When I first started working from home because of the pandemic, I had a IKEA Marcus chair, however, this soon was too bad of a chair to sit all day in, so I ended up investing in a Herman Miller Embody, and have not been looking back since. Great chair!
First thing that came to mind is that you should set a max width of the content container. For those of us that have a ultrawide for example, it can become hard to read when the content spans the entire screen.
As Zoom now owns Keybase, I am really worried about the future of Keybase, especially after statements like these.
This also makes none or very little sense - if this is actually just to cooperate with law enforcement, why would encrypting corporate (or paying) calls be any better, the bad people that are referred to in the statement could just get a paid plan?
I think you don't need to trust the server just if you can audit the frontend and assure it does not share any sensitive information with the server-side.
If they apply the concept of data minimisation, decentralisation and distribution properly, there are fewer risks involved.
But, if the server manages sensitive information, yes. It is preferable to audit the server code to understand how they handle the lifecycle of the information.
"If you think you need to see the server source then any trust you have is mistaken."
Sorry but I don't agree. I trust in systems I can verify. Trust without verifying is not trust, it is faith.
OK, but that doesn't help you when they shut down the server, which I think is what this thread was about? That zoom purchased it as an aquihire to have staff work on zoom, and isn't committed to the platform.
Agreed, but a server turned off has lower risks to leak information. And I think also they bought the expertise of the team to improve zoom, more than getting the solution per se. It will take some months to have this question answered (about what will really happen to keybase)
Clearly, a product which has been discontinued has less of a chance of violating your privacy, that's true.... I think there are a couple different non-intersecting conversations going on here...
It sounds like bullshit. I don't think the reason to avoid keybase is necessarily because it draws their security from authorities into question, but it does call into question if a company that would say something that looks like impulsive nonsense is someone you want to trust.
---------
#!/bin/sh
echo "Store and retrieve session token AWS STS \n\n"
# Get source profile read -p "Source Profile [<profile_name>]: " source_profile source_profile=${source_profile:-'<profile_name>'} echo $source_profile
# Get destination profile read -p "Destination Profile [<profile_name>-mfa]: " destination_profile destination_profile=${destination_profile:-'<profile_name>-mfa'} echo $destination_profile
mfa_serial_number='arn:aws:iam::<id>:mfa/<name>'
echo "\nOTP: " read -p "One Time Password (OTP): " otp
echo "\nOTP:" $otp echo "\n"
output=$(aws sts get-session-token --profile <profile_name> --serial-number $mfa_serial_number --output json --token-code $otp)
echo $output
access_key_id=$(echo $output | jq .Credentials.AccessKeyId | tr -d '"') secret_access_key=$(echo $output | jq .Credentials.SecretAccessKey | tr -d '"') session_token=$(echo $output | jq .Credentials.SessionToken | tr -d '"')
aws configure set aws_access_key_id $access_key_id --profile=$destination_profile aws configure set aws_secret_access_key $secret_access_key --profile=$destination_profile aws configure set aws_session_token $session_token --profile=$destination_profile
echo "Configured AWS for profile" $destination_profile