Readit News logoReadit News
weddpros commented on Europe's $24T Breakup with Visa and Mastercard Has Begun   europeanbusinessmagazine.... · Posted by u/NewCzech
ekjhgkejhgk · 2 days ago
I always find it entertaining to hear people try to argue that what these companies do is soooooo difficult and that's why they're valuable. It's just multiple computers keeping a balance. It's not complicated.

No, these companies keep themselves in power not because they've solved such a difficult problem that nobody else can, but because they have a moat which they protect.

Time to do away with these foreign entities.

weddpros · a day ago
Hosted on Amazon and Digital Ocean from what I can tell
weddpros commented on Ezs3.net to share S3 access in your team   ezs3.net/... · Posted by u/weddpros
speakingmoistly · 13 days ago
The site is extremely uninformative about the offering, it would be neat to know more without having to provide an email to get a login link. Even then, the bucket-add flow leads me to a blank screen.

This feels like a closed-source, more rustic variant of Minio or Garage. What would set this apart from those?

weddpros · 13 days ago
Hi! thanks for your feedback. Indeed the site fails to tell you what ezS3 does: it's not an alternative to Minio, it's not an S3 storage implementation. S3 is made for machines, ezS3.net "proxies" it for humans: it's a web-based S3 browser, and adds RBAC and sharing.
Posted by u/weddpros 13 days ago
Ezs3.net to share S3 access in your teamezs3.net/...
weddpros commented on SEC obtains final consent judgments against former FTX and Alameda executives   sec.gov/enforcement-litig... · Posted by u/sizzle
olalonde · 19 days ago
Not sure what he would gain from that. The crypto community largely backed him in the last election, and pardoning SBF would seriously piss them off.
weddpros · 19 days ago
Trump could do it... to piss off SBF himself (second biggest donor to Biden/democrats behind Soros)
weddpros commented on The Good Hallucinations   chris-hartwig.com/blog/yo... · Posted by u/weddpros
abstractspoon · 23 days ago
No examples to back up this opinion
weddpros · 22 days ago
https://github.com/sslboard/SSLBoard-desktop for an OSS project I’m working on with those principles
Posted by u/weddpros 23 days ago
The Good Hallucinationschris-hartwig.com/blog/yo...
weddpros commented on 2026 Predictions Scorecard   rodneybrooks.com/predicti... · Posted by u/calvinfo
dvh · a month ago
So the shor's on real qc is still only 35.
weddpros · a month ago
And the record is N=35=7x5, that's 6 bits not 35 bits as the author is saying... Maybe he'd revise his prediction on QC if he knew?
weddpros commented on The Dangers of SSL Certificates   surfingcomplexity.blog/20... · Posted by u/azhenley
jcgl · a month ago
> Can you share how they make ACME client configuration easier?

It's not a profound difference, but you don't need to add each name to your config. Depending on the team's tooling and processes, that may be inconsequential. But in a setting where config management isn't handled super well, where the TLS terminator is a resource shared by multiple, distinct teams, this is a simplification that can make a difference at the margin.

Think less Cloudflare-scale, and more SMB scale (especially in a Windows shop or recovering Windows shop with a different kind of technical culture than what we might all be implicitly imagining).

weddpros · a month ago
I'm working on something that could help: linking sslboard with software that's making issuance and distribution of certs easier, ie. a proper CLM. It's not cloud based for security reasons. In that context, we know your wildcard certs because we issue them, and we could know where they are if we distribute them... Please get in touch with me (chris@sslboard.com) if you're interested in early access and having a word in the development of the product!
weddpros commented on The Dangers of SSL Certificates   surfingcomplexity.blog/20... · Posted by u/azhenley
jcgl · a month ago
I'd say that load balancers (one-address-to-N-servers) count as a common practice, but I otherwise agree in that regard.

Regarding wildcard certs, eh. I wouldn't say they have a bad reputation. Sure, greater blast radius. But sometimes it can certainly simplify things to use one. Your ACME client configuration is easier and your TLS terminator configuration often becomes easier when the terminator would otherwise need to switch based on SNI.

weddpros · a month ago
one-address-to-N-servers is perfect if the N servers don't all terminate TLS. If not, it becomes impossible to actually test what certificates are actually served. I've seen this fail before (TLS tests flip/flop between good/bad between checks).

As for wildcard certs, I agree there are use cases where we really need them like dynamic subdomains {customer}.status.com

Can you share how they make ACME client configuration easier?

weddpros commented on The Dangers of SSL Certificates   surfingcomplexity.blog/20... · Posted by u/azhenley
jcgl · a month ago
That's exactly my point. Is that while this service sounds quite useful for many common cases, it's going to fail in cases where there's not a 1-to-1 certificate-to-server mapping. Even outside of wildcards, you have to account for cases where the cert might be installed on N number of load balancers.
weddpros · a month ago
If you're using a cert on multiple IPs, or IPv4+v6, SSLBoard will monitor all IPs. It's not foolproof, but it covers most common practices. btw wildcard certs don't have a good reputation (blast radius)...
w

u/weddpros

KarmaCake day939May 14, 2013
About
Currently working on https://SSLboard.com, https://SSLcalendar.com, https://QCready.com and https://CatchPhi.sh

Socials:

- linkedin.com/in/christophe-hartwig-ba228a5

Interests: Cybersecurity, Entrepreneurship, DevOps, Digital Nomading

---

View Original