LONG LIVED SSH KEYS CONSIDERED HARMFUL
Disclaimer: This advice goes for any credential, including and especially passwords tl;dr: You should, at regular intervals, change out and retire old SSH keys. SSH keys are dangerous An SSH key should be considered a short-lived resource and as such and should be refreshed periodically. Here are a few reasons why: They can be compromised They are highly privileged They can be automatically generated They can easily be replaced on many services Refreshing your SSH keys has the added benefit of following the Let’s Encrypt School of Critical Process Management:
ARGUMENTS AGAINST HTTPS
Disclaimer: I think HTTPS everywhere is a generally good thing, but it isn’t unmitigated. See this earlier post about why HTTPS is good and why you should do it. That being said, there are arguments against it that ought to be taken seriously. Some of these arguments apply systemically, i.e., because of choices made by the browser vendors, such as the decision to mark all non-HTTPS sites as insecure by default.
ESK8BST - ELECTRIC SKATEBOARD BUY / SELL / TRADE
The Finished Product Raison D’etre Structure Front End React Components Pages Services FindThread.ts GetNewestData.ts Determining BST Status Determining Price and Currency Determining Product and Company Other Data Backend .NET Core Database ScanData Subscribers Preconfirmed Third-Party Services Netlify Firebase AWS Serverless / Lambda Serverless Project Functions Logging MailGun Types of Email Email Deliverability Email Services Mailgun’s Services Double Opt-In + Unsubscribe Automated Security Scan Privacy and Security Firebase Rules / Service Accounts Reddit triggering Tracking Protection The Finished Product Available at https://esk8bst.
WHAT GOOD ARE VPNS?
Good at some things, bad at others. At the most basic level, a VPN is an end-to-end service that encrypts network activity on one end and decrypts it at another. Depending on what kind of platform you are on, VPNs can be installed at different and deeper layers of the network stack. That’s all it is. Encrypted data at one end, decrypted data at the other. Anything else is fluff, extras added on top.
HTTPS IS ABOUT RESPECTING YOUR USERS
Respect Your Users As of July 24th, 2018, Google Chrome is visibly marking all non-HTTPS sites as “not secure”. In light of this, it might be prudent to elaborate on what exactly HTTPS is meant to do. A site without HTTPS is vulnerable to Man-In-The-Middle (MITM) attacks, which Troy Hunt shows off convincingly over at https://www.troyhunt.com/heres-why-your-static-website-needs-https/ That site is all about demonstrating through words, video, and actions, what happens when you don’t have HTTPS.
UWP: SIMPLE EVENTS
Notes [07/19/2018] Note: This post refers to the library Microsoft.NETCore.UniversalWindowsPlatform, version 6.2.0-Preview1-26502-02. Events Some problems are just made so much easier in XAML based apps if you use the Event pub/sub model. We’ll structure our events the way the excellent Template10 does: One event One EventRaised method Untyped Events These events carry no information aside form the fact that it occurred. In the class that the event originates from: public class MyEventPublisherClass { /* This the event that will be subscribed to.
UWP: LISTVIEW ROW HEIGHT
Notes [07/19/2018] Note: This post refers to the library Microsoft.NETCore.UniversalWindowsPlatform, version 6.2.0-Preview1-26502-02. ListView Row Height When dealing with ListViews in UWP, sometimes more information density is desired, and the quickest way to get that density is to adjust the row height of each item in the ListView. By default in a new ListView, information density is low and look like this: Any control that inherits from ItemsPanel in UWP Xaml must have their row heights adjusted by overriding the style parameter in the parent object:
TOWARDS A SECURE AND PRIVATE FIREFOX INSTALLATION
With the massive overhaul that was Firefox Quantum (FF57), it’s worth checking out how to make a modern Firefox install secure. Much of modern Firefox’s security comes from the fact that in addition to doing extensive work on the architecture underlying the browser as a whole, they also removed the old extensions system. That has been a double-edged sword, because many beloved extensions relied on the that old architecture, but the Firefox developers have been working closely with the authors of popular extensions to add back in the necessary pieces they require.
BIN AND OBJ ARE THE DEVIL
the first in what is likely a series on cache invalidation being hard. tl;dr - close Visual Studio and delete your obj/ and bin/ directories if your project isn’t building and giving cryptic errors. Your project was working fine, but now all of a sudden it can’t find a reference whose location didn’t change. Or it won’t build because something is out of date. Or the version is incorrect. Maybe your project is suddenly throwing errors like cannot find source file or xxx does not exist in namespace yyy.
#REGION IS FINE
Occasionally you’ll encounter someone whining about using C#’s #region / #endregion feature in your code. The complaints always boil down to one thing: Overuse of regions is indicative of bad design because it promotes hiding flaws in class structure. Mostly they mean that the class is too big and should be split up. That’s not a necessarily bad observation on its face, but it’s farcical to blame bad design on using regions.