It's a response to obligations under GDPR,

You've been gaslit.

Consent is not required for those cookies that are only used for purposes *essential* to the working of the site. Two of the key reasons to be allowed to process data under GDPR are necessity and consent. It's also why if you apply for a loan, the bank will tell you what they will do with your data but not ask for your consent. Consent cannot be assumed just because you submitted the form but they don't need your consent because they collect and use the data out of necessity.

If you actually drill in to the cookie popup then you'll usually find you cannot refuse the essential cookies while you will have to opt in to the non-essential tracking ones. They don't need consent for the essential ones unless they also use them for non essential uses.

Companies are blaming GDPR but actually they're skirting at the very edges of the law and trying to trick you into consenting to something completely optional but which they must have your explicit consent to do.

2) You should be careful what you call crap. CS people are starting to look at Clojure, and from the perspective of someone who doesn't understand it, it looks a lot like LISP. On top of that, at least one top university (CMU) has decided to stop requiring object-oriented languages for a degree (in favor of functional), because they feel that object-oriented is a dead end.

Lisp, Haskell etc are great languages for approaching some problems. Unfortunately, there's a huge class of problems that doesn't fit the functional model well (almost anything with IO!).

One of the most amazing things about C++ is that it's managed to adopt many/most/all of the most positive parts of functional programming while sacrificing none of the power of dealing with procedural problems.

One of the difficult things of C++ is that its syntax is often horribly convoluted in order to preserve backwards compatibility and, in turn, that makes googling to try to understand code that someone else has written is hugely difficult.

I've been programming C++ since the days of cfront and only this morning I was reviewing a piece of code and thought "oh, I didn't know you could do that".

auto && [a,b] = getData(x);

I didn't need to try to google this to work out what it does, but a beginner is going to struggle.

Can you imagine if getData looked something like:

auto& getData = []() {...}

Don't know about Australian law but wouldn't an AI invented device fail the "not obvious to a person skilled in the arts"? If one AI can invent it then presumably any other AI trained the same way could also invent it and therefore all AI inventions are "obvious".

Thanks. That makes sense.

I'm not denying it works but consider the counter example, the windmill is mounted on a truck that is driving downwind at exactly the same speed as the wind is going. How can the windmill generate any power at all?

The only way I can see that you can cross this barrier is for you to accelerate to the wind speed, the wind to slow down slightly so you're now going faster than the wind (and can start to extract energy again) and then the wind picks up again and you can accelerate some more.

ISTR it was demonstrated ages ago that you can accelerate directly into the wind, so I can see how you can go faster than the wind but I'm not sure of the mechanism to go from slower than the wind to faster than the wind without some external effect or some (temporary) energy storage to cross the dead zone.

Can you setup something like stunnel? I haven't tried it but it would have the additional advantage that your browser would always see the same certificate regardless of the equipment stunnel was connecting to. And I'm pretty sure stunnel itself has options to not check certificates.

I haven't used stunnel for donkey's years. I used to expose some HTTP only cameras as HTTPS via stunnel. But I wouldn't dream of doing that now and everything has to go via a vpn to my local LAN so no longer do I need to care about HTTPS.

And I run a VM in my local lan with really old versions of browsers installed so that I can always connect to these devices. We are rapidly aproaching the point where it's going to be impossible to recover access to older equipment without jumping thoough hoops as a factory reset will result in too old, too short key certs which means it's impossible to connect to the device to install a newer cert.

IME IPMI and its equivalents doesn't work with runtimes newer than java 8.

ssl rather than tls too. All to talk to something that isn't (shouldn't) be publicly available but is often mission critical that it 'just works' discourages upgrading.

The problem with everything jumping on "use HTTPS because it's harder to block" is that all the bad stuff out there is doing the same thing.

If knowing who on your network was talking to what was designed into the system from the start then many of these apps that steal credentials would be found very quickly.

The right way to do this - along with everything else like certificate checking, etc, is to delegate it to a separate application.

Firefox, the browser (all browsers), should have none of this, possibly not even HTTPS.

It should then talk to a "proxy" on the local box (this can be bundled with firefox and started by default)

That way there is a single place to configure all of these security settings and changing browser doesn't change how things are configured.

The "proxy" on the local box can then potentially, forward to another "proxy" on a remote box - this is the first place you need HTTPS.

Writing something like this is one of my dreams for retirement

Normally it's the person who owes money who runs and hides, but I've repeatedly reached out to CSW to pay him his court ordered costs, and he doesn't seem to want to receive it. Perhaps he is running away from his money so he can make me in "contempt of court"?

This is exactly the situation that 'legal tender' exists to prevent (in the UK at least)

He pays the money into court and that will avoid any possibility of action against him for non payment.

What we really need is a "proxy" that runs on localhost that all browsers talk to. That proxy is then responsible for filtering, blocking JS etc, etc, etc and you can run multiple browsers without having to configure each one separately for this stuff.

I'm using squid as a MITM proxy (a lot of peek and splice, a bit of peek and bump) but it has its problems over something designed into the browser properly.

And the person who owns 87.0.0.1 (aka 0127.0.0.1) is now sitting on a goldmine and accepting bids of 100K bitcoin for the IP :-)

But those attacks cluttering up the logs hide the ones that I should be worrying about.

Blackholing china, russia cuts down a huge amount of noise.

Move all this work into a proxy. Have one place responsible for all of this and all the browsers then talk to a "proxy" on localhost via http.

Back in the good old http days this wouldn't have worked nearly as well as everybody along the path would be proxying these favicons.

By moving them to https the website has a direct connection to the browser and fetch/not fetch conveys a bit of information.

Mozilla already wants to do all your DNS for you in the name of anonymity/security. Will the next thing be them running a mitm proxy?

Surely the vast majority of these systems can download a "backdoor" later anyway.

So even "patriotically made American TVs" are potentially going to be "taken over" in the future if/when company ownership changes.

Many of them will require internet access. With DoH, ESNI and certificate pinning it will be impossible to block it downloading updates too (unless you can completely firewall it from the internet)

The best you can do is firewall it from the rest of your network (and don't do things like checking emails on it)