Pinned toot

People say this place is a street.
But they behave like it's their living room.
While in reality, it's a soapbox on the main square.

Meanwhile all I wanted is a watercooler.

Show thread
Pinned toot

1. Reinvent a square wheel
2. Understand what's so hard about making wheels
3. Observe how a round wheel someone invented a while ago performs better than your square one.
4. Appreciate the brilliant and simple solutions to all wheel design issues that a round wheel implements.
5. Throw away your square wheel.

1. Reinvent a square wheel
2. Push it to production

Show thread

ok, turns out RFC 8996 has some pretty good reasons, one of which is the use of SHA-1 in the handshake.

I just hope they won't drop TLS 1.1 and 1.0 code from libnss and openssl because of embedded web UIs in routers, servers' out-of-band management, and the like.

Show thread
Wolf480pl boosted

@wolf480pl RFC 8996, states that ServerKeyExchange and CertificateVerify signatures can't be hashed by anything stronger than SHA-1 or MD5 + SHA-1 in tls 1.0 and 1.1.

So disabling specific ciphersuites server or client side still opens you on the mitm attacks

Wolf480pl boosted

I guess I should have a separate web browser or browser profile for opening ancient web UIs over ssh forwarding but setting one up would be such a bother...

Can someone remind me why the fuck we're deprecating TLS 1.1?
From what I remember, for POODLE, BEAST, and the like, all you need to do is disable SSLv3 and some ciphersuites, and you should be safe... and those made the news long time ago and we disabled those ciphersuites and everything was fine.

Why does Firefox want to disable TLS 1.1 now?

Wolf480pl boosted

intrusive thought 

next time someone asks me to keep saying something to test audio i should just go "THIS IS AN EXAMPLE OF SPEEX AN AUDIO COMPRESSION CODEC SPECIFICALLY TUNED FOR THE REPRODUCTION OF HUMAN SPEECH"

foss meta, - 

The GNU fork makes me sad.

separation of concerns vs simple data model?


Wolf480pl boosted
Wolf480pl boosted
Wolf480pl boosted

wlroots has dropped all of its session code in favor of libseat!

Next up is Weston, it got initial support for libseat a few days ago.

oh, so GTC (the MAC layer of GPON) is sane because they pushed all the nastiness into OMCI (the management protocol)

Show thread

btw. according to the definitions here, the difference between ONU and ONT isn't that the former one is programmable and the latter isn't.
It's that ONT serves a single customer, and ONU may or may not serve multiple customers.

So ONT is an ONU, but a DSLAM with GPON uplink is also an ONU (but not an ONT).

Show thread

Today I realized GPON specs (G.984) are publicly available without any kind of paywall. Nice!

So I've started G.984.3 which is the MAC layer of GPON, and it looks like it isn't as overengineered as I expected it to be. Maybe ITU isn't as bad as I thought...

Here's a picture showing what points A, B and C are in this context (source: BEREC).

Most ISPs I've seen have NTP de-facto at point C, which is the worst.
FSFE thinks it should be at point A, but IMO that's a hassle, and point B would be more convenient.

As long as ISPs provide modems separate from routers, point A would be fine by me as well but I have a feeling they won't.

Show thread

I just finished filling FSFE's recent router freedom survey and it made me dug up all my anger about their insistance to put Network Termination Point between ISP's network and Modem (point A) as opposed to between Modem and Router (point B)

Show thread

Can someone remind me why anyone would prefer to use their own modem with an ISP's DOCSIS/FTTH/whatever network, as opposed to just getting an ethernet socket that gives you a public IP and not caring what's on the other side?

MS should just call their consoles Xbox Blue and Xbox Green, switching to the other of the two names every generation

Linux has 440 syscalls, but how many of those are actually needed to implement posix?

Surely some things can be done in multiple ways (select, pselect, poll, ppoll, epoll) but assuming you select the most modern one and make the rest wrappers for it, how many syscalls do you end up with?

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!