Posts by JohnFen

Re: Time to find another solution

That's fine if you have a static IP to point to. I have had my own hostnames for lots of years now, but aside from my sites intended for public use (which are properly hosted, have dedicated IPs, and for which I don't use Dyn), I don't.

I've been looking at NoIP, but I'm also considering setting up my own Dynamic IP service to run from one of my hosted installations. That way I can be sure that my service won't be sold off and that it's as secure as is possible.

Re: Hmmm...

"People just want stuff to work, and unfortunately Windows 10, for the most part, does just 'work'. But Linux can be an arse to get working for a non technical person and now this."

I find just the opposite. Linux "just works", and Windows 10 requires a day or two of fiddling.

Re: It's lazyness and fashion.

"I have a bunch of Loki games which I'm sure don't have a prayer of running in any modern linux distro"

How sure are you? I have a bunch of old Loki games and they all still run fine in my modern Linux distro.

Re: Public blacklist...

"Then your private resolver can talk direct, in total privacy. This is not a Bad Thing"

If I can't see who my machine is talking to and what they're saying, then this is indeed a Bad Thing.

Re: "A very strange thing for Parliament to do [..]"

"have you never ordered something 'online' and gotten somebody elses order instead of yours?"

I have never had this happen, personally.

Re: "A very strange thing for Parliament to do [..]"

"Today our society is practically based on the Internet"

Not entirely, yet, fortunately. Personally, I literally can't think of a single thing that I need the internet to accomplish. The internet is more convenient, but I can still do every critical function I need the old-fashioned way if I choose to.

"How did this get to be an RFC?"

Mozilla submitted and advocated for it. Which is why I'm furious with Mozilla.

Re: Good reason

Yeah, that's probably not a habit that should be encouraged. But they could have put the switch on the bottom of the lamp so that it can detect when it's screwed into a socket, then just reset when it's unscrewed.

Re: Designed by SW engineers

"This sounds exactly like something software engineers come up with, then stare blankly when told no one outside their orbit will be able to use it."

That's not true or fair. I'm a software engineer, and there's no way in hell I'd be willing to go through that nonsense either. Nor would I have ever been OK with implementing that scheme. I'd die of embarrassment first.

Re: Child-proof reset operation

"stacking boxes on the kitchen counter and using them to raid the biscuit tin."

My eldest is in his late 20s now, and I only recently heard this story from when he was a toddler. A good friend was staying with us for a while, and while I was at work, he walked into the kitchen to find my kid had stacked up boxes and chairs, and managed to climb on top of the refrigerator to get access to the cookie jar in the cupboard above it. My kid looked down on my friend from his perch, munching cookies, and with an evil glint in his eyes said sternly "you WON'T tell dad."

Never underestimate a toddler.

Re: Child-proof reset operation

But it's very common for toddlers to figure out how to use things in their environment to climb on to reach stuff they're not supposed to reach.

Re: Black Choppers overhead.

"they'll probably be tracking use stats and get this new library as deep as they can"

Which is far worse than including advertising.

"lower middle class and working class people have been taking it in the shorts economically for a long time."

Something that this trade war can only make worse.

I like the trap door idea, but I think I'd prefer the use of the Vaudevillian shepherd's hook because that would be funnier.

Re: Oddly

"Then there were those who used a slide scanner to copy their talks in silico and then just imported each slide verbatim into PP. You can imagine."

I don't have to imagine -- that's pretty much how PP is used today, except people skip the step of making physical slides.

Or, like autotune, it actively makes things worse.

Re: 'about equal to the size of Texas'

Since the phrase "don't mess with Texas" was coined for their anti-littering campaign slogan, I assume this means that nobody threw their trash in your car.

Re: 'about equal to the size of Texas'

Never ask a Texan anything about Texas unless you're willing to spend the next hour listening to them tell you about how badass Texas is.

Re: I have yet to see a Powerpoint of any worth.

Pretty pictures are fine. But graphs and other actual data are better given as handouts that you can take home for actual use and review than as a PowerPoint slide.

> There is nothing worse than having read the entire slide, getting the point, but being held to that wait-for-the-clicker moment to read the next one while people waffle on.

This, so very much. Also, it drives home the fact that these presentations almost always take an hour to say what it would take a normal human being about 10 minutes to say.

Re: Oddly

> I knew someone who worked in sales who used to start his presentation by offering to not show them his powerpoint slides if the signed then and there so they could all have an early lunch.

That's not fair! I'd agree to quite a lot in order to be spared the PowerPoint.

Re: Or, simply...

"protocols even a MITMing firewall may not be able to detect without constant updates and analysis."

This can be overcome by using deep packet inspection. I haven't gone that far, but if people start engaging in this sort of activity, I'll have to decide between setting up a DPI system or ceasing to use the web entirely.

Re: Simply my ass

The usual way -- glossing over technicalities, I have the cert for my proxy installed in everything that needs to use HTTPS. All HTTPS traffic gets routed to the proxy, and an HTTPS connection is established between the client and the proxy using that cert. The proxy establishes an HTTPS connection to the real destination, using the appropriate cert for that (just like a browser would do). At that point, the proxy is just relaying the datastream between the client and the real destination and has complete access to the decrypted datastream without allowing any unencrypted traffic over the network.

The downside of this is that you can't make any HTTPS connections until you have installed the proxy's cert. But it's a tiny downside, as installing the cert is simple.

Re: Simply my ass

"Any strategy that depends on blocking a connection is doomed to fail."

True, if that's the only thing you're doing. It is a very valuable piece of a larger security stance, though.

"As is one that tries to snoop the content to determine if it is ad related, since like everyone else they will use HTTPS for everything in the future."

That problem is why I've set up a man-in-the-middle proxy specifically to retain visibility into my data streams.

Re: Clueless coders

I assumed that the survey was asking what cloud platform you're developing for, not what cloud platform your tools might be using.

Re: But surely

'I don't need it so no one else does either'

Except this is accurate. Both FTP and Telnet present fairly serious security risks, and there are more secure substitutes readily available. Even devices that require telnet often don't need such access from the internet at large, and if they do, then it's worth the effort of setting up a relay so the telnet exposure is limited to your LAN.