is to wipe the
| data after too many failures."
|
| Is it though? I thought some intelligence agencies have
| the ability to bypass the tries counter. In that case,
| the password would still trigger the wipe. That's not as
| easy to defeat because they don't know what password to
| avoid during the attempt, as opposed to knowing that
| after 10 tries it will wipe.
| melony wrote:
| How practical is this against an adversary with hardware access?
| If they can put a vampire tap on the motherboard or CPU pins,
| won't the alternate code paths pursued by the CPU alert them?
| Most computers have standardized bootloaders. This would only
| work if the decryption key selection computation is encrypted and
| homomorphic.
| NavinF wrote:
| That threat model is so insane that I'll just link this instead
| of responding to the question:
| https://scholar.harvard.edu/files/mickens/files/thisworldofo...
| kingcharles wrote:
| In my case, after putting a loaded gun to my head I still
| wouldn't give the police my access codes, but after they
| changed strategy and threatened my wife I broke immediately.
| The interrogator told the judge that if he suppressed the codes
| they would simply move to desoldering the chips off the board
| and move them to another device. The judge accepted that,
| despite objections. (and the fact that only works if the data
| is not encrypted on the chips you are transplanting)
| Nextgrid wrote:
| > If they can put a vampire tap on the motherboard or CPU pins,
| won't the alternate code paths pursued by the CPU alert them?
|
| I doubt this is possible in modern hardware given the bandwidth
| & switching speeds they operate at.
| jrockway wrote:
| Probably possible. You're not going to connect up like 32
| eBay oscilloscope probes to someone's computer and get their
| data, but you could build a custom RAM module that saves
| interesting data. Obviously there are computing devices that
| operate at the speed of modern day CPUs and memory -- modern
| day CPUs and memory!
|
| I think that these aren't widely available because if you
| want someone's data you can email them and say "hey I'm the
| CEO and I need your password right now, I'm locked out of my
| account!" Much easier than engineering a 4GHz logic analyzer
| into a DDR4 form factor.
| clement12 wrote:
| mdavis6890 wrote:
| The fundamental problem is that often the people who are trying
| to get your data are legally entitled to it, and to use physical
| force against you to get it. And god help you if there is any
| appearance that you might have deleted the data they want.
|
| Plausible deniability may help, but only if you really can
| convince them that you do not have and cannot somehow access the
| data they want.
| kats wrote:
| What could be more "Hacker News" than a bunch of people thinking
| they need a secret password in case they are held "under duress"?
| Because obviously you are James Bond and to avoid being sawed in
| half by the villian's laser beam you will give away this secret
| password at the last moment. Nothing could be worse than if Dr.
| Evil steals your _hard drive_ , oh god, not that!
| dhzhzjsbevs wrote:
| jart wrote:
| Well pretty much everyone who works for a corporation has a
| responsibility to protect confidential information. However
| it's not really all that James Bond because the problem of
| international travel is normally solved by having code among
| other things not stored on laptops.
| jrm4 wrote:
| This just reminds me of all the very cool and clever things we
| could be doing, but arent. I imagine a world in which your phone
| is actually a general purpose computer, that can be meaningfully
| backed up _by you,_ solely under your control.
|
| So when you're travelling somewhere heavy, you backup your whole
| phone to a trusted server (I hate even saying 'cloud' here) and
| wipe it (or better yet, "duressify" it, e.g. you put in grandma's
| number and a little porn and thats it) and be on your merry way.
| Restore your backup at your destination.
| nunez wrote:
| Android's profiles system is the closest thing we have to this;
| if only Android's backup/restore facility were more seamless.
| ben_bai wrote:
| The phone is a general purpose computer, and you can run
| LineageOS on it, with a custom bootloader.
|
| Then you basically have 3 partitions boot, system, data.
| encrypting and uploading "data" can be done. It still requires
| little manual work, i.e. i don't know if an app can do it.
| jrm4 wrote:
| Oh I get that it's theoretically possible, but could it be
| "normalized?"
| TheOtherHobbes wrote:
| There's plenty that's crazy about the current system. But I'd
| assume in your example state actors would be tracking and
| possibly copying your server accesses. And perhaps your server.
| (Cross border? Blocked. VPN? Blocked. On-prem? Easy to raid.
| "Don't keep logs"? Actually we do. Open source encryption? One
| contributor just happens to be from an intelligence agency and
| added some weaknesses. And so on...)
|
| Security is _really hard_. For every "obvious" solution
| there's always going to be a back door. For every known
| backdoor there's going to be a covert back door which you're
| not going to be aware of, or a honey trap which looks like a
| trusted independent solution but is really state owned.
|
| If you want a truly secure solution you're probably going to
| have to wait for some kind of bio-linked technology where your
| personal data is embedded in your physical body, and forced
| access either wipes it, or kills you, or perhaps both,
| depending on the settings.
| fennecfoxen wrote:
| > There's plenty that's crazy about the current system. But
| I'd assume in your example state actors would be tracking and
| possibly copying your server accesses. And perhaps your
| server.
|
| Some of us have only passing interaction with state actors,
| e.g. when visiting a foreign country for a short term, or
| when crossing the border into a nominally free society with
| legal privacy rights ( _cough_ TSA / ICE _cough_ ). There is
| thus in practice ample need for solutions not secure against
| an all-seeing surveillance state.
| nullwarp wrote:
| A security company I contracted for has a policy when people
| are traveling to certain countries that they can't bring a
| company laptop or phone with them. They have to purchase a
| laptop while in the country to use and log onto the systems
| from there.
| ohyoutravel wrote:
| I'm curious because this seems worse in many ways than
| purchasing in your home country and carrying across. I
| understand you go through the airport with a fresh laptop and
| that gives the opportunity for the airport security agents to
| mess with it, but in all recent travels when I've done this
| the only time I haven't seen the laptop directly is when it's
| in the X-ray machine for 30 secs. Seems like purchasing in
| visiting country would be less secure. Can you elaborate?
| kmeisthax wrote:
| Carrying devices across a border gives the Nation State
| Actors both physical access to your machine _and_ a legal
| basis to mess with it - either by searching the device for
| secrets or by installing malware onto it. Some countries
| are better at this than others. I wouldn 't bother doing
| this if I was just going from, say, the US to Canada[0].
| However, China is notorious for messing with any Android[1]
| phones that cross their borders. Depending on what
| countries your company trades with, this policy might make
| sense.
|
| In contrast, bulk shipments of imported devices are not
| usually tampered with in the same way[2]. Some countries do
| have similar restrictions on data import, but they can't
| mess with or spy on that data because you actually have
| end-to-end encryption in that case.
|
| [0] I _have_ heard reports of immigration officers
| demanding device passwords in such a case, but it 's rare.
| If you're _really_ paranoid, enough to want to do this when
| crossing US borders, I should point out that you should
| never live within 100 miles of them. Anything 100 miles or
| closer to a US border gives the US government power to
| demand your papers; furthermore, the people in border
| control treat this as a blank check to search for anything
| they want.
|
| https://www.aclu.org/other/constitution-100-mile-border-
| zone
|
| [1] I have yet to hear reports of iPhone users getting
| their phones searched.
|
| [2] Yes I know "Tailored Access Operations" exist, but this
| usually involves shipping intercepts, not someone buying a
| device in a store.
| jon-wood wrote:
| I haven't travelled to China since before Covid was a
| thing, but when I went previously border control weren't
| at all interested in our phones, and more or less waved
| us into the country once they'd checked our visas. To say
| they mess with any Android phone crossing the border is
| either massive hyperbole, or they're doing it remotely as
| you run them through X-ray scanners.
| raincom wrote:
| If CBP gets suspicious, they will ask for the device
| password to gather evidence from one's phone to deport
| back. This happened to a couple of people I know of.
| londons_explore wrote:
| I assume the "and log in from there" consists of a very
| limited login that only allows access to videocalls and a
| few other basics to allow work to get done... Not the whole
| document repository of the whole company.
| jrm4 wrote:
| If you presume encryption (SSL et al) in its present state
| generally works, this strikes me as _obviously_ superior? I
| genuinely don 't understand the argument? You carry your
| password in your head, buy the new machine, phone home, and
| you're good? Ditch the machine on the way home if it's that
| serious.
| kevin_thibedeau wrote:
| If you're an espionage target they'll arrange more than 30
| seconds of alone time for your laptop. Either overtly at
| customs/security or discretely when you're away from the
| machine.
| Nextgrid wrote:
| Purchasing within the country is more secure unless you
| assume all devices sold within the country are compromised
| and monitored in real-time which seems unfeasible.
|
| Of course for this to be effective you should just purchase
| it in-person in a mall or something, and ideally don't
| provide any identifying information so they can't
| "customize" the device just for you, otherwise all bets are
| off and at that point it indeed becomes more secure to just
| bring your own and not let it out of your sight.
| [deleted]
| [deleted]
| elliekelly wrote:
| A while back a woman in Boston was abducted at random, forced
| at knifepoint to withdraw money at an ATM, and then brutally
| murdered before anyone even knew she was missing. In response
| the state proposed requiring ATM security features like a panic
| button, active monitoring of the surveillance cameras, or some
| sort of alarm system. Of course the banks pushed back because
| of the long-term implementation costs and also because of the
| supposedly risk false alarms.
|
| But one of the ideas that I thought sounded like a good
| compromise was a duress PIN. The idea being that a customer
| could opt to set a PIN that would work exactly like their
| normal/"real" PIN (dispense funds, etc.) except it would
| silently alert police. It didn't happen, in the end. Partially
| because the banks were strongly opposed to the "overreach" and
| partially because the public outrage about the abduction died
| down before anything meaningful could happen in response.
|
| It was a neat idea, though.
| bombcar wrote:
| As mentioned in the article itself these cutesy things are
| inadequate for their intended use case.
|
| Could still be made useful in some cases perhaps as part of a
| larger "defense in depth" scenario, but if you're actually afraid
| of rubber hose cryptography you should utilize methods that
| directly work against that (which may result in your death).
| dvtrn wrote:
| "Could still be made useful in some cases perhaps as part of a
| larger "defense in depth" scenario"
|
| Completely spitballing here just exploring the thought:
|
| Like using duress pam to _only_ allow logins if a duress pw or
| authorized_key is used? Port knocking
| (https://en.wikipedia.org/wiki/Port_knocking) comes to mind as
| a simile. Could that even be done?
| marcodiego wrote:
| Hmmm... Can't pam_duress be used to fix https://xkcd.com/538/ ?
| mholt wrote:
| No, because if the adversary is convinced you used a duress
| password, they'll just keep hitting you with a hammer.
| Brian_K_White wrote:
| There are levels of interest and risk etc.
|
| They aren't murdering everyone whos phone / laptop they
| check at a border. It would be perfectly fine to have an
| encrypted disk drive that presented different contents
| based on what password was used to unlock for instance.
|
| And with something fully arbitrarily scriptable like this,
| it doesn't have to simply wipe stuff, it can do practically
| anything. It could fake having a dead battery, or suffering
| some kind of crash or other normal annoying service
| interruption. It could fake a Microsoft account login
| problem due to some problem with the wifi or borked
| corporate account control etc. You could increase the
| believability by pretending to have very common bad
| security habits like having the duress password written
| down somewhere on your person or with the machine.
|
| If you are a spy and they have you in a hole, then your
| cover is already blown. They will remove and dissect the
| storage without even trying to boot it. But things like
| this could keep you from being noticed in the first place,
| and could sufficiently handle the vast majority of
| situations.
|
| In Russia right now, they are stopping random people on the
| street to look for certain telegram groups on people's
| phones. The randos aren't spies and aren't specifically
| targeted. The police are really only doing it to scare
| everyone else away from accepting any communication about
| Ukraine from outsiders.
|
| It would be exactly perfectly good enough if they simply
| didn't see what they were looking for.
| [deleted]
| emptyparadise wrote:
| That won't help them if the duress password is used to
| erase secrets in a way that would prevent even you from
| unlocking the drive again.
| 41b696ef1113 wrote:
| Step one for any kind of serious data extraction project
| would be to make a bit-for-bit duplicate of the origin.
| emptyparadise wrote:
| Thankfully a lot of data extraction projects serious
| enough to beat somebody with a hammer are not serious
| enough to tamper with TPM.
| Skunkleton wrote:
| The downside is they will keep hitting you with that
| hammer :(
| emptyparadise wrote:
| Unfortunately they'd most likely do that even if you
| could give them the keys :(
| boring_twenties wrote:
| That's worthless, they will copy the drive before trying
| anything.
| emptyparadise wrote:
| What if you don't store the keys on the drive?
| [deleted]
| munchler wrote:
| That scenario only works out in your favor if you prefer
| severe injury or death over disclosing the secret.
| emptyparadise wrote:
| I'm sure that it adds a certain zen aspect to
| interrogation technique resistance.
| bombcar wrote:
| If they don't really care, they're not going to look hard and
| so most anything would work (hide it in a folder or etc).
|
| If they are using the pipe, then anything that isn't what
| they're looking for will result in the pipe.
| praptak wrote:
| Determined attacker will have your disk physically copied
| before attempting anything, so "delete all my files" won't
| work.
|
| For such scenarios plausible deniability is what you want.
| Ideally, you need a whole parallel system which plausibly
| _appears_ to attackers as if it is legitimately authorized
| /decrypted. StegFS is an example building block for such
| systems.
|
| If they know you work on breeding war rabbits, you better
| have some fake files with records of failed attempts to breed
| war rabbits and your real files hidden in deeper layers.
| labcomputer wrote:
| Right, but that's sort of the reason some OSes like MacOS
| use a hardware security module to store the key used for
| encrypting the disk contents. Your adversary can make as
| many copies of the disk as they want, but they need the HSM
| (which is, by design, hard to clone) to read the plaintext.
|
| An HSM can even enforce policies like rate limiting brute
| force attempts and/or erasing itself after too many
| attempts. It could even support a duress password which
| immediately erases the keys.
|
| Without the ability to clone the HSM, the attacker doesn't
| get a "second chance" if they attempt to use the duress
| password.
| Retric wrote:
| Determined attacker might be a mugger trying to get your
| ATM pin.
|
| Assuming they will always have access to the underlying
| system being protected is missing out on a huge range of
| security issues.
| bombcar wrote:
| ATM is an example where it might match the threat level -
| a pin that reveals an account with $450 or so in it
| instead of the real accounts.
| tomatotomato37 wrote:
| I feel a whole parallel system is very risky due to the
| large service area you have to emulate; screwing something
| up like Last Modified dates or system updates may reveal
| you never used that system since 2012. I would rather hide
| anything risky in an area where high-entropy binary blobs
| wouldn't appear unusual; the output folder of a hobby data
| compresser project wouldn't be a bad choice.
| emptyparadise wrote:
| This xkcd comic single-handedly set security threat modeling
| back by decades.
| TacticalCoder wrote:
| Yup, honestly it's pathetic and getting on my nerves every
| single time it's posted.
| deknos wrote:
| i wish the luks guys would also do this, but they denied the
| request back then.
___________________________________________________________________
(page generated 2022-03-06 23:00 UTC)