1. 6

    I found this interesting to read, and a little unsettling as it reminds me of similar feelings I have. You didn’t mention it directly, but I believe the tendency to solve problems by adding instead of subtracting contributes to this. I often find myself pulling at threads only to discover unnecessary complexity that has accumulated over time.

    1. 3

      Given that routes can change at any time, I always assumed this approach would fail for connection-based protocols such as TCP. There’s a risk that different packets from a TCP session might show up at different servers with the same anycast address. I assumed you’d need to run some extra state management on each server to redirect packets to the server that received the SYN packet.

      However, both this article and another article I found on building an anycast network don’t mention this, so I wonder whether it matters in practice.

      1. 6

        I hadn’t thought of that (I helped review this blog post). It looks like that’s entirely possible but mostly a non-issue in practice because a BGP route doesn’t (or shouldn’t) be changing frequently.

        BGP will notice flapping, and it will penalize the flapping link, and the link will get dropped from routing updates. You would be hard-pressed to find what you fear in the real world. ISPs take stability very seriously, and they will block partnerships which display instability.

        source: https://networkengineering.stackexchange.com/a/33827

        If a BGP route does change and starts sending TCP packets mid-connection to a different server, the new server won’t have a record of that connection and will respond with a TCP reset packet I think, which would effectively terminate that connection.

      1. 2

        This interesting article also lives on the author’s blog, outside LinkedIn, with proper hyperlinks.

        1. 3

          One thing I will say about XML is that the rise of JSX shows that the basic idea of using an SGML-like language for documents is sound and actually popular with developers. I think the problem was that because nothing like JSON existed at the time, XML got pushed into a role as the universal structured data format, and it really was not suited to that. Attributes, for example, are great for documents, but they are a needless complication for a general data format. And entities, to get to the point of the article, are basically a compression technique (looked at from a certain level), so they really don’t belong in a structured data format.

          1. 3

            Entities aren’t just about compression: they also provide references. Using entities to refer to a person or organisation makes it easier to handle name changes consistently across a set of documents.

          1. 8

            The title of this story confused me because it made me think of a different project named OpenSearch that also comes from Amazon. Naming things is hard.

            1. 1

              Is there a good document somewhere which discusses the upcoming feature in FreeBSD 13? I had a look the other day but couldn’t find anything that was particularly comprehensive.

              1. 1

                I’ve not found anything good, but eventually the release notes will have more detail. The most useful summary I’ve found so far is these notes from a devsummit in April 2020.

              1. 2

                I’m setting up VNET jails at the moment, with each jail using IPv6 so I don’t have to think about NAT. I’ve seen several tutorials like this one, but they all use IPv4 and ignore IPv6. It’s increasingly common for hosting companies to charge extra for IPv4 addresses, whereas most will happily assign a /64 to each host at no extra cost.

                1. 4

                  Why is FreeBSD moving from an Apache licensed project to a GPL licensed one?

                  1. 7

                    There are multiple permissively licensed git implementations, including game of trees (which is slated to replace cvs for openbsd), and git9 (by @orib, admittedly probably not easily portable outside of plan9.

                    Since the format itself is not GPL’d, and the base system doesn’t need to ship with a git client, I expect it’s not considered a huge problem; and once game of trees is released it can be the officially-sanctioned client.

                    1. 6

                      As far as I know OpenBSD has no official plans to switch away from CVS.

                      1. 1

                        Am I the only one who thinks that this GPL-aversion is incredibly childish and cringe-worthy?

                        Projects can be good community neighbors or bad community neighbors, and in terms of free software, they are certainly poor neighbors.

                        1. 2

                          One of the goals of OpenBSD is that it’s “free” as in “free to do whatever you want with it”. This is a different definition of “free” as used it the GPL. There’s nothing wrong with the GPL definition as such, but having GPL in the base system removes the OpenBSD definition of “free”, and I don’t think caring about that is either “childish” nor “cringe-worthy”.

                      2. 2

                        There’s a good discussion of the reasoning here.

                      1. 11

                        This issue came up here a while ago with some follow-up discussion at SCP - Familiar, Simple, Insecure, and Slow.

                        1. 5

                          These slides refer to picohttpparser used in the h2o httpd amongst other things.

                          1. 2

                            I’m surprised to see this shared here: the article says that the tribe built a network but provides no technical details about how they did so.

                            1. 8

                              right from the article, they’re using the 2.5GHz radio band to broadcast wireless signal in a manner analogous to cellphone towers. that is both enough to let me understand how it works at a high level, and enough to feel that the details I don’t know probably require me to read up on how internet-over-radio works in general rather than the specifics of their implementation.

                              I would have liked to read more about what equipment needs to be installed in people’s homes to make this work, but that’s all I felt the lack of.

                              1. 5

                                Maybe we can have some fun speculating in this thread?

                                How would you do it?

                                1. 3

                                  I’ve heard good things about carrier pigeons, it’s even RFC’d I think.

                                  1. 1

                                    It is

                              1. 2

                                From reading its specification, I don’t see a way to rotate the secret key seamlessly by encrypting tokens using a new key, whilst decrypting tokens with both an old and new key for a short time. The lack of this might inconvenience end users in some situations.

                                1. 2

                                  a “key id” would be easier… a way to indicate which key needs to be used to decrypt the token, in case simply trying all keys is not acceptable.

                                1. 1

                                  It seems to be using geckodriver, the Firefox implementation of the WebDriver protocol and that’s nice.

                                  But how can it be high-confidence if it tests only in one browser?

                                  1. 2
                                    1. 1

                                      As you say, geckodriver is one implementation of the WebDriver protocol. Consequently, I expect that you could replace geckodriver with another tool that uses that protocol and, bugs notwithstanding, the same tests would run. I suspect the documentation uses geckodriver: using the WebDriver protocol for browser automation suggests a desire for widespread browser compatibility.

                                      1. 1

                                        While I agree that testing with multiple browsers is valuable and important, it’s not been a big focus so far.

                                        The novelty in Quickstrom lies in the combination of generative testing with DOM introspection and the specification language. I’ve only been building this for the last five months and I’ve had to focus almost exclusively on that part to get something running “end to end”.

                                        I’ve very much planned supporting multiple browsers, and as pointed out, by using WebDriver it shouldn’t be very hard. There’s a lot left to do in this project, for sure. :)

                                    1. 13

                                      The RFC explicitly forbids this kind of use, only allowing the lowest identifier to be a wildcard, and only if it is not a public suffix itself.

                                      This is very surprising that browsers don’t match on this properly.

                                      1. 16

                                        While it’s a little easier for you to write “the RFC”, it would be helpful for you to mention which RFC for those of us reading.

                                        1. 3

                                          https://tools.ietf.org/html/rfc6125#section-6.4.3 says SHOULD.

                                          What are you talking about?

                                          1. 1

                                            The Certification Authority (CA)/Browser Forum baseline requirements (11.1.3) require that before issuing a wildcard certificate, Certificate Authorities ensure that such a certificate is not issued for entries in the Mozilla PSL, e.g. *.co.uk,or that the entity actually owns the entirety of the public suffix

                                            Please read all sub-threads before posting a reply :)

                                            1. 3

                                              This is an requirement for CA’s, not user agents. This certificate would not be issued by a (public) CA, but it is not invalid for browsers. It is perfectly valid for private CA’s to do this, e.g. so you could MITM all of your workers traffic.

                                          2. 2

                                            Which RFC? How is “public suffix” defined? Does it simply defer to the Public Suffix List?

                                            1. 2

                                              There are two kinds of public suffixes – those defined by ICANN, also included in the public suffix list, and the not really official private definitions in the public suffix list.

                                              And quoting the ICANN advisory on this:

                                              The Certification Authority (CA)/Browser Forum baseline requirements (11.1.3) require that before issuing a wildcard certificate, Certificate Authorities ensure that such a certificate is not issued for entries in the Mozilla PSL, e.g. *.co.uk,or that the entity actually owns the entirety of the public suffix

                                              So while it’s not an RFC, it’s still a standard – and an even stronger at that

                                              1. 3

                                                it’s still a standard – and an even stronger at that

                                                You are confused. That is not a quote from a standard for web browsers or TLS implementations, but for people who want to make a certificate signing authority that CA/B members (like Mozilla, Google, Microsoft, and so on) would include in their web browsers.

                                                There are lots of reasons to make certificates that Mozilla (For example) would not include in the Firefox web browser, and it is required that valid TLS implementations interpret them according to the actual standard where that’s broader than what you’re reading here.

                                                1. 3

                                                  Sounds like a political limitation, not a technical limitation. Unless SSL consumers start to enforce this on their end, it wouldn’t prevent a malicious CA from issuing a cert like this that could be used to MITM all traffic.

                                                  1. 6

                                                    Sounds like a political limitation, not a technical limitation.

                                                    That’s the state of web PKI in a single sentence.

                                                    1. 4

                                                      That’s exactly the point – I was expecting browsers to actually implement this spec and verify this for certificates (as I already do this in a limited way in Quasseldroid)

                                              1. 4

                                                I’ve had several conversations with non-technical friends along these lines: replacing “bugs” in this article with “mistakes” provides a good approach to life in general.

                                                Not apologising and not caring differ. When I make mistakes, I try to help the people affected, and I assess what I might change in future. I still apologise, but I aim to do so less often and save apology for particularly significant occasions.

                                                1. 14

                                                  The possibility to test the compiler on almost all public Rust code is amazing, and it’s possible thanks to Cargo being the standard build system. Can you imagine the effort to build and run tests on 30000 random C projects?

                                                  1. 17

                                                    Perl has been doing this for over more than a decade, building and testing everything on CPAN. http://stats.cpantesters.org/

                                                    1. 5

                                                      I gave a talk recently about how Perl’s monthly releases happen which covered this and more.

                                                      1. 2

                                                        That’s amazing, I had no idea.

                                                      2. 3

                                                        I actually was imagining that recently for benchmarking verification and testing tools. I found that they’re hosted in many places, use a bunch of different build systems, preprocessor magic that hurts reproducibility, and (see Coverity paper) most seem to pick a different dialect of C which may or may not be analyzable.

                                                        Just getting them all pulled and buildable for first benchmark would be a nightmare.

                                                        1. 1

                                                          There are a lot of languages I think could theoretically do this. D for example could do with dub I would think.

                                                          1. 1

                                                            Sure, all you need is a registry. But we’re doing it since… Forever.

                                                          2. 1

                                                            Julia does something similar, I think

                                                          1. 2

                                                            Busily finishing organising this year’s London Perl Workshop on Saturday including finalising the schedule this morning.

                                                            1. 6

                                                              It looks like 10% of Internet users don’t use browsers that support this so I suggest it’s too early to declare CSRF dead.

                                                              1. 4

                                                                This one is just one of many security features these browsers don’t have. If these users haven’t updated their browsers for so many years, they’re probably not installing regular security patches too.