mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

613
comptes actifs

#Entrust

0 message0 participant0 message aujourd’hui

CNP pagó $2.4 millones a Racsa por software logístico que no funciona bien

Para el proyecto, Racsa estableció una asociación empresarial con la empresa Entrust Consultores Centroamérica S.A., encargada de implementar el sistema logístico.
La entrada CNP pagó $2.4 millones a Racsa por software logístico que no funciona bien aparece primero en Semanario Universidad.

#Agricultura #Alimentos #CNP #Entrust #Impreso #Oracle #Pai #País #Plataforma #RACSA #SistemaLogístico

semanariouniversidad.com/pais/

Semanario Universidad · CNP pagó $2.4 millones a Racsa por software logístico que no funciona bien • Semanario UniversidadPara el proyecto, Racsa estableció una asociación empresarial con la empresa Entrust Consultores Centroamérica S.A., encargada de implementar el sistema logístico.
A répondu dans un fil de discussion

@kde@floss.social @kde@lemmy.kde.social

"Speaking of accessibility, the accessibility of the main view of Dolphin was completely overhauled to make it work with screen readers. This work was funded by NGI0 Entrust Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme"
invent.kde.org/system/dolphin/

Thanks KDE and @NGIZero !

#accessibility#KDE#NGI
A répondu dans un fil de discussion

@hlindqvist : the most important problem by far is that browser users do not know who is responsible for a website with a given domain name. This enormously exacerbates the phishing problem.

The main reason why I mention the mis-issued certs is that Google et al. kept complaining about mis-issued OV and EV certs, and insisted that QWAC's would be mis-issued to governments for spying purposes; DV-certs would be safe.

Google is now even destroying Entrust because of mis-issuance (security.googleblog.com/2024/0 - not that I have any opinion about Entrust, but GTS = Google "Trust" services issues certs to cybercriminals all the time).

Apparently there are no penalties for mis-issuing DV certs, or issuing them to cybercriminals - in particular when they use domain names clearly intended for phishing purposes. That *could* be a legitimate choice, but then users should be made aware what type of cert a website uses, in order to have necessarily trustworthy websites return to using more trustworthy certificates.

We are being lied to that DV-certs are fine. They are not. Not only because the domain owner is anonymous and users see no difference between websites with DV vs more usable certs, but now there's plenty of proof that DV certs get mis-issued as well.

A DV cert may be fine for your home NAS, but as long as people cannot distinguish between websites with untrustworthy versus more trustworthy certs, cybercrime will continue to flourish - and probably become an even bigger problem.

On this insanely insecure internet, the EU wants their citizens to start using EDIW's (European Digital Identity Wallet).

It's primarily in your own interest if websites that demand that you authenticate using EDIW *are" trustworthy. If you have no way to know, they may AitM you to authenticate *them* as *you* on some other website. They'll be able to get credit cards registered on *your* name (highly trustworthy because of EDIW), but THEY will be draining that credit card. Good luck with proving "it wasn't me".

Three important facts that are often overlooked:

1) The easier impersonation is, the less reliable authentication is.

2) Authentication mandates that BOTH parties are reliable.

3) It is extremely hard, if not impossible, to overestimate the risks of AitM attacks.

Google Online Security BlogSustaining Digital Certificate Security - Entrust Certificate DistrustPosted by Chrome Root Program, Chrome Security Team Update (07/22/2024): Website operators who will be impacted by the upcoming change in...
#AitM#MitM#DV