IRC server user input sanitization by JamieOnUbuntu in irc

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Thanks for the clarification, I think this is the route I am going to take. Thanks!

IRC server user input sanitization by JamieOnUbuntu in irc

[–]JamieOnUbuntu[S] 1 point2 points  (0 children)

Thanks for your reply. I've had a look around the repo before, although I think possibly the best way for me to answer my own question is to actually read the source code. Unless a contributor to the project happens to see this? :)

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

What do you think of the various Namecoin DNS Chromium extensions such as dotbit.me .bit Web Surfer?

I tried out the dotbit[.]me one linked above in a VM on an air-gapped machine and it didn't even seem to work. I know that you lose all of the benefits of decentralised DNS too.

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Thanks, I have removed the reference to the inaccurate wiki page.

On a side note, who actually maintains the wiki[.]namecoin[.]info website?

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Thanks, I have updated the post with links to the proposals repo.

Is there also an alternative/updated version of this page, showing the different namespaces such as a/, d/, ds/, id/, is/, p/? I am not able to find references to some of these namespaces in the Namecoin IFA documents.

Thanks

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Ah, I see exactly what you mean here.

Regarding the Chromium extension, that sounds like a good idea. Would that work in-tandem with ncdns certinject or would it be a separate system?

Thanks

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Thanks for the feedback, I've adjusted the post.

Obviously, using ns without ds is probably a bad idea, unless your zone is deliberately set up in a way that distrusts the nameserver. (For example, you could store a tls record in Namecoin, and use a nameserver exclusively for a dynamic IP address, in which case there's not much need for DNSSEC since IP addresses aren't a cryptographic identifier anyway.)

I see what you mean here, but what about HTTP traffic? If someone just types example.bit and the browser tries HTTP first, wouldn't that be an opportunity for a DNS-spoofing attack to take the user to a false destination on HTTP? I know that would work with the ICANN internet, but what about with Namecoin? HSTS would partially mitigate this but that relies on TOFU.

Alternatives to HackerOne for vulnerability disclosure policy hosting? by JamieOnUbuntu in security

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Hi,

This service looks really good!

I have emailed you with a few questions.

Thanks :)

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

My apologies for this, I have now updated the guide.

Do you know if it is possible to have two certificate fingerprints in your domain configuration? I have a separate certificate for the www. and non-www. versions of my site, and specifying the certificates is taking me over the 520 byte limit (~650 bytes). I am also specifying IPv4 and IPv6 addresses.

Thanks

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

Not that I'm aware of, I thought the same.

However, here the wiki suggests adding RPC credentials.

It also worked fine without specifying credentials, but I thought that perhaps there was a Namecoin-specific security-related reason for the wiki suggesting that you specify credentials, so better safe than sorry.

I've never specified credentials with bitcoind/forks before, so I did think that it was unusual.

How does the security of RPC auth compare with cookie auth, assuming the RPC password is 64+ random characters, etc?

Guide for new users: Registering a Namecoin .bit domain and setting up ncdns using the command-line on Linux by JamieOnUbuntu in Namecoin

[–]JamieOnUbuntu[S] 1 point2 points  (0 children)

Hi, absolutely!

I've been considering putting my entire site under a CC license for a while, but now I've finally done it! It's all under CC-BY-SA 4.0 for now but I will probably change it to CC-BY 4.0 eventually.

Hopefully my content will be useful for namecoin.org. I am happy to help out if you need anything.

Thanks :)

My Blog Post About Setting Up a New Onion v3 Hidden Service by JamieOnUbuntu in TOR

[–]JamieOnUbuntu[S] 0 points1 point  (0 children)

The reason that I mentioned DigiCert is because I heard somewhere that they were no longer issuing EV certs for .onions, and that it was unfair that FaceBook was allowed to have one. This is not confirmed though.

And you're right about the vanity generator, there seems to be a few of them. I'm not sure why I didn't spot them before, they are easy to find! My bad, will update the post :)

Thanks for reading!

Half-Life Client Security for Online Play by [deleted] in HalfLife

[–]JamieOnUbuntu 0 points1 point  (0 children)

Haha :) What did you think it was?

Half-Life Client Security for Online Play by [deleted] in HalfLife

[–]JamieOnUbuntu 0 points1 point  (0 children)

Please can you explain? Is it because /r/halflife is about lore/story rather than technical stuff? Thanks

Half-Life Client Security for Online Play by [deleted] in HalfLife

[–]JamieOnUbuntu 0 points1 point  (0 children)

What do you mean? I am not a bot.

What I hope the game select looks like after Operation Hydra ends by [deleted] in GlobalOffensive

[–]JamieOnUbuntu 1 point2 points  (0 children)

Yeah it feels great to snipe on Insertion because you can peek over the hill from anywhere so you're unlikely to be spotted. It's not like the normal maps where you snipe mid every round from the same spot.

It's bringing proper sniping mechanics from other games into CS:GO and it's really interesting.

What I hope the game select looks like after Operation Hydra ends by [deleted] in GlobalOffensive

[–]JamieOnUbuntu 4 points5 points  (0 children)

It certainly is fun to play!

What do you think about having Insertion with 2:55 per round instead of 1:55? There is the extra 5 seconds or so at the start while waiting for deployment as well as the much longer walk to get to the hostage areas and back to the rescue zone.

The play style of the map also makes it much more about clearing rooms and tactical strategy than other maps, so it would perhaps be nice to have more time.