Jenna Magius @jennamagius@octodon.social
There can and should be such a thing as a free lunch.
@r0 It's literally the only one that has HSTS preload!
That regular people can buy, at least.
@metagorgon Oxy is rellllatively agnostic of the underlying transport, enabling a pure-UDP no-TCP transport option is a pretty realistic future also.
@metagorgon That's almost certainly true, I'd have to look a little more into how it does its encryption/where it gets its keys from.
I kinda haven't liked the predictive typeahead feature of Mosh when I've used it... I could see integrating it directly into Oxy anyway, for if people like it.
I like tmux/screen for the persistent session stuff, I'm pretty likely to make "attach to a tmux session" the default behavior in Oxy eventually
An important piece of context I'm not sure everybody has: OpenSSH is the single best piece of computer networking software ever made. It is the Swiss army knife of networking, an internet power user's chef's spatula.
I wanna make sure we're on the same page about this.
@lupine The kex happens symmetrically, and after the server accepts a long-term client key it presents a long-term server key, which proves the server identity like a host key does. The code as-it-is requires that the client already know that public key in advance also.
Someone building their own client could skip that step, but there's still the PSK that'd cause trouble for a man-in-the-middle.
@lupine No, the property hold even if you were to skip the knock step: in the key exchange step, the client presents an asymmetric key (the long-term client key). The server has pre-existing knowledge of all valid long-term client keys and will not accept ones it does not already know about.
The server is the one who has the prerogative to "be sloppy" at that step, but that's also where the auth happens.
It's authorized_keys and known_hosts at the same time.
@lupine There's no trick, really, you just... don't.
The trick is, users will not do any extra work once they have a thing working. So you make it so they have no recourse to get it working insecurely.
@lupine TOFU is solved by not doing TOFU. If the server isn't pre-existingly in possession of the public key presented by the client, the server will not talk to the client.
A broad audience of people who are going to yell at me and be mean, probably, but uh... we'll be immolated on that bridge as we cross it.
Look, there's a twitter reference in the infomercial, and I apologize for that. I'm pitching to a broad audience.
@vaartis @SarcasmKid Shrimps are pretty rich
@SarcasmKid before you make your skin turn pink
Detroit Literally Becomes Human (And Exacts Revenge On An America That Left It To Rot)
Please break unjust laws.
I want to find the college writing professor who held firm with his position of authority against me that "singular they is incorrect" and...
...make him understand? I don't know. I want him to not be the person who would "hold the line". I want people to not "hold the line" and stand up for "correctness" when "correctness" is wrong.
Hey, turns out toots have a "delete and re-draft" button. How 'bout that.
I understand that that's the whole premise of the thing, but like...
We shouldn't... let them feel like they're in charge.
They can have their "manual of style", but THEY ARE NOT ACTUALLY IN CHARGE. WE SHOULDN'T TREAT THEM LIKE THEY ARE IN CHARGE. THEY SHOULDN'T FEEL LIKE THEY ARE IN CHARGE.
What the fuck makes you believe you have the goddamn right to even have a fucking opinion on this subject.
"I just woke up one day and I was so fucking arrogant that I decided to be in charge of the rules of english, and here we are."
"But I am a generous god, I will make partial concessions to you lesser, pitiful people, from time to time."
Like idk, woo, you've been forcefully shoved off DEMANDING (their words:) "generic he", to the new position of singular they is "ALLOWED BUT NOT RECOMMENDED"
MTG templating finally dumped "he or she" for "they", and that's good shit right there (gOod sHit 💯 💯 ),
and anyway, because of that I wound up reading the Chicago Manual of Style's writup about their newly increased acceptance of singular they: http://cmosshoptalk.com/2017/04/03/chicago-style-for-the-singular-they/ ,
and it PISSES ME THE FUCK OFF????
