Mastodawn

Chris Trottier Nov 30, 2022

One of the biggest mistakes the Internet made was trying to make HTTP do everything.

Show thread

Adam Dalliance Nov 30, 2022

@atomicpoet it's not the programmers fault. They had no choice. I was one of them.

In the early naughties we tried developing systems that connected on other ports and spoke different protocols.

But our corporate users could not use them. They were on networks locked down by paranoid security engineers.

Only port 80 was allowed. Or port 443.

So we had to rewire it to fit where corporate security firewalls allowed.

And thus, paranoid security engineers forced everyone to make everything look like web traffic. Which of course makes the whole system less secure.

Show thread

Chris Trottier

@pre Ha ha. I have a lot of additional thoughts about this.

Show thread

Alexander Hamizdat 🌹Nov 30, 2022

@atomicpoet @pre something something Deep Packet Inspection. Don't get me started on the open-ssh server I had to run on port 443 because my remote co-worker's hotel would only allow that port outbound.

Show thread

Alexander Hamizdat 🌹Nov 30, 2022

@atomicpoet @pre correction: it also allowed port 80 but it would inspect those packets and be like "this doesn't look like unsecured HTTP, no cx for you."