Readit News logoReadit News
lousken commented on Upcoming Changes to Let's Encrypt Certificates   community.letsencrypt.org... · Posted by u/schmuckonwheels
lousken · 6 hours ago
I am not sure how I feel about this solution. It is already painful to deal with certs on every single piece of IT equipment. Unless you create and manage your own CA and manage it, which is an extra burden, what is the point of this? This will only create more janky scripts and annoyances for very little benefit.

What's next? Enforcing email signing with SMIME or PGP?

lousken commented on Upcoming Changes to Let's Encrypt Certificates   community.letsencrypt.org... · Posted by u/schmuckonwheels
omcnoe · 6 hours ago
Without TLS on your blog anyone in the middle can trivially inject malware to all your readers.
lousken · 6 hours ago
it still can, just add some 3rd party javascript or unpatched backend app
lousken commented on Oracle made a $300B bet on OpenAI. It's paying the price   finance.yahoo.com/news/or... · Posted by u/pera
PeterStuer · 3 days ago
EU contracts for SAP over Oracle would be so much easier if SAP would wean themselves of US cloud dependency.
lousken · 3 days ago
is sap that much better as a product?
lousken commented on Stop Breaking TLS   markround.com/blog/2025/1... · Posted by u/todsacerdoti
Wowfunhappy · 6 days ago
I'm pretty sure we'd still need to break TLS. Domain-level just isn't granular enough.
lousken · 5 days ago
I still find that dumb that you even need to do that. Machines especially for schools should be able to have software policies set directly on them to limit such sites.

I don't know how much chromeOS is configurable and if you can e.g. force it to only use specific network and network interface, or if a student can connect it to a different network somehow, because it would be kinda pointless otherwise.

lousken commented on Stop Breaking TLS   markround.com/blog/2025/1... · Posted by u/todsacerdoti
lousken · 6 days ago
As a sysadmin I also hate this. Instead, I do block stuff based on DNS requests and I also block any other DNS provider as well as malicious IPs.

At this point in time, Microsoft is the bigger enemy here - some of their policies are just insane and none of this MITM will help [0][1]

[0] https://www.microsoft.com/en-us/microsoft-365/roadmap?id=490...

[1] https://techcommunity.microsoft.com/blog/microsoft365copilot...

lousken commented on Stop Breaking TLS   markround.com/blog/2025/1... · Posted by u/todsacerdoti
Wowfunhappy · 6 days ago
I work for a school. My traffic is not MITM'd, but the kids' traffic is, because we don't want them using their school-issued laptops to play games or go shopping, and you can't adequately block stuff if it's all encrypted.
lousken · 6 days ago
Whitelists instead of blacklists?
lousken commented on Microsoft increases Office 365 and Microsoft 365 license prices   office365itpros.com/2025/... · Posted by u/taubek
puttycat · 8 days ago
Is there any reason to use Office nowadays except for being able to open documents sent by institutions where secretaries still use Word/Excel/PPT? (universities, etc.)
lousken · 8 days ago
Sharepoint and office is the modern version of cancer. Nobody wants to manage onprem AD and mapped drives because cLoUd is the solution. Doesn't help that Microsoft stopped caring about onprem.
lousken commented on How I block all online ads   troubled.engineer/posts/n... · Posted by u/StrLght
lousken · 8 days ago
Also make sure to block ads on your mobile as well https://www.bleepingcomputer.com/news/security/predator-spyw...
lousken commented on How I discovered a hidden microphone on a Chinese NanoKVM   telefoncek.si/2025/02/202... · Posted by u/ementally
lousken · 10 days ago
is there a recording sample to hear the quality?
lousken commented on Cloudflare was down   cloudflare.com/... · Posted by u/mektrik
lousken · 10 days ago
Cloudflare 362
l

u/lousken

KarmaCake day1360August 17, 2016
About
sysadmin
View Original