https://www.wsj.com/articles/olympus-to-exit-camera-business-after-84-years-11592996861 is a bummer. I like my #Olympus O-MD E-M5 micro four thirds camera and I don't think Panasonic will be able to keep the format alive by itself.
@gudenau You can delete *recent* history (in case you accidentally, uh, open up a site that shouldn't be in your history) but there's no way to say "only remember history for N days" as far as I know
I keep forgetting how terrible "Places" is in #Firefox. Any interaction with history or bookmarks blocks the main thread, and if, say, you want to auto-delete history after a time period, you (a) need an extension, and (b) should expect it to take *literally hours* with a moderately-sized history (e.g., my places.sqlite is 50MB and firefox has been spinning for about 10 minutes at 100% CPU trying to delete around 1000 records).
@gudenau Oh, we never had expiration or any other dumb stuff. This is just length and complexity.
Aww yeah removing most of our customers' password requirements at work over the advice of myself and every other IC because we want to chase after the absolute worst customers who can't be bothered to make a password that isn't "password" and because we've decided to hand the keys to all technical decisions over to a bunch of PMs with no technical background. This is going to end super-well.
@gudenau I would usually say that you should avoid implementing your own crypto at all and use a system that already provides this (like TLS, which has identification via long-lived server RSA or ECDSA keys, session negotation with forward secrecy using ECDHE, and then session keys that are short-lived symmetric keys)
@gudenau It depends on your threat model! RSA2048 and 25-bit EC asymmetric ciphers (ECDSA/Eddsa/Ed25519) are considered "secure" for commercial purposes (e.g., by PCI-DSS), but both are believed to be extremely susceptible to quantum computers if anyone ever builds one that can run Shor's algorithm. NIST Suite B requires 3072-bit RSA and 384-bit EC keys for classified materials; same issue.
For longer-term security, Google is experimenting with PQC algorithms for TLS; see https://www.imperialviolet.org/2018/04/11/pqconftls.html .
Who is marc and why does ze get all the email in the default #postfix config?
fuck #UEFI secure boot
I bought a baby monitor (yes, I know, at least it's not internet-accessible) and the website for it is amazingly awful. None of the images specify aspect ratios so on a widescreen monitor, everything looks... neat...
Okay, so the AddTrust CA expiry thing is real. It's fucking absurd that nobody is backporting fixes to OpenSSL 1.0.x and is just saying that you need to upgrade to OpenSSL 1.1.1 (and re-link literally your entire system) to fix this. Does anyone know for certain whether removing AddTrust from the CA anchor list fixes?
In related news, I'm now many hours into backporting an up-to-date PHP since the webtatic one from October is... way behind...
Has anyone noticed that the multitasking UI is totally broken on #iOS 13.5? Half the time I can't swipe between cards, and going home from the card switcher with a second swipe up never works (need to go back to an app and do a long-swipe instead). Very annoying!
wrote a little about my life recently. very little tech content.
This brought to you by the requirement for a User Story and set of Product-Manager-approved Acceptance Criteria for every commit and bug.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!