30

@netikras since when does proprietary mean bad?

Lemme tell you 3 stories.

CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.

Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!

Can be easily resolved by using opensource VPN client -- openconnect

CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted

OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.

SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in

umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.

Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.

Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.

Comments
  • 4
  • 5
    It still does not answer the main question. 🤔
  • 2
    since Microsoft?
  • 2
    @netikras good rundown.

    Those anyconnect issues with routing actually to remind me of some issues I've had with using local VMs while in VPN or after using it. Best solution so far has been to reboot the machine 😀
  • 3
    @irene it does. There is no point in time from which on proprietary sw can be simply called bad. Some soft is good, some is bad. It is not a matter of 'since when'.
  • 1
    @Froot yeah, that's annoying. And rebooting is just a nasty workaround. It works, but it is hugging annoying.
  • 2
    @netikras indeed 😀
  • 4
    It's a silly question. Are cars bad? Well, the 1977 AMC Pacer sucked, and the 1975 Gremlin would catch in fire if hit from behind. Therefore, cars are bad. Yeah, the question is that magnitude of silly.
  • 3
    @netikras For a moment I thought that someone else posted a rant and was trying to change your mind by trying to convince you that propietary software is bad. I was this close to nearly writing a good few pages of comments to back them up. xD
  • 3
    I love how all three of these are about Cisco and Symantec. So fucking accurate! There is so much proprietary shitware out there. On a few rare occasions I’ve used proprietary software that was good but those occasions are so so rare. But Cisco and Symantec are some of the worst offenders
  • 1
    @theKarlisK thought the same XD
  • 1
    Proprietary isn’t necessarily bad, but it’s far less scrutinised than open source software. You can’t just clone their repo and fix their shit.
  • 1
    That's why I have a Win7 VM. To connect to customers which use Cisco VPN.
    Solves all of your issues. 😁

    (and is fucking crazy! A full VM for ssh and scp through one shitty VPN gate!)
  • 0
    @620hun A trope that is off repeated, but not true. OSS is neither more or less scrutinized just because it can be. Even if it is, a piece of software is not necessarily better because more people look at it. It matters who those people are and what their motivations are. The only yardstick means anything is if the tool works for you. It doesn't matter who wrote it, how, or what flavor ice cream the developers preferred. It doesn't matter if they used waterfall or scrum or something that made sense. It doesn't matter if it was written in C# or JavaScript or pig Latin. You may revel in your edginess as you plug away on your Arch Linux distro, but you also certainly put your life into the hands of trillions of lines of proprietary code riding a train our self driving Tesla to the Starbucks where you used Apple pay to buy a drink whose name nobody knows how to pronounce.
  • 0
    @620hun I’d say it’s not necessarily bad but usually is.
  • 2
    @monkeyboy OSS isn’t necessarily better but I would say it strictly is in the areas that matter the most. The examples of proprietary software that I’ve used always had bugs that were just so pathetic it made me want to jump off a bridge. Companies that are just some random software vendor for desktop software or tools typically don’t get top talent so the quality of the software is usually severely lacking. And it’s not just random bullshit too, the medical records computer systems used worldwide are so horrendous (and I’ve contracted with these companies so I’ve seen the code, albeit a long time ago but I’m positive it hasn’t changed based on what I have heard) that I actually am afraid to go to the hospital now.
  • 0
    Pulse Secure VPN fixed all of these issues a long time ago...
  • 1
    Couldn't open source software have the same issues?

    I think the issues with proprietary software are the ones we don't know about. For example, how they store and use our data.

    Otherwise, proprietary programs operate exactly as any other.
  • 0
    I fully agree that proprietary means crap. Learned that few years back. Why don't they just use open source base and build on that FFS
  • 0
    @AlgoRythm it could. But it doesn't. Wasn't I clear enough with my obvious hints about openconnect?
Your Job Suck?
Get a Better Job
Add Comment