@hanno@mastodon.socialMy motivation to get into PGP fights these days is very limited, but, well, sometimes I can't escape the "someone is wrong on the Internet" feeling.
The author of @… still does not understand what "Authenticated Encryption" means ("still", because I've seen these discussions back in the efail days). It is a pretty central conce…
@qbi@freie-re.deSehr geiler Talk von @… und @… über Schwachstellen in #GnuPG und ein paar weiteren Programmen. Insgesamt fanden beide 14 Schwachstellen.
Große…
@fanf@mendeddrum.orgone of the funniest things about the gpg.fail bugs is this user interface and documentation confusion:
using --decrypt to verify a signature (boggle) because that’s recommended in documentation that became obsolete 25 years ago (wince) but which is still published without caveat (facepalm)
https://seclists.org/oss-sec/2025…
@gray17@mastodon.social`brew install netlify-cli` also installs `gcc` ... and `systemd` ?
uhhh...
- netlify-cli uses npm package ipx (image optimization)
- ipx uses npm package sharp (fast image processing)
- sharp has prebuilt binaries that use libvips (image processing)
- netlify-cli brew formula removes those and instead uses the brew for vips
- vips requires poppler (pdf renderer)
- poppler requires gpgme, requires gnupg, requires libusb, requires systemd
(avoid this wi…
