Felicitas Pojtinger 🌅Sep 25, 2025
Whenever you see someone recommend Cloudflare or something else that decrypts and re-encrypts TLS for something, esp. for something related to open social media or media storage etc., reply with this picture from the Snowden leaks
Show threadStuart Longland (VK4MSL)

@pojntfx I think Google has since fixed the cleartext-in-the-DC issue but that alone doesn't earn them trust.

I'm old enough to remember when even the front-end of webmail services was cleartext.

Sep 27, 2025 at 10:04pmWeb
Show threadWilfried KlaebeSep 28, 2025

@stuartl Yep, that's one of the reasons why HTTP Digest Authentication ever was a thing.

@pojntfx

Show threadSophie SchmiegSep 28, 2025

@stuartl @pojntfx yeah, we encrypt all traffic internally as well as externally, within datacenters and between datacenters.

As far as I know, Cloudflare does as well.

Show threadSophie SchmiegSep 28, 2025

@stuartl @pojntfx if you use a modern browser (especially Firefox or Chrome, but I think Safari might as well these days), the traffic is even protected against someone storing the ciphertexts, developing a quantum computer, and breaking the elliptic curves used.

I talk about the effort of making this true internally here, using that very slide 😏.

https://youtu.be/IAOWRO9Qn10?si=3SYI9NaOnzxkC5i0

Session on PQC Protocols and Agility

YouTube
Show threadVioletSep 29, 2025
@sophieschmieg @pojntfx @stuartl i am so sad to hear about killing the resumption exchange ​​ i was just trying to add more forward secrecy
Show threadSteve HoldenSep 28, 2025

@stuartl @pojntfx I’m old enough to remember when TCI/IP was invented, and anyone smartcenougb to have deployed it could be trusted by default. And you tell these young folk nowadays, etc., etc. (stumbles off, mumbling and stroking into beard).

I miss those days. The UK Internet Consortium was influential (even though nobody even remembers it). It achieved its goal, and the UK uses the same (more efficient) standards as the rest of the world.

Show threadStuart Longland (VK4MSL)Sep 28, 2025
@holdenweb @pojntfx Nowadays seeing a IPv6 address gives them a jump-scare.
Show threadSteve HoldenSep 28, 2025

@stuartl @pojntfx well yes, but thanks to the old guard who actually made this shit work, users don’t really need to understand the details anymore. I have only skimmed the surface myself!

I taught TCPIP classes for approximately 20 years, and throughout that period, the uptake of IPv6 was consistently felt by the industry to be “10 years away“. 🤣

Show threadStuart Longland (VK4MSL)Sep 28, 2025

@holdenweb @pojntfx It's been reduced to magic numbers at this point.

"Look, put 255.255.255.0 in that field there and the other one must start with 192.168… don't worry about the rest!"

(ugh!)

Not much use for knowledge of things like 802.1Q in "the cloud".

Show threadSteve HoldenSep 28, 2025

@stuartl @pojntfx yes, but there’s no use bemoaning the fact that broadening the market for a technology necessarily means making it accessible to the (literally, not pejoratively) ignorant.

Back in 1995, when the Python world was a delight, I knew it would inevitably devolve into the same shit-show I’d already seen in the MS world. You either work with niche tech or welcome the world and all its warts!🤷

Show threadSteve HoldenSep 28, 2025

@stuartl @pojntfx maybe for my third and final magic trick I’ll go niche.🤪😉

[For the curious, the second achievement was starting PyCon and ensuring its sustainability.]

Show threadSteve HoldenSep 28, 2025
@stuartl @pojntfx back when I started teaching networking, it wad important to understand the difference between Ethernet and 802.3, but nowadays very few care. I would argue this is, overall, a good thing (though I bemoan the fact that few others share my geeky delight in the details!)
Show threadSteve HoldenSep 28, 2025
@stuartl @pojntfx I regard founding the UK Internet Consortium as one of the two most significant achievements of my career, even though very few people have ever heard of it. In accordance with NLP theory, my attention was on the goal.