@kev this was probably there before the migration, but in About page in the Privacy section there's a link to kevq.uk/about/privacy/ which 404 because should link to kevq.uk/privacy

Browsing secure is a complicated and not trivial stuff, Mozilla is trying to make it easy when you are using free open WiFi's.

I'm publishing my opinions after a week using Firefox Private Network:


@mperham checking the Contribsys page:


On the bottom left there's a link to the source (of the webpage?) but it 404-me: github.com/contribsys/contribs

Safari 13 is GA and now supports FIDO2-complaint USB security keys with the Web Authentication.

It's a great step towards a secure we everywhere! And closer to password-less services.

You can read more about FIDO2 here: fidoalliance.org/fido2/ cc. @fidoalliance

I'm on a journey testing @Firefox
Private Network, and I'll be publishing the results and opinions after one week using this new service (at home & work).


-- Ridiculous excuses I've heard (about securing systems) 3/2

Writing Secure Code is magnificent book (highly recommended) written by Michael Howard and David circa 2001/2003.

It's almost 2020 and I still hearing all of them on a frequently basis.


-- Ridiculous excuses I've heard (about securing systems) 2/2

- We know it's the default, but the administrator can turn it off.
- If we don't run as administrator, stuff breaks.
- But we'll slip the schedule
- It's not exploitable
- But that's the way we've always done it
- If only we had better tools

by Michael Howard and David LeBlanc (c. 2001-2003)

-- Ridiculous excuses I've heard (about securing systems) 1/2

- No one will do that.
- Why would anyone do that?
- We've never been attacked.
- We're secure - we use cryptography.
- We're secure - we use ACLs.
- We've reviewed the code, and there are no security bugs.

by Michael Howard and David LeBlanc (c. 2001-2003)

New Code Challenge

Implement a Symmetric Difference where...

{ 1, 2, 5 } △ { 2, 3, 5} △ { 3, 4, 5 } = { 4, 5, 1 }

The result should have no duplicates.

My solution using Enumerable#reduce & a nice twist at the end.

→ How to do a constant really 'private'

transcript: gist.github.com/esparta/cbe628


As usual, your feedback will be appreciated

P.S. The inspiration for this screencasrt came from this toot by @james: ruby.social/@james/10241167346

@postmodern besides scalability, it's more about architectural design. I'm probably biased on my previous project where Kaftka fit better, and where the consumption of messages had more priority than ordering and routing (if you are doing payment probably had more impact).

@mastohost @james it looks like HTTP Everywhere is the issue here.

At some point if I retry the same file it does upload the image. Like this one. The second and subsequent tries it does upload consistently ok.
This is with Firefox HTTP Everywhere enabled (3rd try)

@mastohost @james I did run another set of test.
Same computer, different network, different mastodon instance, same browsers and configs.


on @mastodon.cloud I can upload when I disable HTTPS Everywhere, on ruby.social only with Firefox or Chrome, no option to use Tor.

@james Firefox with HTTPS Everywhere plugin disabled.
... and also works ...
So looks like a client-side issue, probably asking for a endpoint without secure layer :S

@james tried with Firefox 63.0.3 & Tor 8.0.3. But as long as I can tell the browser should not be a problem here, should be?

Show more

A Mastodon instance for Rubyists & friends