corsicanguppy
@corsicanguppy@lemmy.ca
- Comment on Synology Lost the Plot with Hard Drive Locking Move - ServeTheHome 1 day ago:
Fixed
Worked-around, you mean. And that hack seems temporary.
- Comment on Elon Musk: your new Tesla will drive from the factory floor, to your house 'this year' 2 days ago:
OH YEAH !
- Comment on Papra, the minimalistic document archiving platform 2 days ago:
Is there a docker-free version due?
- Comment on Musician Who Died in 2021 Resurrected as Clump of Brain Matter, Now Composing New Music 3 days ago:
I certainly hope so! I have too much to do for just one life!
- Comment on They never cared about pedophiles or child rape. Only owning the libs. 4 days ago:
Full stop
Red flag. (X) To doubt.
- Comment on Endurain is a self-hosted fitness tracking service designed to give users full control over their data and hosting environment 4 days ago:
After 15 years? I applaud your gadgetry care and preservation.
- Comment on The first folding e-reader is smaller than a paperback 5 days ago:
The hinge lasts longer than a foldy screen.
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
Just
Red flag.
serve your website with Caddy
There is no security risk so bad that it can’t be made worse by layering on new tech with its own issues and pitfalls. (Paraphrasing Bruce Jackson)
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
Also my workplace hosts their own dns
The best way to control the data.
and I think it will be a cold day in hell before they let me do automated updates.
This is of waning value, but don’t jump into half-assed automation early or you end up with problems like route53 hijacking.
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
If you’re truly unaware of why TLS is necessary or how to automate the process then you should probably retire.
Oof. You’re gonna hit the bottom of the table with your knee like that.
What part of your security training skipped over understanding the customer’s setup before making recommendations?
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
End users should start getting used to that expired certificate warning in their browser of choice and the process to tell it to continue to the site anyway.
We already have a lot of this, and it’s definitely gonna get worse. Is a security dance so convoluted that people are used to others just messing up really an effective process?
Given the biggest breaches were caused default passwords and misconfigured S3 outhouses, are we focusing on the right stuff today?
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
LetsEncrypt also built ACME, so they’re the primary port for testing RFC8555. They’re just gonna work better at it.
But, as above, maybe Digi is still the way for you, with the right tooling glued in.
Good luck!
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
manual renewals with Digicert has been a pain in the ass. If anyone has experience with their automated option I’d love to hear it.
Aren’t they RFC8666-compatible?
Yep, seems so:
ACME Directory URLs – Get certificate-level automation for Extended Validation (EV) and Organization Validated (OV) certificates. Manage multiple ACME clients, running on Windows or Linux so you can efficiently automate certificate delivery regardless of the quantity of certificates you’re managing. Improve the security of using ACME in your network through our CertCentral discovery sensors. The sensor is an extra layer of security, ensuring the ACME client doesn’t directly speak to an unsecure third party.
If you search for RFC8666 or ACME, you may find a tool you can use that may be compatible for renewing Digicert certs automatically.
I’d love to actually help, but honestly I knew the RFC offhand and googled the rest myself, so dragging the problem to ACME - like RFK dragging the carcass of a deer back to his sedan - is the best I can do for you today.
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
get serious about automation.
I’m relieved this post didn’t mention Ansible. It’s nice we’ve avoided the irony of mentioning Ansible in a post also mentioning ‘serious’ or ‘modern’.
the concept of doing these processes manually becomes a total clusterfuck.
But it’s a known clusterfuck compared to the scary unknown of certs (and the boulder app).
- Comment on TLS Certificate Lifetimes Will Officially Reduce to 47 Days 6 days ago:
Why not use self-signed certificates and have each search engine indexer also index the certificate and point out how long it has been since it has changed so that you can trust whatever search engine you wish instead of these mega centralized providers of certificates.
Freshness isn’t an indicator of validity. The fence around the nearby park is decades old and with inspection and minor repairs is still viable; commercials on TV promising mail-order boner pills or vast riches from slots and roulette are relatively new.
- Comment on Unlike in movies, most smart people aren't good in chess. 6 days ago:
I have a mishmash dialect as we moved around a lot when I was a child; very rural, too. I’ll say “hambag” and “ain’t” and “me an’ this guy” and my sister says “ambliance”, but we spell it all correctly.
Did your chess expert know the spelling and say it wrongly, or was there confusion about the spelling too?
- Comment on The plural of Kleenex should be Kleenices. 1 week ago:
You must struggle with nouns like ‘deer’ and ‘mail’.
- Comment on Who needs a lawn? 1 week ago:
You’re talking about a shared park. A much better use for land instead of a hoarded, fenced lawn.
- Comment on The unfortunate thing about twins is that they might fight over which one was not planned. 1 week ago:
Birth order is never in question.
- Comment on Am I going crazy, or has people's spelling gotten awful lately? 1 week ago:
[…] isolated thing either, I’ve seen […]
comma splice.
- Comment on Airport face scans could replace boarding passes and check-in as soon as 2028 1 week ago:
If it’s to avoid the cancer box, I’ll take the feel-up. I’ve been in Basic. I no longer have shame.
- Comment on Do you use your blinker in a car? 1 week ago:
You forgot the part where you turn your damned head and look beside you.
Please tell me that’s just an oversight, and you’re not one of those.
- Comment on Nextcloud (PHP) vs OpenCloud (Rust) 1 week ago:
Evaluation of the product no longer required.
- Comment on Boarding passes and check-in could be scrapped in air travel shake-up 1 week ago:
I gotta travel with my twin more often. I can 50-50 unlock his stuff. Let’s fuck this up.
- Comment on High school student uses AI to reveal 1.5 million previously unknown objects in space. 1 week ago:
I didn’t see where the article was about capitalism. Did you comment the right post? It seems off-topic.
- Comment on ‘An Overwhelmingly Negative And Demoralizing Force’: What It’s Like Working For A Company That’s Forcing AI On Its Developers - Aftermath 1 week ago:
Very few employees.
Fewer by the day.
- Comment on Every time you eat, you're trusting many strangers to not have tampered with your food 1 week ago:
a developed country with some sort of food standards you are probably going to live just fine eating 99.99% of the things you see in a daily basis.
Soooo, America before they fired everyone?
- Comment on Why do people insist on not answering ALL the questions in an email or text message? 1 week ago:
I work in text.
You can keep your infix replies and fancy colors. I want my replies to look like forwarded email as per rfc1855.
- Comment on Why do people insist on not answering ALL the questions in an email or text message? 1 week ago:
This.
And if they don’t answer all three, the only response they get is a repeat of the missing question.
After a day.
- Comment on Microsoft has now fired the employees who publicly protested the company supplying AI tech to the Israeli military 2 weeks ago:
It’s comically ironic that the author of that note thought the whistle-blower should apologize to the dirtbag for saying something.
If you don’t want people to be upset about your supporting genocide, then please consider not supporting genocide