We have a customer that runs an extremely strict security program, which disallows any type of outside connection to their servers.
In order to even correspond with them via email you must undergo background checks and be validated. Then you sign an NDA and another "secrecy level" contract.

Today they had a problem, I was the one assigned to fix it. I asked for a screenshot.
We already use an encrypted mail service, which runs via a special VPN that has enough layers of protection to slow down a photon to the speed of a snail.
The customer's sysadmin encrypted the screenshot and sent it to me.

I open the screenshot and....
He runs Windows 10, uses Google Chrome and has Facebook's WhatsApp desktop app flashing orange in the tray.

😐😣😫😖

This is why I love GNU/Linux. No scary bullshit, no "call support", no secrecy. Fuck yes!

Today, the security department stopped our new project and told us to work on the last project instead because of a top-secret security flaw.

Problem is, they are not allowed to tell us what the problem is. FML

I thinks I've figured out jAsE — the elusiveness, obscurity, secrecy, continuous re-spawning is to hide that it's really "Jeff Atwood, Stack Exchange" 🤔

There's a devRant extension for Chrome & Firefox.

Please up vote this post so Edge users can too browse devRant in secrecy from there bosses!

Thanks 😁

Apples programming jokes tho

I've finally found a goldmine of accurate job listings that don't include Windows shit-administration... So I'm thinking of sending out applications to all of them. Problem is, as you might recall from my previous rants, I had a flash drive with my GPG keypair on it stolen from me. I still haven't fully replaced the key (I made another one and published it but I'm not using it yet), and because I'm fairly confident that this flash drive's data has never been used (so likely just plugged into Windows and formatted), it's unlikely that I'm gonna bother rotating all of the contents that were on that flash drive.

That said however, my emails now all have signatures underneath them as follows:
Met vriendelijke groet / Best regards,
[my name]

- My outbound email is usually signed with my private key. If not, please don't hesitate to ask me about it through a different communication platform.

IMPORTANT: My keys have possibly been compromised. An encrypted flash drive on which this GPG keypair was stored has been stolen from me. I'm in the process of phasing out and replacing this key. Please do not use it to encrypt any emails to me anymore.

Not entirely sure whether I should remove or keep that last bit. As a potential employer, would you see this as a red flag (he's got encrypted data stolen from him, wtf that's incompetent), or as a nice thing to know that it was properly disclosed (so no secrecy around potential data breaches)? Both seem equally likely so I'm a bit confused about what I should do.

So here I'm, going for an interview but I'm not allowed to show my previous work, since it might give compatitive edge to the organisation interviewing me. But still it does not matter if my supervisor boasts about the work in public forums like conferences.....what kind of secrecy is this :'(

With a recent HAProxy update on our reverse proxy VM I decided to enable http/2, disable TLS 1.0 and drop support for non forward-secrecy ciphers.

Tested our sites in Chrome and Firefox, all was well, went to bed.

Next morning a medium-critical havock went loose. Our ERP system couldn't create tickets in our ticket system anymore, the ticket systems Outlook AddIn refused to connect, the mobile app we use to access our anti-spam appliance wouldn't connect although our internal blackboard app still connected over the same load balancer without any issues.

So i declared a 10min maintenance window and disabled HTTP/2, thinking that this was the culprit.

Nope. No dice.
Okay, i thought, enable TLS 1.0 again.

Suddenly the ticket system related stuff starts to work again.

So since both the ERP system and the AddIn run on .NET i dug through the .NET documentation and found out that for some fucking reason even in the newest .NET framework version (4.7.2) you have to explicitly enable TLS 1.1 and 1.2 or else you just get a 'socket reset' error. Why the fuck?!

Okay, now that i had the ticket system out of the way i enabled HTTP/2 and verified that everything still works.

It did, nice.

The anti-spam appliance app still did not work however, so i enabled one non-pfs cipher in the OpenSSL config and tested the app.

Behold, it worked.

I'm currently creating a ticket with them asking politely why the fuck their app has pfs-ciphers disabled.

And I thought disabling DEPRECEATED tech wouldn't be an issue... Wrong...

A customer of ours not to say names trains people for infosec certs upon investigating their website I noticed they don't have forward secrecy enabled.
Why? What? Even?

Turn it on you baddies.

So, I am fresh CS grad working at his first dev job at a pretty small startup (less than 20 people).
The Engineering team has 7 people and it's relatively flat.
At times, the senior engineers in my team, have 1:1's with the CEO and (what I feel is) some decisions are taken according to that meeting.
I feel kind of uncomfortable about this secrecy etc. even though I know that at least right now I am not experienced enough to be a "decision-maker".
Is this normal? Idk if this is how politics in the workplace happens.. looking for advice on what I should do regarding this..
Also, it doesn't help that I am literally the only Software Engineer (all other Engineers are Senior Software Engineers or CTO) so there is this generational gap which has limited my ability to "really connect" with anyone on the team.

Damn Apple and their secrecy!

Obviously the top item on the table is NN, the "end users" from both sides of the connection on the net are for the saving it, and the middlemen that only own the "cables" want it to be repealed.

We have the solution to end this issue forever. It wont be easy, nor will it be fast.. unless certain "entities" team with us in secrecy. (There's a reason why certain "entities" have stayed silent regarding NN, due to agreements to not get involved due to the risk of backlash. AND if NN is repealed Those Entities cannot fix the problem as their hands are tied to continue to provide content to the end users.) Read between the lines you will understand it will all make sense later.

I will make The Official Public Statement within 24 hours of the FCC Vote. That statement will be how to get involved, help, get us jump started in your area, funding, the ENTIRE details of the plan, goals, and timeline. AS WELL as how to contact us. This will take time and we are not a magic solution that will fix the problem overnight.

We are however THE solution to the underlying problem with ISPs of today. We have been researching for quite a while and digging deep into the entities that have caused us to get where we are now. The further you go digging into 'THEM' the more pissed off you become as you truly realize whats going on and has been on among the ISPs its MUCH deeper than you are being told.

OUR solution will remove all of "them" from the equation completely as well as being faster, and cheaper than the Tier 1 as you wont be paying for the connection or speed, you would be paying for the hardware/overhead cost. AND we will be bringing you closer to the content providers than EVER before.

AND we will be the only solution capable for competing in the current Tier1 Monopoly zones, I promise you they cannot match our plan's price, IF they did it would be only as a loss leader and NOT a sustainable long term solution for those competing with us at are for-profit....

In order for our solution to work, and to keep the internet service non-bias, well non-bias from OUR members :) this will need to be a collective effort, focused one clearly defined vision. WE WILL AND WE MUST ALL set "profits" aside on this as profits in selling nothing other "connection" to the internet has gotten us in the mess we are in now. AND YES we realize profits help maintain and upgrade the infrastructure, BUT that isn't true in this case...Overhead from our view includes those anticipated costs.

Smaller ISPs will need to make a decision, give up profits, become one with us, and be apart of the mission OR they will be left to suffer at the mercy of the ISPs above them setting the cost of bandwidth eventually leading to their demise.

This will happen because we wont be bound by the T1s .... WE would be the "Tier 0" that doesn't exist ;)

This sounds crazy, impossible, BUT its not, it will work WILL happen, regardless of the FCC's vote. as if the FCC choices to keep NN, its only a matter of time till the big lawyers of the ISPs find some loophole, or lobby enough to bring us back to this.

Legistlation is NOT the solution its just a band-aid fix as the cancer continues to grow within.

PLEASE understand that

Until the vote is made, and we release what we are doing, stay put, hang in, it will all be explained later, we are the only true solution.

BIG-ISPs WILL REGRET WHAT THEY HAVE DONE!

What needs to be understood by all is with net neutrality inplace the ability to compete aginst the Tier 1s directly over customers and reinvent the internet to lower or remove costs completely, increase speeds AND expand to underserved/unserved communities ITS NOT POSSIBLE WITH NN

NN REPEAL is the only way to the fixing the problem for good... yes the For profit BIG ISPs will benefit but not forever.. as repealing it opens the doors for outside the box big picture innovators to come in and offer something different, the big ISPs have clearly over looked this small detail being the possibility of a “NonProfit CoOp TIER 1 ISP” entering into the game thru end users and businesses working together as one entity to defeat them... THE FOR PROFIT ISPs over looked this because they are blinded by the profit potential of NN Repeal, never did they consider our option as a possible outcome because no one has attempted it....

We will unite as one

Be the first to know! -stay updated

SnapChat: theqsolution