Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×

Comment Re:I gave up on SO (Score 2) 618

You have a point.

The StackExchange sites have a weak spot for late answers. The voting and sorting system reward mediocre answers that are posted early over great answers that are posted months or years later. That means that the best answer is sometimes half way down the page and may never reach the top.

It is often problematic that the person who asked the question gets sole control over which answer is at the top via the green check mark that "accepts" the answer. I've seen them choose some really bone-headed answers as accepted on occasion. There is just no way for the community to over-ride them, even with at 10:1 ratio of votes on some other answer.

My other pet-peeve is the large number of separate StackExchange sites with somewhat overlapping topics. It is almost impossible to figure out where to post a question sometimes. Most of the sites have non-obvious rules about what is off-topic. You are likely to ask in the wrong place and get your question closed the way it is set up. For example if you have a question about the security of Google Analytics for your WordPress website running on IIS. You might ask it on Security, WordPress, Webmasters, WebApps, or Server Fault. Most people seem to just ask it on StackOverflow because it is the one they know.

Comment Re:Good (Score 1) 57

It gets much more complicated once there is a load balancer involved. I end up redirecting the acme-challenge directory to a subdomain that gets hosted without a load balancer, generating the certificate there, and then having scripts push it to the load balancer.

The other problem I have is that certbot is not idempotent. Certbot doesn't check if the deploy scripts actually succeed or not, it just assumes they did. If they didn't, they will never get called again. Just running certbot auto-renew is not enough. You have to compare locally available cert to the live installed cert to know if a deploy is needed.

With all those extra check, it works, but it is several hundred lines of scripts.

Comment This really sucks for StartSSL customers (Score 1) 57

This really sucks for customers of StartCom (StartSSL):

  • Your website suddenly stops working with no warning.
  • There is no equivalent alternative to StartSSL

Basically Google (and to a lesser extent Firefox) have handled this really badly. I found out about this issue when I got a new certificate and it wouldn't work: StartSSL certificate gives SEC_ERROR_REVOKED_CERTIFICATE in Firefox and ERR_CERT_AUTHORITY_INVALID in Chrome

  • The browser error messages are cryptic and inconsistent. None of them say what the problem actually is. None of them offer links to the blog posts or bugs announcing the revocation. The only way to figure out the issue is through searching.
  • Google is killing existing certificates without making any attempt to contact webmasters. Google should be putting alerts in Google Search Console for every site that will be brought down by this change. At least Firefox limited the scope such that all existing certificates were grandfathered in.

StartSSL was the only certificate authority at its price point. You didn't have to pay by the certificate. You didn't have to pay for the automated process by which you validated ownership of domains. You only paid for validations of who you are and who your company is. Once you were validated, you could issue as many certificates as you wanted for any domains you own. For a flat fee of $200 per year, I could get all the certificates I needed.

The only alternative that I have been able to find is LetsEncrypt. While it is completely free it has some major disadvantages:

  • LetsEncrypt doesn't offer wildcard certificates. I have a domain with about 60 subdomains. The lack of wildcard really hurts for me here.
  • LetsEncrypt only offers the most basic level 1 certificates. They only validate that you have control over your domain. They don't offer level 2 that validates who you are. They don't offer level 3 that validates who your company is. They don't offer the level 4 extended company validations that give the green bar in browsers.

Comment I miss Firefox in this regard (Score 0) 102

Firefox bookmarks sync is much better than Chrome bookmarks sync. Firefox stored your bookmarks locally and updated them periodically from the cloud. Chrome appears to have to download everything when I start the browser. I get a blank bookmarks bar for a few seconds when the internet is slow and I open Chrome. This is one place where Firefox got the design right and Chrome has it wrong.

Comment As soon as the automated tests pass (Score 4, Interesting) 182

Push to production as soon as the (many) automated tests that you have pass. This means you should have comprehensive unit tests and tests that run in the browser, probably written in Selenium. You'll also want to script your release so that you can do it with the push of a button. Once the tests pass, and the mechanics of a release are trivial, there is little reason to hold up a release.

I worked for a top 500 website (East coast) for 7 years that did weekly releases. Since I left, they decided that wasn't fast enough and now release multiple times per week. I'm now self-employed on my own website and release within an hour of finishing development of a feature.

I started my development career writing firmware for laser printers. When you are shipping code on a physical product, the cost of bugs can be quite high. Especially when it leads to returns or recalls because customers are not satisfied. Our release cycles there were 6 months+. Quite appropriately, IMO.

On the web, the cost of bugs is much lower. In most cases it is the only cost of another release. Sometimes it could cost more because of downtime, but good automated test coverage mitigates that risk pretty well (especially if there is load testing involved). The worst case would be data-corruption, but I've never actually seen that in practice from a release, that has only been related to hardware failure or accidents in my experience.

Comment Re:Real name policy to blame? (Score 2) 456

Facebook has a real name policy as well. It hasn't hindered their growth. The problem is that Google+ has a real name policy, but doesn't require mutual friendship. This leads to a duplicate one way friendship problem.

Here is the use case: you want to add a friend who isn't on the network but you have their email address.
Facebook: You add the user by email. It goes to "friendship requested" status.
Google: You add the user by email. That email address is added to your circles
Then later, the user signs up for the social network, but not using the email address you supplied then friends you.
Facebook: You are friends!
Google: You are friends, plus you have a zombie email address friend in your circles. FAIL!

That and Google+ is full of bugs. For example you open a Google+ account at your own email address. Then you sign up for gmail. This changes the email address of your Google account to your new gmail address with NO WAY TO CHANGE IT BACK. The people in your circles are associated with your old email address. Google has DELETED all the friends from your circles. You then have to re-add all of them.

Comment Re:Aha! (Score 1) 120

The IT department here used on of those "perpetual motion" drinking birds to test the video conference system. A week before the big meeting, they set up the link between our Boston office and our London office, put a drinking bird in front of the camera, and made sure that the connection remained stable enough that it wasn't going to drop during the three hours that we really needed it.

Comment Pictures of your data center (Score 3, Interesting) 531

I always get jealous of IT folks when I see that they get to work with racks of equipment. It seems to me like it is building with Lego blocks for a living.

In addition to software installation and security, our IT folks plan out the hardware with the power and cooling requirements. I would have been fascinated by this stuff as a kid (and I still am).

Google

Submission + - Google goofs up Firefox's anti-phishing list (google.com)

Stephen writes: "While phishing is a problem, giving one company the power to block any site that it wishes at the browser level never seemed like a good idea. Today Google blocked a host of legitimate web sites by listing mine.nu. mine.nu is available as a dynamic dns domain and anybody can claim a sub domain. All sub-domains are blocked regardless of whether phishing actually occurs on the sub-domain or not. Several Linux enthusiast sites are caught up in the net including Hostfile Ad Blocking and Berry Linux Bootable CD."
Google

Outcry Over Google's Purchase of Doubleclick 242

TheCybernator writes to mention that several activist groups have cried out in protest of the Google buyout of Doubleclick reported in recent news. "'Google's proposed acquisition of DoubleClick will give one company access to more information about the Internet activities of consumers than any other company in the world,' said the complaint lodged with the Federal Trade Commission. 'Moreover, Google will operate with virtually no legal obligation to ensure the privacy, security, and accuracy of the personal data that it collects.' The complaint was filed by the Electronic Privacy Information Center along with the Center for Digital Democracy and the US Public Interest Research Group, all of which are involved in online privacy issues."

Is Wikipedia Failing? 478

An anonymous reader writes "A growing number of people are concerned about where Wikipedia is heading. Some have left Wikipedia for Citizendium, while others are trying to change the culture of Wikipedia from within. A recent essay called Wikipedia is failing points out many of the problems which must be solved with Wikipedia for it to succeed in its aim of becoming a reputable, reliable reference work. How would you go about solving these problems?"
The Internet

Wikipedia Blocks Qatar [Updated] 204

GrumpySimon writes "Wikipedia has blocked the entire country of Qatar from editing pages. Whilst the ban is due to spam-abuse coming from the IP address in question, the fact that this belongs to the country's sole high-speed internet provider has the unintended consequence of stopping Qataris from editing the wiki. The ban has raised concerns about impartiality — the majority of Al Jazeera journalists operate out of Qatar, for example. This raises a number of issues about internet connectivity in small countries — what other internet bottlenecks like this exist?" Update: 01/02 13:32 GMT by Z : Jim Wales wrote in the comments that the story is 'completely false'. Either way, the ban has been lifted and anonymous editing is once again possible from Qatar.
Security

Submission + - Burglar turns child porn collector in

An anonymous reader writes: It seems that a burglar was outraged when they found child pornography on a computer in a house they were robbing. They gave a tip to police, and the child porn collector has been arrested, but the burglary case remains unsolved.
Bug

Submission + - Thunderbird devours your mail - forever losing it.

niekvs writes: Ever since Thunderbird's latest update (1.5.0.8) was released a few weeks ago, a very nasty bug was introduced - and sadly enough the Mozilla team isn't hurrying to release a patch, leaving millions of users exposed. I noticed this problem by accident, when i realized that Thunderbird was downloading far more mails than were showing up in my inbox. The first few days i wasn't paying much attention to it, because sometimes 70% of my mail is automatically redirected to my spam box anyway, but at some point i started actually counting the mails by hand and found out that a large portion of mails just didn't show up, even though they were downloaded. I then followed Mozilla's recommended practice of compacting my mailboxes, to no avail. Desperate, i searched Google for help, and found out that a lot more users were experiencing similar issues (1) (2) with the latest update. The bad thing: compacting actually permanently deletes the missing messages (that are likely mostly spam, but can also be legit). If you haven't done this yet, you should downgrade back to the previous version, 1.5.0.7, exposing yourself to some security issues, but at least having peace of mind that you receive all your mail, and won't receive any angry mails from friends or colleagues asking why you haven't returned their important questions yet. Please read the comments in the bug report for more information. This issue seriously broke my confidence in this program, especially considering that Mozilla appears in no rush to release an update, and are still distributing the buggy version weeks after discovery. In my opinion, this is a much more serious problem than whatever obscure security bug they were trying to fix in this version. Most people probably won't even realize something is wrong, because the mails simply never show up...

Slashdot Top Deals

This file will self-destruct in five minutes.

Working...