Email or username:

Password:

Forgot your password?
9 posts total
Jan Schaumann

The first rule of #Enshittification is that proper lock-in cannot occur if the product is thriving as Open Source, so once you've reached sufficiently high switching costs, pull out the rug.

github.com/bitwarden/clients/i

#bitwarden

Show previous comments
Gregor

@jschauma I thought I was into a good one there.

*Sigh* Time to look into paying those switching costs

schrotthaufen

@jschauma According to this statement from Bitwarden on Twitter, it wasn’t intentional: xcancel.com/bitwarden/status/1

Orca🌻 | 🏴🏳️‍⚧️

@jschauma@mstdn.social
@bitwarden@fosstodon.org what is this supposed to mean? Do you plan to make all your clients depends on a proprietary SDK while still calling your software FOSS? That's not persuasive enough. 😡
#Bitwarden

Jan Schaumann

Thinking of starting a new consulting business, called "That's Fucked Up As A Service".

I sit there and you explain your legacy system to me, and all I do is say "That's fucked up." If you agree, you get a discount. If you try to justify the brokenness, you have to pay double.

Show previous comments
Billy Smith

@jschauma

"It looks like the reason you are paying so much tax, is that your profits are too high."

" I can help you with that. " :D

Jan Schaumann

Ken Thompson's original Unix backdoor of "Reflections on Trusting Trust" fame was apparently never published. 40 years (!) later, here it is: 99 lines of code plus a 20-line shell script. That's it.

Nicely annotated and explained by Russ Cox:

research.swtch.com/nih

Jan Schaumann

OMG, the "can you melt an egg" answer is back, this time *citing the article that explains how Google was taking the wrong answer*. #ai #fail

Screenshot of a google search for "can you melt an egg" showing the wrong answer citing Ars Technica.
Jan Schaumann

Remember the X.509 PKI? You know, the one that gave us

- "Oh wait, certificate revocation is basically all broken"
- The One Where That Dutch CA Issued A Fraudulent *.google.com Cert

and my all-time favorite:

- Honest Ahmed's Used Cars and Certificates
bugzilla.mozilla.org/show_bug.

Jan Schaumann

It's great, because it secures virtually all web traffic, and all you have to do is get a certificate from a certificate authority -- any one at all!

Don't be picky: there are literally hundreds in your trust bundle:

Terminal screenshot showing 'security find-certificate' commands.
Screenshot of macOS Keychain Access showing many, many trusted CA certs.
Show previous comments
Osmo Patagium, Pointy Bat Pone

@jschauma Interesting. It just reset to 0 epoch time rather than roll over to 1901.

Shadow D. Wolf :therian:🏳️‍🌈

@jschauma Meanwhile, NTFS users are safe until sometime on May 28, 60056. XD

Paul_IPv6

@jschauma

w00t!

i spent new years eve of 1999 like most of my friends. online, waiting to see what we'd miss in the way of y2k fixes.

for 2038, i'm just going to be sitting there, with my gas powered generator to keep my freezer making ice, sipping cocktails, and chuckling quietly to myself. occasionally muttering "told em so" or "you'd think they'd have learned by now" under my breath as i smile.

Jan Schaumann

Who reads your email? Ok, ok, nobody does. Even you don't want to, I know. But... who _could_?

A 🧵 about centralization of MX records across gTLDs:

Jan Schaumann

SMTP relies on MX records in the DNS to identify which server(s) it should hand the mail off to, and over 40 years after RFC722 was published, email is still cleartext.

Together, this means that any receiving mail server can trivially read any message passing through.

Go Up