Search
15 results for “MattPounsett”
-
Auth is hard! Even when you're mostly doing it right, there are so many weird little corner cases. There's an amusing logical failure implied by this one:
If I try to search on https://rona.ca, and my auth cookie is expired, it asks me to login before it will execute the search.
I've seen this three separate times in the last 24 hours. They should really only be enforcing auth refresh if I try to do something that needs access to my user data, like checking out.
-
Auth is hard! Even when you're mostly doing it right, there are so many weird little corner cases. There's an amusing logical failure implied by this one:
If I try to search on https://rona.ca, and my auth cookie is expired, it asks me to login before it will execute the search.
I've seen this three separate times in the last 24 hours. They should really only be enforcing auth refresh if I try to do something that needs access to my user data, like checking out.
-
Auth is hard! Even when you're mostly doing it right, there are so many weird little corner cases. There's an amusing logical failure implied by this one:
If I try to search on https://rona.ca, and my auth cookie is expired, it asks me to login before it will execute the search.
I've seen this three separate times in the last 24 hours. They should really only be enforcing auth refresh if I try to do something that needs access to my user data, like checking out.
-
Auth is hard! Even when you're mostly doing it right, there are so many weird little corner cases. There's an amusing logical failure implied by this one:
If I try to search on https://rona.ca, and my auth cookie is expired, it asks me to login before it will execute the search.
I've seen this three separate times in the last 24 hours. They should really only be enforcing auth refresh if I try to do something that needs access to my user data, like checking out.
-
It seems impossible to keep important data or critical components away from US-controlled megacorps, so this was a fascinating read to me. I don't have quite the same breadth of options in Canada, but I'd much rather host infrastructure in Europe than the US and will be investigating a lot of these.
https://www.coinerella.com/made-in-eu-it-was-harder-than-i-thought/
-
This is a "fun" read.
I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.
#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm
-
This is a "fun" read.
I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.
#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm
-
This is a "fun" read.
I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.
#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm
-
This is a "fun" read.
I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.
#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm
-
This is a "fun" read.
I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.
#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm
-
This is an absolutely metal business decision made by OpenDNS (Cisco).
Court orders in France and Portugal are requiring the big open DNS resolvers (Google, OpenDNS, CloudFlare, etc.) to block resolution of a small list of domains for anyone in those countries.
OpenDNS seems to have decided to not implement the blocklist, and instead will just not answer any DNS queries from inside those countries.
Change implemented on a Friday evening, for maximum surprise.
-
This is extremely exciting!
https://marc.info/?l=openbsd-cvs&m=171769392207688&w=2OpenSSH is gaining the ability to rate limit and even block clients based on connection behaviours, such as repeated auth failures.
This doesn't completely obviate the need for services like fail2ban, but it might mean no longer needing that overhead on every single host.
-
I feel incredubly lucky that we have much more sane policies surrounding access to controlled substances here in Canada. But I worry that the current medication disaster in the US could lead to large scale exports, causing shortages here too. The US really needs to get its act together when it comes to critical medications.
#medication #adhd #ControlledSubstances #shortage #PublicHealth
-
I’ve seen more than a few questions on mailing lists and on chat servers about migrating DNSSEC-signed zones between different server software. These are the steps I used to migrate a number of signed zones to Knot from BIND.
https://www.conundrum.com/blog/2023/Jan/migrating-dnssec-zones-to-knotdns/