Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@Oktokolo: "[W]orm-eating troglodytes" refers to the men who believe that HTTPS is _always_ essentially necessary.
-
@varikvalefor
Well, if you want to make dragnet surveilance as hard as possible, it is.
Cryptography done right is cryptography that is always done regardless of the data's security clearance. If you only encrypt the juicy data, you basically mark that data as juicy.
HTTPS everywhere downgraded the pre-Snowden dragnet survailance to "only" getting IPs and host names instead of also seeing the page the visitor actually looks at.
It is the maximum three-letter-agency-annoyance possible without upgrading to TOR-like onion routing. And it is damn cheap on current hardware.
HTTP response code cheat sheet
(From /r/Programmer humor)
Reading "duh... that link looks sketchy" time after time when attempting to nudge people in the direction of good resources, e.g., on-line manual pages, becomes rather irritating. Is typing the URL into VirusTotal or something really such a fucking hassle? Are you sufficiently special to warrant the creation of an IP grabber which is dedicated to targeting you... AFTER you posted your exact location on Instagram last week?
Similarly, some pants-shitting, worm-eating troglodytes who have the gall to claim to know anything about cybersecurity STILL think that for all Web sites k, that k's URL begins with "https" implies that k is secure. NO! Unencrypted Web sites are FINE unless sensitive information is being transferred. Are publicly available manual pages sensitive information now?
Grabbing the campaign hat and writing death threats and very personal insults is sometimes slightly tempting.
rant
cybersecurity
security
documentation
https
urls