Mostly unrelated, but I dislike how normalized AI art is.
I don't think it's unrelated at all. I saw the same picture and just closed the tab right away. Why should I read this article, the whole thing might be written by an LLM.
Readit Newsancarda commented on The story of Max, a real programmer incoherency.co.uk/blog/st... · Posted by u/surprisetalk
Thx for your feedback. Will check their website. What about real IMAP Push for iOS devices? Does it work, or only every X minutes push like others? (mailbox.org, Fastmail, iCloud Mail do have real IMAP push for iOS/macOS).
Sorry, I don't have an iOS device, so I'm not sure. The only mention I could find on the website was: https://www.migadu.com/guides/gmail_android/
> While Gmail is an IMAP client app, it will not check for new mails continuously. Not only it does not support IMAP Push extensions which are standard nowadays, but the [most] frequent polling interval is 15 minutes
Which I guess implies they offer IMAP push, since they're expressing disapproval that the Gmail app doesn't support IMAP push
I was a happy FastMail customer for years, but lack of IPv6+DNSSEC was also disappointing for me. I eventually heard about Migadu ( https://www.migadu.com/ ) which has all that, and AFAIK, EU servers as well.
The only downside for me is the web UI isn't nearly as polished as FastMail.
ancarda commented on Patch OpenSSL on November 1 to avoid “critical” security vulnerability globalsign.com/en/blog/ur... · Posted by u/bjoko
This is supposedly the commit which fixes the bug https://github.com/openssl/openssl/commit/3df6aed7826640d944...
I don't know a lot about C or the internals of OpenSSL, but going by the commit message, does this mean we should disable TLSv1.3 until we've had a chance to patch OpenSSL?
Edit: Actually, reading through the code a few times, maybe TLSv1.2 should be disabled?
I really wish we had some way to protect ourselves until the patch is widely available.
ancarda commented on 1.1.1.1 doesn't have a valid TLS cert, only cloudflare-dns.com ssllabs.com/ssltest/analy... · Posted by u/ancarda
Seems to be fixed now.
ancarda commented on Cloudflare's abuse policies and approach blog.cloudflare.com/cloud... · Posted by u/jgrahamc
DDoS is a product of an inherent weakness of the internet infrastructure, namely BGP. Cloudflare "solves" this by acting as a middleman, and charging for their service.
I don't know if I would describe a DDoS attack as "digital terrorism", but it is annoying and hard to stop on an individual level because of the design of the internet.
Isn't the issue more with how we implemented IP than BGP? AFAIK, DDoS attacks would be far less effective if every ISP implemented BCP 38.
Perhaps it's for https://radar.cloudflare.com/ or maybe a new service where they'll warn you if services like SSH are configured badly or not firewall'd off?
Also, is it possible this traffic is actually coming from a worker, i.e. https://workers.cloudflare.com/ rather than Cloudflare themselves?