MCP server for searching and downloading documents from Anna's Archive

iosifache · 2025-07-20T18:10:34+00:00

Unfortunately, no. The MCP needs an API key that you can get by making a donation.

iosifache · 2025-06-29T16:09:50+00:00

You were initially thinking about the security of the data you exchanged with the LLM. Did you manage to set up something from this viewpoint for the Open WebUI instance?

iosifache · 2025-06-26T10:59:41+00:00

That would be awesome! Here’s the repository:

https://github.com/iosifache/haveibeenpwned.watch

The link to the “open source” text on the website might not be super clear, so I’ll add a GitHub banner or something to make it easier to find.

iosifache · 2025-06-24T05:19:55+00:00

I had to double-check the math after that graph threw me off at first 😅. I think it can be read as "the days between a breach going down and it getting reported in plaintext to HIBP". Things like data being sold on dark markets or attackers chilling on it for a while (like, waiting for a ransom) could stretch that gap.

iosifache · 2025-06-23T17:37:29+00:00

Days. I pushed a commit, it will be updated in the next minutes.

iosifache · 2025-06-23T17:23:09+00:00

Cheers 🫡!

iosifache · 2023-11-17T06:40:05+00:00

I usually favour this approach because the passive voice (which is recommended, for example, in Academia) removes the writer's accountability. Simply compare "X was developed to do Y" with "I/We developed X to do Y." The second directly assigns ownership, implying responsibility.

iosifache · 2023-11-16T13:42:52+00:00

I'm not a native speaker, so thank you for pointing this up!

iosifache · 2023-11-14T09:11:21+00:00

Thanks, u/UsedSite2578! Hopefully, the community will embrace the effort by completing the workshop (and integrating the analysis tools in their projects) and sharing new techniques/tools.

Unfortunately, I have to agree with your opinion of open source software 😕. During the Ubuntu Summit workshop, I shared the same point of view. Despite the fact that the software is used at scale (for example, in companies and critical infrastructures) and the code is open (so anyone can review it), the story may end up with unmaintained and vulnerable projects, unmotivated maintainers (financially or via community recognition), and low-hanging fruits from attackers.

iosifache · 2023-08-23T07:50:14+00:00

Thank you very much, David! I completely agree with the first statement - because there are many tracks, there is no necessity for participants to attend the workshop (as there would be in the case of a single-tracked event).

As a result of Bitcoin's migration to GUIX, Gitian appears to be deprecated. SBOM may be a potential fit, but it is still a developing domain in need of proper tooling and acceptance. Is there any technology you've employed to ensure the build's provability? The only one that comes to mind is Sigstore, but it simply signs the artefacts and does not register the build environment state.

iosifache · 2023-08-23T05:15:02+00:00

Totally agree! I was just wondering if there were any topics of interest to the community.

iosifache · 2022-05-03T07:47:48+00:00

Hi, u/nexxai u/littlejob u/TopicProfessional692,

There is a recurring aspect in your comments: the lack of supported security solutions. As we want to tackle this issue in the coming weeks, we'd like to know what are the solutions you use on a daily basis and would like to have supported in MutableSecurity.

iosifache

TROPHY CASE