-
Holy crap. This is making me seriously consider dropping my Spotify subscription (because as soon as one company gets away with it, the others will follow) and slowly buying back my library on CDs. That’s just freaking evil.
-
Does Spotify offer to upload your personal library and serve it to you? I thought the external song stuff was just integration of local files with your library and if the file didn’t exist on the local system it wouldn’t play it?
There are plenty of reasons to want to drop Spotify, but this is one of the more out there ones I think.
-
-
-
Make sure you also read Theo De Raadt’s follow up.
-
I know it’s not going to happen but I wish they had gzip compression planned for httpd.
-
Yeah, I also really wish httpd had support for setting arbitrary headers. Requiring relayd for setting expires/cache-control, charset, CORS, etc.. just adds yet another moving part. At least hsts is possible now. Not sure why they didn’t just add support for setting arbitrary headers though.
-
-
This is similar logic to running services on non-default ports. It /may/ be more secure because attackers will pass over it but that’s a seriously dangerous assumption if that’s what you’re relying on for security.
At least he pushes for modern crypto algorithms, so it’s not ALL bad.