Show more

I'm on a journey testing @Firefox
Private Network, and I'll be publishing the results and opinions after one week using this new service (at home & work).

private-network.firefox.com

-- Ridiculous excuses I've heard (about securing systems) 3/2

Writing Secure Code is magnificent book (highly recommended) written by Michael Howard and David circa 2001/2003.

It's almost 2020 and I still hearing all of them on a frequently basis.

amazon.com/Writing-Secure-Seco

Show thread

-- Ridiculous excuses I've heard (about securing systems) 2/2

- We know it's the default, but the administrator can turn it off.
- If we don't run as administrator, stuff breaks.
- But we'll slip the schedule
- It's not exploitable
- But that's the way we've always done it
- If only we had better tools

by Michael Howard and David LeBlanc (c. 2001-2003)

Show thread

-- Ridiculous excuses I've heard (about securing systems) 1/2

- No one will do that.
- Why would anyone do that?
- We've never been attacked.
- We're secure - we use cryptography.
- We're secure - we use ACLs.
- We've reviewed the code, and there are no security bugs.

by Michael Howard and David LeBlanc (c. 2001-2003)

New Code Challenge

Implement a Symmetric Difference where...

{ 1, 2, 5 } △ { 2, 3, 5} △ { 3, 4, 5 } = { 4, 5, 1 }

The result should have no duplicates.

My solution using Enumerable#reduce & a nice twist at the end.

in
→ How to do a constant really 'private'

transcript: gist.github.com/esparta/cbe628

stack:

As usual, your feedback will be appreciated

P.S. The inspiration for this screencasrt came from this toot by @james: ruby.social/@james/10241167346

@postmodern besides scalability, it's more about architectural design. I'm probably biased on my previous project where Kaftka fit better, and where the consumption of messages had more priority than ordering and routing (if you are doing payment probably had more impact).

@mastohost @james it looks like HTTP Everywhere is the issue here.

At some point if I retry the same file it does upload the image. Like this one. The second and subsequent tries it does upload consistently ok.
This is with Firefox HTTP Everywhere enabled (3rd try)

@mastohost @james I did run another set of test.
Same computer, different network, different mastodon instance, same browsers and configs.

mastodon.cloud/@esparta/101185

on @mastodon.cloud I can upload when I disable HTTPS Everywhere, on ruby.social only with Firefox or Chrome, no option to use Tor.

@james Firefox with HTTPS Everywhere plugin disabled.
... and also works ...
So looks like a client-side issue, probably asking for a endpoint without secure layer :S

@james tried with Firefox 63.0.3 & Tor 8.0.3. But as long as I can tell the browser should not be a problem here, should be?

looks like uploaded images are not being processed . It's some restriction/issue with the instance, @james ?

Show thread

@vigdis I'm using tmux over iTerm2 using fish. I'm implementing Agnoster-like theme. Font: Fira Code Light

I'm pretty sure I don't have anything else on place, that's according to my dotfiles I didn't touch a long time ago:

github.com/esparta/dotfiles

Show more
Ruby.social

A Mastodon instance for Rubyists & friends