Another alternative drug is emoxypine [1], sold under the brand name Mexidol. It also possesses anti-anxiety effects. Rather than make the user feel terrible when they drink (as in the case of disulfiram), it has effects more similar to naltrexone: reducing the effects of alcohol so the user does not experience the feelings they usually would. I think this is a lot more humane than disulfiram.
I was just looking to see if someone had posted emoxypine.
I have some experience with this med and it does work as intended for alcoholism. Plus it does the job a lot more gently than what I imagine disulfiram does.
Also take a look at the EFF’s wordlists [1] as an alternative to the Diceware list. Quoting from their blog post, here are some issues with the Diceware list that they have resolved:
- It contains many rare words such as buret, novo, vacuo
- It contains unusual proper names such as della, ervin, eaton, moran
- It contains a few strange letter sequences such as aaaa, ll, nbis
- It contains some words with punctuation such as ain't, don't, he'll
- It contains individual letters and non-word bigrams like tl, wq, zf
- It contains numbers and variants such as 46, 99 and 99th
- It contains many vulgar words
- Diceware passwords need spaces to be correctly decoded, e.g. in and put are in the list as well as input
Kudos to the author for a fantastic write up. The structure made reading it a really pleasant learning experience - a solid table of contents, an up-front summary, and a sensible list of prerequisites and instructions for following along.
For those interested in the topic of tunneling, I highly recommend The Cyber Plumber’s Handbook [1] to gain an even deeper understanding and examples beyond SSH.
I’ve been trying to gain an understanding of threat modeling and one thing I’m struggling with is the definition of trust boundary - none of the descriptions I’ve read really clicked for me. Could you describe what it means?
Trust boundaries make most sense when used in a data flow diagram, where for every flow between processes you ask yourself: “what could go wrong here?”
That question deserves additional attention if these flows reach processes controlled by different people, or are running under different privileges. That’s when they cross a trust boundary.
So a db server with local storage: single trust boundary around db and storage. But! But! What about the kernel!?
At this point it becomes important ask to another question: does the current abstraction level of the model help you think better about risk? It depends. Perhaps not if the db is part of a larger infrastructure with a global CDN, loadbalancers, webservers and some in memory caching layer.
Yes, take a look at the manual page for knockd and search for "One_Time_Sequences". It does what you are asking by using a one-time valid sequence of port knocks, but it is like HOTP rather than TOTP.
The OpenVPN configuration uses AES-128-GCM as the cipher, which itself is fine but the website claims it is using AES-256.
More concerning is the 'Tor VPN' and bridge being offered. The Tor bridge here is not a proper bridge, instead the SOCKS port is being exposed on a public IP rather than the usual 127.0.0.1. SOCKS is an unencrypted protocol so everything being sent to the bridge is exposed on the wire, and your ISP can trivially see that you are connecting to a VPN over it. This is dangerous and misleading - Tor even warns you that the protocol is not encrypted when you expose the SOCKS port publicly. Real Tor bridges are simply relays not listed in the consensus file. Connections using them are still encrypted using TLS. The website incorrectly claims that by using the VPN over Tor configuration files, you are masking your VPN connection from your ISP.
This free VPN is so misleading that I felt the need to make a HN account just to write about it.
Also only available cipher for wireguard is Chacha20Poly1305. I wonder how comes technical information presented by this VPN service is such inaccurate.
[1] https://en.wikipedia.org/wiki/Emoxypine