Get started with App.net.

  Sign up now  
maclemon
    @smc Don’t forget to change the crypto settings and port in /opt/local/etc/sshd_config ! Also completely turn off DSA and use ed25519 keys only.
    maclemon
      @smc To enjoy the +hpn speed improvements you Need that on both ends. FreeBSD for example defaults to use it as well.
      maclemon
        @smc It seems to do so for me. :-) MacPorts gives you a launchd item and dumps instructions to use it into the Terminal upon installation. The usual way for MacPorts. I’m Running it via my own launchd item which works fine als well.
        maclemon
          @smc Apple lags horribly for ANY open source part they ship. Worse than just skipping it. Have to work around Apple most of the time now. Most of OS X’s benefits are long gone sadly. @pharsicle
          maclemon
            @smc The “hpn patch” is an official variant to install with MacPorts. I can highly recommend it, especially in high bandwidth connections. @pharsicle
            maclemon
              @smc MacPorts has worked perfectly for me since the sunset of fink. :-) I Personally wouldn’t let homebrew anywhere near my machines. 90% is copied from Ports anyway and the rest is very strange things. Security of brew is somewhat scary. @pharsicle
              maclemon
                @smc You can fix the ancient OpenSSH version on OS X. The better solution is to go with MacPorts 6.8 +hpn Patch and use @bettercrypto config. Full disclosure: I’m co-author. @pharsicle
                maclemon
                  #AppleWatchSecurity Apple WTch Update 1.0.1 fixes 13 Security problems including TLS #FREAK. Update via iPhone! https://support.apple.com/de-de/HT204870
                  maclemon
                    Shutting down the ADN Mac & iOS Security Push notification Channel https://app.net/b/z4gwr
                    maclemon
                      @schlingel Bob ist NICHT Prepaid. Anonyme SIM Karte mit Prepaid Volumen gibt’s zB bei yesss.at . Einfach einlegen und geht. Keine online Aktivierung oder so. @piets
                      maclemon
                        @ferebee Aren’t you already prepared for shipment?
                        maclemon
                          @ha_jo Same as in 10.10.3 then. US agencies are generally very big in Apple’s trust stores.
                          maclemon
                            @ha_jo That was in 10.10.2. I’m currently investigating Root Certs Apple adds and removes over versions. Since it was MD5 signed it wasn’t trusted anyway, though still valid. Still ≈20 RSA/1024 Root Certs installed.
                            maclemon
                              TIL: Apple's OS X 10.10 Yosemite ships with an MD5 signed, RSA/1024 GeoTrust root certificate valid until 2020. #MacSecurity #Research
                              maclemon
                                @rabryst Which makes no guarantees when it’s actually the exactly right moment to do so. @redqueencoder
                                maclemon
                                  @rabryst That makes sense to me, only that one can’t really influence one’s own timing in either way. The universe doesn’t tell you when to jump. @redqueencoder
                                  maclemon
                                    @redqueencoder I’ve read that multiple times now and either I don’t get it or… I don’t get it.
                                    maclemon
                                      @smc Just need to put it into the file to persist across reboots. You can just set it at runtime with sysctl. May need sudo though.
                                      maclemon
                                        @smc You should be able to up that limit in /etc/sysctl.conf like this: kern.maxprocperuid=1024 Had to do that ever since they started limiting this with launchd back in 10.4.