If you've read #fmjail: a review on Amazon or your favorite bookstore would help me out.

Windows 10update. Hour 12. I still have 2 “feature updates” to go

@bcallah I found a couple of coworking places downtown that looked like they might be good

re: "Professionalism" Show more

re: "Professionalism" Show more

Ugh. Was pretty sick over the weekend with a pretty nasty stomach infection, and while I am better now, everything tastes weird.

@sheogorath sure is convenient for (their business model) that cloudflare is pushing this.

Its a false dichotomy that this is somehow moving things forward, and that everything has negative consequences. Moving dns resolution to client apps away from the OS is not forwards, its backwards. Forwards would be to put it in system resolvers. There is still dhcp to handle, but having it their you can use the existing ‘insecure’ zone and use that to switch to trusted providers

@sheogorath split horizon is about so much more than v6. Its about visibility of network resources. V6 has local scope and local anonymous addresses for this reason fc::/8(rfc4193).

You talk about the ‘average’ user as a coffee shop user, and this is indeed common. But also common is the small and medium business just trying to do their job with internal apps. Which reminds me of another usecase this breaks. VPNs. And anycast/CDNs. 1/?

@sheogorath it’s ugly from the first implementation. It completely breaks local dns and split-horizon dns. Additionally it nicely centralizes all of your surveillance into one spot. Not to mention redirect and capture. All from the exact same companies that brought us PRISM and friends.

As for dnssec, has had dnssec validation as a single config switch for years now 😉

@sheogorath yeah. And now you need to manually configure every browser on all of your devices that you use to use yours. Now lets not forget split horizon setups. And of course the architectural reasons that a BROWSER shouldn’t bypass system DNS (how many apps are going to start doing this that you will need to figure out how to undo?)

That there are ways to mitigate the horribleness of this doesn’t make it not horrible

1 April Show more

@lattera it is a shame. I believe you are the only reason that a number of positive security changes have happened in despite them existing and being sat on for years. I recently backported the -CURRENT work to -RELEASE. It was trivial levels of code and complexity, ZERO reason it couldn’t have been done sooner.

I feel the abuse you have received is because of this good change you have brought, change is hard, and people don’t like being called out

Show more
Cross Family's Mastodon

mastodon.crossfamilyweb.com is one server in the network