1. 2
    1. The fact that the web needs “saving” every few years or so seems like a serious design flaw.

    2. Why does an informational site need to set cookies? Just show me the text.

    1. 1

      seems like a serious design flaw

      Yes. The way it was built was not with any security in mind. A lot has been added later, such as TLS and all kinds of HTTP headers. It’s slowly improving, but steady. I think.

      1. 2

        I don’t think baking in encryption etc. from the beginning would have changed anything, all else being equal.

        All and every HTTP call could be via HTTPS, and we’d still have to deal with intrusive tracking implemented to more effectively serve ads.

        1. 1

          I don’t think baking in encryption etc. from the beginning would have changed anything, all else being equal.

          It would have prevented a lot of MitMs. But I agree, apart from that it doesn’t fix a lot of problems.

    1. 3

      Facebook is on the list of supporters. Strong whiff of astroturf.

      Edit apparently the publisher is this outfit: https://webfoundation.org/about/. I retract my accusation of astroturfing, and substitute “like the UN: well-meaning and without any real power”.

      1. 4

        Indeed, it feels like bluewashing to me, at least for the commercial organisations. Some of these companies are known for the internet.org project in Africa, which only included restricted internet access to some services, thereby violating net neutrality. Which I can totally understand from their business model, but combined with their commitment to this initiative it’s hypocrite imho.

      1. 8

        I tried to document some things I learned about filesystems on Linux and macOS in a document: fsdoc.pdf. It’s not complete and a bit shitty, but if you have anything more that is interesting, do leave me a pull request :)

        1. 1

          Cool write-up! While scrolling, I read:

          For this reason, adoption of acl is not widespread.

          I don’t think that’s true, SELinux and AppArmor have this and are default enabled on a number of distributions.

        1. 3

          I’m not an IRC expert, but I assume that I can connect from for example multiple machines running irssi and get all my messages simultaniously? You mention that it only supports TLS, but is that the connection between my client irssi and pounce, between pounce and the upstream server or both?

          1. 3

            Yes. You’ll want to have each irssi set a different username to indicate to pounce that they should both be getting their own copies of messages (see “Client Configuration” in the manual page).

            It is TLS-only in all directions.

          1. 14

            I don’t host my email, because I think it’s too much of a risk. Email should always work, period. With a self hosted environment I can’t assure that.

            1. 18

              That’s exactly why I do self-host. If you rely on somebody like Google, you’re at their mercy as far as what actually gets through or not.

              1. 7

                You’re always going to be at the mercy of 3rd parties when running your email. If your IP ends up on a blocklist you’re doomed, every provider will blackhole your email. You’re one person, you’ll struggle massively to get it lifted, if at all - meanwhile your email is being blackholed. Google end up on a blocklist, they’ve huge leverage and will have it fixed instantly.

                Email operates on trust, its really hard to gain trust when you’re one person with no history. Especially when you don’t even own the IP space, so you’re relying on the trust of your untrustworthy ISP members.

                1. 8

                  That’s my point. Google and other providers are silently blocking incoming emails. I’d rather be in charge of what gets through to me. Of course you’re always at the mercy of third parties regardless, but self-hosting makes it one less.

                  By the way, I have a side-project that sends several thousand emails everyday. I’ve had to deal with blocklists a few times, but it’s really not that bad. It’s also trivial to switch outgoing IP addresses.

                  1. 6

                    I agree. I’ve recently noticed that Google is being way too aggressive in dropping the mail, including from some mailing lists, not to mention the private domains.

                    As for your second point — apparently, I actually have had my domain name itself blocked by Gmail, expectedly due to sending myself some lists of domains through crontab, so, I’ve actually had to switch my domain for outgoing mail for now.

              2. 7

                When self-hosting, you at least have access to logs. You can see, if other side greylisted you or accepted mail immediately. Mail service providers are hiding all kind information, both about incoming and outgoing connections. I have self hosted my email long-long time, over 15 years. Sometimes there is little bit trouble, but nothing too serious. Most practical advice: don’t use well known cheap VPS providers. Those IP-s are bad neighbourhood, most problems with delivery are going from that.

              1. 15

                Do Not Track failed in browsers. I’m very skeptic that this alternative version will succeed.

                1. 1

                  Do Not Track is not a browser setting. It’s a server setting, sent by a browser. The servers are free to ignore it

                  This is an initiative for local software, like Homebrew and Gatsby. They do not use the network as a matter of course. It’s a horse of a different color.

                1. 59

                  This site is claiming to offer a “standard for opting out of telemetry”, but that is something we we already have: Unless I actively opt into telemetry, I have opted out. If I run your software and it reports on my behavior to you without my explicit consent, your software is spyware.

                  1. 11

                    but that is something we we already have: Unless I actively opt into telemetry, I have opted out.

                    I know this comes up a lot, but I disagree with that stance. The vast majority of people leaves things on their defaults. The quality of information you get from opt-in telemetry is so much worse than from telemetry by default that it’s almost not worth it.

                    The only way I could see “opt-in” telemetry actually work is caching values locally for a while and then be so obnoxiously annoying about “voluntarily” sending the data that people will do it just to shut the program up about it.

                    1. 25

                      That comment acts like you deserve to have the data somehow? Why should you get telemetry data from all the people that don’t care about actively giving it to you?

                      1. 12

                        That comment acts like you deserve to have the data somehow?

                        I’ve got idiosyncratic views on what “deserving” is supposed to mean, but I’ll refrain from going into philosophy here.

                        Why should you get telemetry data from all the people that don’t care about actively giving it to you?

                        Because the data is better and more accurate. Better and more accurate data can be used to improve the program—which is something everyone will eventually benefit from. But if you skew the data towards the kinds of people who opt into telemetry.

                        Without any telemetry, you’ll instead either (a) get the developers’ gut instinct (which may fail to reflect real-world usage), or (b) the minority that opens bug tickets dictate the UI improvements instead, possibly mixed with (a). Just as hardly anyone (in the large scale of things) bothers with opting into telemetry, hardly anyone bothers opening bug tickets. Neither group may be representative of the silent majority that just wants to get things done.

                        Consider the following example for illustration of what I mean (it is a deliberate oversimplification, debate my points above, not the illustration):

                        Assume you have a command-line program that has 500 users. Assume you have telemetry. You see that a significant percentage of invocations involve the subcommand check, but no such command exists; most such invocations are immediately followed by the correct info command. Therefore, you decide to add an alias. Curiously, nobody has told you about this yet. However, once the alias is there, everyone is happier and more productive.

                        Had you not had telemetry, you would not have found out (or at least not found out as quickly, only when someone got disgruntled enough to open an issue). The “quirk” in the interface may have scared off potential users to alternatives, not actually giving your program a fair shot because of it.

                        1. 3

                          Bob really wants a new feature in a software he uses. Bob suggests it to developers, but they don’t care. As far as they can tell, Bob is the only one wanting it. Bob analyzes the telemetry-related communication and writes a simple script that imitates it.

                          Developers are concerned about privacy of their users and don’t store IP addresses (it’s less than useless to hash it), only making it easier for Bob to trick them. What appears as a slow growth of active users, and a common need for a certain feature, is really just Bob’s little fraud.

                          It’s possible to make this harder, but it takes effort. It takes extra effort to respect users’ privacy. Is developing a system to spy on the users really more worthy than developing the product itself?

                          You also (sort of) argued that opt-in telemetry is biased. That’s not exactly right, because telemetry is always biased. There are users with no Internet access, or at least an irregular one. And no, we don’t have to be talking about developing countries here. How do you know majority of your users aren’t medical professionals or lawyers whose computers are not connected to the Internet for security reasons? I suspect it might be more common than we think. Then on the other hand, there are users with multiple devices. What can appear as n different users can really just be one.

                          It sort of depends on you general philosophical view. You don’t have to develop a software for free, and if you do, it’s up to you to decide the terms and conditions and the level of participation you expect from your users. But if we talk about a free software, I think that telemetry, if any, should be completely voluntary on a per-request basis, with a detailed listing of all information that’s to be sent in both human- and machine- readable form (maybe compared to average), and either smart enough to prevent fraudulent behavior, or treated with a strong caution, because it may as well be just an utter garbage. Statistically speaking, it’s probably the case anyway.

                          I’m well aware that standing behind a big project, such as Firefox, is a huge responsibility and it would be really silly to advice developers to rather trust their guts instead of trying to collect at least some data. That’s why I also suggested how I imagine a decent telemetry. I believe users would be more than willing to participate if they saw, for example, that they used a certain feature above-average number of times, and that their vote could stop it from being removed. It’s also possible to secure per-request telemetry with a captcha (or something like that) to make it slightly more robust. If this came up once in a few months, “hey, dear users, we want to ask”, hardly anyone would complain. That’s how some software does it, after all.

                          1. 1

                            The fraud thing is an interesting theory, but I am unaware how likely it is; you’ve theorised a Bob who can generate fraudulent analytics but couldn’t fake an IP address or use multiple real IP addresses or implement the feature he actually wants.

                            1. 0

                              It’s not that he couldn’t do it, it’s just much simpler without that. It’s really about the cost. It’s easy to curl, it’s more time consuming or expensive to use proxies, and even more so to solve captchas (or any other puzzles). The lower the cost, the higher the potential inaccuracy. And similarly, with higher cost, even legitimate users might be less willing to participate.

                              I don’t have some universal solution or anything. It’s just something to consider. Sometimes it might be reasonable to put effort into making a robust telemetric system, sometimes none at all would be preferred. I’m trying to think of a case “in between”, but don’t see a single situation where jokingly-easy-to-fake results could be any good.

                          2. 1

                            Telemetry benefits companies, otherwise companies wouldn’t use it. Perhaps it can benefit users, if the product is improved as a result of telemetry. But it also harms users by compromising their privacy.

                            The question is whether the benefits to users outweigh the costs.

                            Opt-out telemetry-using companies obviously aren’t concerned about the costs to users, compared to the benefits they (the companies) glean from telemetry-by-default. They are placing their own interests first, ahead of their users. That’s why they resort to dark patterns like opt-out.

                        2. 12

                          You assume that we actually need telemetry to develop good software. I’m not so sure. We developed good software for decades without telemetry; why do we need it now?

                          When I hear the word “telemetry”, I’m reminded of an article by Joel Spolsky where he compared Sun’s attempts at developing a GUI toolkit for Java (as of 2002) to Star Trek aliens watching humans through a telescope. The article is long-winded, but search for “telescope” to find the relevant passage. It’s no coincidence that telemetry and telescope share the same prefix. With telemetry, we’re measuring our users’ behavior from a distance. There’s not a lot of signal there, and probably a lot of noise.

                          It helps if we can develop UsWare, not ThemWare. And I think this is why it’s important for software development teams to be diverse in every way. If our teams have people from diverse backgrounds, with diverse abilities and perspectives, then we don’t need telemetry to understand the mysterious behaviors of those mysterious people out there.

                          (Disclaimer: I work at Microsoft on the Windows team, and we do collect telemetry on a de-facto opt-out basis, but I’m posting my own opinion here.)

                          1. 5

                            we don’t need telemetry to understand the mysterious behaviors of those mysterious people out there

                            Telemetry usually is not about people’s behaviors, it’s about the mysterious environments the software runs in, the weird configurations and hardware combinations and outdated machines and so on.

                            Behavioral data should not be called telemetry.

                            1. 3

                              One concrete benefit of telemetry: “How many people are using this deprecated feature? Should we delete it in this version or leave it in a while longer?”

                              We developed good software for decades without telemetry; why do we need it now?

                              Decades-old software is carrying decades-old cruft that we could probably delete, but we just don’t know for sure. And we all pay the complexity costs one paper cut at a time.

                              I’m as opposed to surveillance as anybody else in this forum. But there’s a steelman question here.

                            2. 12

                              The quality of information you get from opt-in telemetry is so much worse than from telemetry by default that it’s almost not worth it.

                              A social scientist could likewise say: “The quality of information you get from observing humans in a lab is so much worse than when you plant video cameras in their home without them knowing.”

                              How is this an argument that it’s ok?

                              1. 1

                                There are three differences as far as I can tell:

                                The data from a hidden camera is not anonymizable. Telemetry, if done correctly (anonymization of data as much as possible, no persistent identifiers, transparency as to what data is and has been sent in the past), cannot be linked to a natural person or an indvidual handle. Therefore, I see no harm to the individual caused by telemetry implemented in accordance with best data protection practices.

                                Furthermore, the data from the hidden camera cannot cause corrective action. The scientist can publish a paper, maybe it’ll even have revolutionary insight, but can take no direct action. The net benefit is therefore slower to be achieved and very commonly much less than the immediate, corrective action that a software developer can take for their own software.

                                Finally, it is (currently?) unreasonable to expect a hidden camera in your own home, but there is an increased amount of awareness of the public that telemetry exists and settings should be inspected if this poses a problem. People who do care to opt out will try to find out how to opt out.

                                1. 2

                                  Finally, it is (currently?) unreasonable to expect a hidden camera in your own home, but there is an increased amount of awareness of the public that telemetry exists and settings should be inspected if this poses a problem. People who do care to opt out will try to find out how to opt out.

                                  I think this is rather deceptive. Basically it’s saying: “we know people would object to this, but if we slowly and covertly add it everywhere we can eventually say that we’re doing it because everyone is doing it and you’ve just got to deal with it”.

                                  1. 1

                                    I still disagree but I upvoted your post for clearly laying out your argument in a reasonable way.

                                2. 3

                                  You seem to miss a very easy, obvious, opt-in only strategy that worked for the longest time without feeling like your software was that creepy uncle in the corner undressing everyone. As you pointed out everyone keeps the defaults, you know what else most normies do? Click next until they can start their software. So you add a dialog in that first run dialog that is supposed to be there to help the users and it has a simple “Hey we use telemetry to improve our software (here is where you can see your data)[https://yoursoftware.com/data] and our (privacy policy)[https://yoursoftware.com/privacy]. By checking this box you agree to telemetry and data collection as outlined in our (data collection policy)[https://yoursoftware.com/data_collection] [X]”

                                  and boom you satisfy both conditions, the one where people don’t go out of their way to opt into data collection and the other where you’re not the creepy uncle in the corner undressing everyone.

                                3. 3

                                  You can also view this as an standardized way for opt-in, which isn’t currently available either.

                                  1. 2

                                    No, it is not. It is a standardized way for opt-out.

                                  2. 3

                                    This is a bad comment, because it doesn’t add anything except for “I think non-consensual tracking is bad”, and is only tangentially related to OP insofar as OP is used as a soapbox for the above sentiment. Therefor I have flagged the comment as “Me-too”, regardless however much I may agree with it.

                                    1. 22

                                      Except that in the European Union, the GDPR requires opt-in in most cases. IANAL, but I think it applies to the analytics that Homebrew collects as well. From the Homebrew website:

                                      A Homebrew analytics user ID, e.g. 1BAB65CC-FE7F-4D8C-AB45-B7DB5A6BA9CB. This is generated by uuidgen and stored in the repository-specific Git configuration variable homebrew.analyticsuuid within $(brew –repository)/.git/config.

                                      https://docs.brew.sh/Analytics

                                      From the GDPR:

                                      The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons.

                                      I am pretty sure that this UUID falls under identification number or online identifier. Personally identifyable information may not be collected without consent:

                                      Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement.

                                      So, I am pretty sure that Homebrew is violating the GDPR and EU citizens can file a complaint. They can collect the data, but then they should have an explicit step during the installation and the default should (e.g. user hits RETURN) be to disable analytics.

                                      The other interesting implication is that (if this is indeed collection of personal information under the GDPR) is that any user can ask Homebrew which data they collected and/or to remove the data. To which they should comply.

                                      1. 3

                                        The data subjects are identifiable if they can be directly or indirectly identified, especially by […]

                                        As far as I can tell, you’re not actually citing the GDPR (CELEX 32016R0679), but rather a website that tries to make it more understandable.

                                        GDPR article 1(1):

                                        This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

                                        GDPR article 4(1) defines personal data (emphasis mine):

                                        ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;


                                        Thus it does not apply to data about people that are netiher identified nor identifiable. An opaque identifier like 1BAB65CC-FE7F-4D8C-AB45-B7DB5A6BA9CB is not per se identifiable, but as per recital 26, determining whether a person is identifiable should take into account all means reasonably likely to be used, such as singling out, suggesting that “identifiable” in article 4(1) needs to be interpreted in a very practical sense. Recitals are not technically legally binding, but are commonly referred to for interpretation of the main text.

                                        Additionally, if IP addresses are stored along with the identifier (e.g. in logs), it’s game over in any case; even before GDPR, IP addresses (including dynamically assigned ones) were ruled by the ECJ to be personal data in Breyer v. Germany (ECLI:EU:C:2016:779 case no. C-582/14).

                                        1. 9

                                          Sorry for the short answer in my other comment. I was on my phone.

                                          Thus it does not apply to data about people that are netiher identified nor identifiable. An opaque identifier like 1BAB65CC-FE7F-4D8C-AB45-B7DB5A6BA9CB is not per se identifiable,

                                          The EC thinks differently:

                                          Examples of personal data

                                          a cookie ID;

                                          the advertising identifier of your phone;*

                                          https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en

                                          It seems to me that an UUID is similar to cookie ID or advertising identifier. Using the identifier, it would also be trivially possible to link data. They use Google Analytics. Google could in principle cross-reference some application installs with Google searches and time frames. Based on the UUID they could then see all other applications that you have installed. Of course, Google does not do this, but this thought experimentat shows that such identifiers are not really anonymous (as pointed out in the working party opinion of 2014, linked on the EC page above).

                                          Again, IANAL, but it would probably be ok to reporting installs without any identifier linking the installations. They could also easily do this, make it opt-in, report all people who didn’t opt in using a single identifier, generate a random identifier for people who opt-in.

                                          1. 4

                                            They locked the PR talking about it and accused me of implying a legal threat for bringing it up. The maintainer who locked the thread seems really defensive about analytics.

                                            1. 3

                                              Once you pop, you can’t stop.

                                              I, too, thought that your pointing out their EU-illegal activity was distinct from a legal threat (presumably you are not a prosecutor), and that they were super lame for both mischaracterizing your statement and freaking out like that.

                                              1. 3

                                                The maintainer who locked the thread seems really defensive about analytics.

                                                It seems this is just a general trait. See e.g. this

                                              2. 1

                                                Now I really wish I had an ECJ decision to cite because at this point it’s an issue of interpretation. What is an advertising identifier in the sense that the EC understood it when they wrote that page—Is it persistent and can it be correlated with some other data to identify a person? Did they take into account web server logs when noting down the cookie ID?

                                                Interesting legal questions, but unfortunately nothing I have a clear answer to.

                                              3. 1

                                                Please cite the rest of paragraph 4, definitions:

                                                ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

                                                https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32016R0679

                                                Which was what I quoted.

                                                1. 1

                                                  Your comment makes the following quotations:

                                                  The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons.

                                                  Please ^F this entire string in the GDPR. I fail to find it as-is. They only start matching up in the latter half starting at “an identifier” and ending with “social identity”.

                                                  (1) ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

                                                  I agree it’s pedantic of me, but it’s not a 1:1 quote from the GDPR if a sentence is modified, no matter how small.


                                                  I’ve edited in the second half in any case though. I do not, however, see any way that modification would invalidate any of the points I’ve made there, however.

                                              4. 2

                                                If that is true, consider submitting a PR, because GDPR violations are serious business.

                                                1. 3

                                                  Or don’t submit a PR. As the project has stated:

                                                  Do not open new threads on this topic.

                                                  People have been banned from the project for doing exactly this.

                                                  1. 7

                                                    “We don’t want to hear complaints” is not a new stance for Homebrew.

                                                    1. 2

                                                      Yeah, I got the impression that they are pretty hardline on this. I hope that they’ll reconsider before someone files a GDPR complaint.

                                                      Personally, I don’t really have a stake in this anymore, since I barely use my Mac.

                                                      I guess a more creative solution would be to fork the main repo and disable the analytics code and point people to that.

                                                      Edit: the linked PR is from before the GDPR though.

                                                  2. 1

                                                    But the above user didn’t post that did they? Your comment was meaningful and useful, but theirs was just sentimental. A law violation is a law violation, but OP just posted their own feelings about what they think is spyware and didn’t say anything about GDPR.

                                                  3. 4

                                                    hmm I disagree, the OP is claiming that we should have a unified standard for “Do_Not_Track”. Finn is arguing that we shouldn’t need such a standard because unless I specifically state that I would like to be tracked, I should not be tracked and that any attempts to track is a violation of consent. Finn here is specifically disagreeing with the website in question. Should we organize against attempts to track without explicit consent, or give a unified way to opt out. These are fundamentally different questions and are actually directly related. If I say everyone should be allowed into any yard unless they have a private property sign, that may cause real concern for people who feel that any yard shouldn’t permit trespassing unless they have explicit permission. They are different concerns, that are related, and are more nuanced than “thing is bad”.

                                                  4. 1

                                                    Okay. By your (non-accepted) definition, spyware abounds and is in common use.

                                                    Simply calling it “spyware” and throwing up your hands doesn’t work. They have knobs to turn the spying off, to opt-out. I just want all those knobs to have the same label.

                                                  1. 11

                                                    I do still agree with Thomas Ptacek: DNSSEC is not necessarily.

                                                    https://sockpuppet.org/blog/2015/01/15/against-dnssec/

                                                    1. 2

                                                      From that article:

                                                      Had DNSSEC been deployed 5 years ago, Muammar Gaddafi would have controlled BIT.LY’s TLS keys.

                                                      1. 1

                                                        Is that true, though?

                                                        He would have been in a position to take over the public key, if he were willing to do so visibly. The DNS isn’t like a CA — a CA can issue n certificates for the same domain, but the DNS makes it difficult to give me one set of answers and you quite another, particularly if either of us is suspicious, as a monitoring service might be.

                                                        Bit.ly controlled its own private key. Gaddafi’s possibility was to take over control of the domain and publish other RRs, in full view of everyone. A concealed or targeted attack… I don’t think so.

                                                        1. 1

                                                          Read the article, the quote comes from the part about DANE that extends DNSSEC, which is about putting public keys for TLS in TLSA resource records.

                                                          Certificate Transparency has pretty much solved this for the CA system, where it is directly visible if unauthorized certificates are being used.

                                                          1. 1

                                                            I read it when it was new… I suppose things have changed a bit. The trened towards JSON-over-HTTPS has been very strong and gone very far, so securing only application protocols like HTTP isn’t as much of a problem as it was.

                                                            DNSSEC and DANE provide assurance that a given IP address is what I asked for. But if IP addresses aren’t relevant, assurances about them aren’t either…

                                                      2. 1

                                                        So what do you think about DNS-over-HTTPS, which AIUI is also motivated by much the same thing, but only secures the path from the endpoint to the caching DNS server?

                                                        I once saw advertising for some $%⚠雷𝀲☠⏣☡☢☣☧⍾♏♣⚑⚒⏁ game on my own website while holding a presentation. The venue’s WLAN “enhanced” my site. Both DNS-over-HTTPS and DNSSEC would have prevented that attack, at least if I had used google’s or cloudflare’s resolvers instead of the presentation venue’s.

                                                        1. 1

                                                          I do like that, although I would prefer that all authoritative DNS servers would implement TLS, so that my own recursor could do secure look-ups instead of only having a few centralized DoH resolvers.

                                                          1. 1

                                                            Oh, in that case you’d still have much the same bottleneck: You’d need to do DoH/DoT to the root/tld name servers, of which there aren’t many.

                                                            1. 1

                                                              Correct. But I’d like to see that development, which would be far better than DNSSEC.

                                                        2. 1

                                                          I feel like many arguments in this article are misleading and/or omit important details.

                                                          DNSSEC is Cryptographically Weak

                                                          Except.. it’s not. You can use ECDSA keys just fine for signing. Sure, you can use insecure keys. Just like you can use insecure keys or methods in TLS or pretty much anywhere else. We’ve come to distrust insecure configurations in TLS and we will probably have to move in that direction in DNSSEC. But first we should at least halfway get there.

                                                          DNSSEC is Expensive To Adopt

                                                          That seems to depend a lot on your point of view. A client trusting a validating recursor only needs to check a single flag in the DNS response to know if a record was signed correctly. Insecure results are therefore clearly visible and incorrectly signed results won’t be returned by the resolver. For clients, very little seems to need changing, but this is also the place where the least adaption has happened up until now.

                                                          DNSSEC is Expensive To Deploy

                                                          Two or three lines of configuration in knot-dns w/ automatic zone signing. No extra configuration on any of my nsd secondary servers. Not sure if I’d call that expensive to deploy. For a small zone, getting basic signing going is easier than configuring a Letsencrypt acme client. The biggest pain point is finding a registrar that allows you to set DS records for your zone.

                                                          DNSSEC is Incomplete

                                                          Securing the “last mile” is not what DNSSEC tries to do. We’ve got DoT and DoH for this, so that’s a different issue from a DNSSEC point of view.

                                                          DNSSEC is a Government-Controlled PKI

                                                          This is the only truely interesting point and it’s a difficult and interesing one for sure. Not sure if I’d open that can of worms right away, because the TLS CA system is also far from ideal. But I suppose it is true that DNSSEC has one central anchor for trust, which would usually be the keys for the root zone. It is of course also true that any local registrar might be influenced by a local government. But all of this is true today. The implications this has for DANE should probably discussed in the context of DANE and not of DNSSEC, but that’s just my 2 cents on this.

                                                        1. 3

                                                          The case with this practice is that the installation script isn’t being audited by the distro maintainers. But I’m not sure how big of a problem this is

                                                          1. 2

                                                            It’s big enough that various FAANGs and many other companies prohibit such malpractices. To the point of firing employees.

                                                          1. 1
                                                            From: patl@athena.mit.edu (Patrick J. LoPresti)
                                                            Subject: The True Path (long)
                                                            Date: 11 Jul 91 03:17:31 GMT
                                                            Newsgroups: alt.religion.emacs,alt.slack
                                                            
                                                            When I log into my Xenix system with my 110 baud teletype, both vi
                                                            *and* Emacs are just too damn slow.  They print useless messages like,
                                                            'C-h for help' and '"foo" File is read only'.  So I use the editor
                                                            that doesn't waste my VALUABLE time.
                                                            
                                                            Ed, man!  !man ed
                                                            
                                                            ED(1)               UNIX Programmer's Manual                ED(1)
                                                            
                                                            NAME
                                                                 ed - text editor
                                                            
                                                            SYNOPSIS
                                                                 ed [ - ] [ -x ] [ name ]
                                                            DESCRIPTION
                                                                 Ed is the standard text editor.
                                                            ---
                                                            
                                                            Computer Scientists love ed, not just because it comes first
                                                            alphabetically, but because it's the standard.  Everyone else loves ed
                                                            because it's ED!
                                                            
                                                            "Ed is the standard text editor."
                                                            
                                                            And ed doesn't waste space on my Timex Sinclair.  Just look:
                                                            
                                                            -rwxr-xr-x  1 root          24 Oct 29  1929 /bin/ed
                                                            -rwxr-xr-t  4 root     1310720 Jan  1  1970 /usr/ucb/vi
                                                            -rwxr-xr-x  1 root  5.89824e37 Oct 22  1990 /usr/bin/emacs
                                                            
                                                            Of course, on the system *I* administrate, vi is symlinked to ed.
                                                            Emacs has been replaced by a shell script which 1) Generates a syslog
                                                            message at level LOG_EMERG; 2) reduces the user's disk quota by 100K;
                                                            and 3) RUNS ED!!!!!!
                                                            
                                                            "Ed is the standard text editor."
                                                            
                                                            Let's look at a typical novice's session with the mighty ed:
                                                            
                                                            golem> ed
                                                            
                                                            ?
                                                            help
                                                            ?
                                                            ?
                                                            ?
                                                            quit
                                                            ?
                                                            exit
                                                            ?
                                                            bye
                                                            ?
                                                            hello? 
                                                            ?
                                                            eat flaming death
                                                            ?
                                                            ^C
                                                            ?
                                                            ^C
                                                            ?
                                                            ^D
                                                            ?
                                                            
                                                            ---
                                                            Note the consistent user interface and error reportage.  Ed is
                                                            generous enough to flag errors, yet prudent enough not to overwhelm
                                                            the novice with verbosity.
                                                            
                                                            "Ed is the standard text editor."
                                                            
                                                            Ed, the greatest WYGIWYG editor of all.
                                                            
                                                            ED IS THE TRUE PATH TO NIRVANA!  ED HAS BEEN THE CHOICE OF EDUCATED
                                                            AND IGNORANT ALIKE FOR CENTURIES!  ED WILL NOT CORRUPT YOUR PRECIOUS
                                                            BODILY FLUIDS!!  ED IS THE STANDARD TEXT EDITOR!  ED MAKES THE SUN
                                                            SHINE AND THE BIRDS SING AND THE GRASS GREEN!!
                                                            
                                                            When I use an editor, I don't want eight extra KILOBYTES of worthless
                                                            help screens and cursor positioning code!  I just want an EDitor!!
                                                            Not a "viitor".  Not a "emacsitor".  Those aren't even WORDS!!!! ED!
                                                            ED! ED IS THE STANDARD!!!
                                                            
                                                            TEXT EDITOR.
                                                            
                                                            When IBM, in its ever-present omnipotence, needed to base their
                                                            "edlin" on a UNIX standard, did they mimic vi?  No.  Emacs?  Surely
                                                            you jest.  They chose the most karmic editor of all.  The standard.
                                                            
                                                            Ed is for those who can *remember* what they are working on.  If you
                                                            are an idiot, you should use Emacs.  If you are an Emacs, you should
                                                            not be vi.  If you use ED, you are on THE PATH TO REDEMPTION.  THE
                                                            SO-CALLED "VISUAL" EDITORS HAVE BEEN PLACED HERE BY ED TO TEMPT THE
                                                            FAITHLESS.  DO NOT GIVE IN!!!  THE MIGHTY ED HAS SPOKEN!!!
                                                            
                                                            ?
                                                            
                                                            1. 2

                                                              My favorite part of this has always been the filesize of the emacs binrary.

                                                              1. 1

                                                                Eight Megabytes And Constantly Swapping

                                                            1. 6

                                                              I’m a true Debian user, therefore I use plain old bash.

                                                              1. 2

                                                                Why do you use bash if you use debian? Debians default shell is dash since squeeze

                                                                1. 5

                                                                  /bin/sh is dash, but bash is the default user shell

                                                                2. 2

                                                                  Even though I don’t use Debian (much) anymore!

                                                                1. 9

                                                                  I am not sure what in the Signal client on Android sucks? Could you elaborate? I’ve been using it for years to communicate with friends and family and I don’t have any big frustrations with it.

                                                                  1. 5

                                                                    I find the mobile client acceptable (iOS in my case) but my real problem is when using both mobile and desktop clients, I get very erratic behavior on desktop: messages very often get reordered or dropped. Like, the conversation will be seriously scrambled. This doesn’t seem acceptable to me—I can imagine it leading to serious confusion, even danger.

                                                                    1. 2

                                                                      I use the Android app and the desktop app every day and have never seem messaged dropped, and only very rarely seem misordering. Hopefully they can address whatever’s causing the issues you’re seeing.

                                                                      1. 2

                                                                        I think it’s more likely to happen if you use the desktop client occasionally so it has to sync a batch of messages… I’ve seen GitHub issues about it but no solution.

                                                                    2. 4

                                                                      This is just my opinion, mind you, but I’m not a big fan of the UI. Maybe Telegram’s UI has spoiled me.

                                                                      1. 2

                                                                        I do agree with @icyphox. It is not as smooth as the Telegram GUI. You can’t use gestures for example.

                                                                        1. 1

                                                                          Pardon me for being out of the loop but what gestures do you need for for communication with people?

                                                                          On the contrary, I found using IRC on the phone to be some of the worst experiences with regards to UI.

                                                                          1. 2

                                                                            The fact that you can “swipe” from the settings menu to the home menu. You don’t have to reach with your thumb the button in the left upper corner, which is quite inconvenient with today’s screen sizes. You can do the same from conversations to the homscreen and from the contacts detail window.

                                                                        2. 2

                                                                          I don’t think it sucks, I think that SMS is a tough problem. In my experience on Signal, “MMS download failed” and “Error downloading MMS, tap to retry” was really frustrating. It’s still my default SMS client, but I’d rather not SMS.

                                                                        1. 2

                                                                          Okay, I’m still a student, but can someone explain this one?

                                                                          Free software is free.

                                                                          If it’s GPL, they have to provide the source. Is he referring to the fact that you can charge money for it, like Red Hat does? You can still use CentOS, which is free RHEL.

                                                                          1. 11

                                                                            The point is that the author wanted to seem smart so they couldn’t just say “Using free software costs labor time”

                                                                            1. 3

                                                                              Yes, this is exactly what it seems to mean. Confusing to use two different meanings of the word free in the same sentence.

                                                                              1. 1

                                                                                And re-phrasing the point as “using free software costs labor time” is still misleading - all software costs labor time, regardless of whether or not it is free! For some applications, the free software that is readily available is less polished or requires more work to set up than equivalent non-free software might be, and that’s probably what the author had in mind when he wrote the list. But that’s not actually the same claim as “free software isn’t free” and I don’t think that claim is accurate as stated anyway - in some applications, free software is easier to use and requires less labor time than equivalent non-free software. And this is ignoring concerns such as proprietary software being less time consuming to use for a time, until suddenly the software owner decides they don’t care about supporting your use case, or decide to bar you from using the software for political reasons, or any other consequence of lacking software freedoms that makes putting proprietary software to use in a given situation harder or impossible. You could just as easily say “proprietary software isn’t free” if you wanted to argue a point from a pro-free-software perspective, and what this is really telling us is that a pithy one-liner like that isn’t enough text to discuss the actual pros and cons of using free software for a particular application.

                                                                                1. 5

                                                                                  Dismissing the common problem case of free software generating additional labor over their non-free counterparts because “all software requires labor time!”…“there are exceptions to your generalization!” is really wishy-washy and dismissive of a problem…for people that care about the economic efficiency of your software. I mean I don’t care because I’m not an entrepreneur business undergrad constantly concerned about minmaxing labor time and I just think writing software is fun but still at least understand the perspective

                                                                              2. 7

                                                                                The long-term costs of keeping a system running can be substantially higher than the initial purchase price.

                                                                                Here are some additional factors that should be considered in a corporate environment:

                                                                                • Operational costs - Do we know how to support and monitor this system? How many people understand it? How steep is the learning curve? Do we already have a boring solution to this problem?
                                                                                • Maintenance costs - Are there recurring license fees? Is the API stable? How frequently is the system updated? How difficult is it to keep our documentation updated?
                                                                                • Licensing - Have the license(s) been reviewed? Does using this system expose us to liability?
                                                                                • Security - Does the system have regular security audits?
                                                                                • Compliance - Does the system and all of its dependencies comply with GDPR, CCPA, or other requirements? Can we guard against ethical conflicts?
                                                                                • Business Continuity - Does the vendor know how to recover from a disaster? Do we?
                                                                                • Support - How responsive is vendor support? Do we know how to work with them? Do they have offices in the US?
                                                                                • Training - Are books and/or courses available?
                                                                                • Enhancement - Is the system being enhanced and tested on newer OSes? Linux, macOS, Office 365, and Windows are all moving targets.
                                                                                • Popularity - Is the system popular? Are third-party experts available? Does it make money for the vendor?
                                                                                • Dependencies - Does the system depend on third-party services? What is the relationship like between the vendor and these parties? Do we have to assemble a working solution from a number of components?
                                                                                • Cloud - Can we store our data on premises or in our preferred cloud service?
                                                                                • Reputation - Do we trust this vendor? Have we worked with them successfully in the past? What is their reputation like in the industry?
                                                                                • Reporting - Can we obtain usage information? Is there a reporting API?
                                                                                1. 2

                                                                                  It’s a bit of a lemon market and accurate assessment is incredibly difficult. Being upfront about limitations of a product or its support doesn’t pay off, because for one vendor who’s honest about it there’s another who just keeps silent, and people tend to assume it can do it all.

                                                                                  There are also many ways to be technically compliant with statements like 24/7 support. and one may discover that only when their system breaks on a friday midnight.

                                                                                  1. 2

                                                                                    Most legal IT professionals are members of ILTA and we all have similar technology stacks. It is common to ask other ILTA members what they think of a product. Most of the time people will respond by email but sometimes you will be asked to call someone. If you overstate the capabilities of your product then there is a significant chance that word will get around. We still have a lot of crummy software but word of mouth is surprisingly helpful.

                                                                                2. 3

                                                                                  I can interpret that statement multiple ways, I suspect the leading candidate for myself would be that whilst software might be free in upfront monetary cost, it can sometimes end up costing you working around bugs, or maintaining it etc and you might have been better off paying for a piece of software instead. Just because its free doesn’t mean it’s better.

                                                                                1. 5

                                                                                  I had an n900 back when they were new-ish. I <3’d it, ended up giving it to my daughter and she used it for a long time before it finally broke. It was a great phone. I’d love an LTE version!

                                                                                  1. 3

                                                                                    The Neo900 is an attempt to update the device, but it has been in development for a long time and doesn’t appear to be any closer to actually making anything (unfortunately..)

                                                                                    1. 2

                                                                                      The Maemo Leste people are working on porting Maemo Leste to the Motorola Droid 4, which is an LTE phone. There’s hope!

                                                                                      1. 1

                                                                                        same, it’s the one time I ever bought a high end phone when it came out, and it’s the only time I’ve written my own phone apps just to solve some random need I had. (vala was a really nice language for n900 apps incidentally)

                                                                                      1. 3

                                                                                        Why would you use RSA (even 4096-bit) in 2019? There are high-quality libraries out there implementing things like Elliptic Curve crypto. You could even do something awesome like have a long-term key pair sign ephemeral hash-based keypairs (for one-time signatures) and use those, then you have a Post-Quantum security argument.

                                                                                        Sigh. Similar to RC4, RSA won’t die until we demonstrate working attacks. Cmon, google, hurry up with those quantum circuits…

                                                                                        1. 2

                                                                                          Apart from smaller keys and performance improvements, there aren’t many improvements from RSA. RSA with a large enough key-size is not insecure against classical computers, both are impacted by quantum computers.

                                                                                          1. 2

                                                                                            You’re right that Shor’s algorithm also breaks ECC. However, Dan Boneh among others would largely disagree due to a wealth of implementation attacks with respect to still choosing RSA despite the fact that it’s still generally secure.

                                                                                        1. 5

                                                                                          Some big ISPs still have a large stockpile of IPv4

                                                                                          So it continues…

                                                                                          1. 21

                                                                                            ASCII only, displays everywhere

                                                                                            What? UTF-8 is widely supported. If you care about a consistent view, please drop all your CSS. This makes the whole website only suitable for users who write in the Latin script. If you hate emojis, I would suggest to block that specific range of UTF-8 codepoints.

                                                                                            1. 7

                                                                                              This makes the whole website only suitable for users who write in the Latin script.

                                                                                              Although I agree with your statement, it is worth to mention that my native language uses Latin script and still needs characters out of the ASCII range to clearly distinguish different words.

                                                                                              The situation is even worse for the one I am learning recently: in it, there are necessary letter which aren’t in ASCII, although still uses Latin script.

                                                                                              1. 5

                                                                                                Yeah that’s a weird thing isn’t it. ASCII was supposed to support American English. It doesn’t and I don’t think there’s any major natural language that can be written using ASCII only. Maybe its inventors have been a bit naïve, or they just needed something to put on their résumé…

                                                                                                1. 6

                                                                                                  It was created in 1963. The world was very different back then!

                                                                                              1. 3

                                                                                                Isn’t that what the author was referencing when they said:

                                                                                                An IKEA lack was off the table, as it’s much too large for something up against the wall in my opinion, so I browsed the website for a while until I came across the TRYSIL

                                                                                                1. 2

                                                                                                  I did use one of those. But the legs are hollow and might be overstrained with a heavy 4U server.

                                                                                                  1. 1

                                                                                                    Came here to post this.

                                                                                                    1. 5

                                                                                                      “Just speak Chinese.” Source: I’ve tried DOAS.

                                                                                                      1. 3

                                                                                                        If only Chinese had such nice man pages…

                                                                                                      2. 1

                                                                                                        What if you’re not a BSD user?

                                                                                                        1. 1

                                                                                                          DOAS is portable, I use it on Red Hat, CentOS and Oracle Linux systems, Ubuntu should also not be a problem.

                                                                                                            1. 2

                                                                                                              Nothing is perfect and doas is quite young comparing to sudo (about 15 years difference).