See: Dunning–Kruger effect or "Obliviot".
181 posts • joined 28 Sep 2009
What I'm not happy about is the browser authors refusing to bake DANE into browsers which is what is holding up DNSSEC.
You're in a position to do some forensic journalism and find out exactly why that is. Are they being handed cash by their CA mates to kill it off?
What is SSAC's view of the matter?
Errrr, you CAN have a DNS record that shares your public key. It's called DNSSEC and it's running right now.
I have it all set up, but browser's still complain because DANE isn't baked in because the big browser owners don't want to lose control.
ICANN and their SSAC should be complaining loudly but they're too busy feathering their own nests with the very browser writers that are the problem. Allegedly.
The tech is already there.
It's called DNSSEC and DANE. No need to go to LetsEncrypt (who are owned by...?)
The only thing holding up DANE are the browser manufacturers who refuse to bake it into their code.
High time TheReg went to them and asked them "why the hell not?"
"Practically any domain name that expires is immediately taken over by domain hoarders looking to monetize it in some way"
Correction. Practically every domain that expires is hijacked by the Registrar utilised by the domain owner, who then resets the DNS to their own and counts the traffic in order to monetise the domain and then auction it off prior to the time limit when they're supposed to release (delete) the domain.
Registrars like doing this because they usually get to keep the domain under their control (which is anti-competitive) and make a LOT more money at auction than they would if it was deleted and re-registered. ICANN, of course, has turned a blind eye to this matter.
Blame the webmasters. Too lazy to run webstats locally, helped spread the googleanalytics virus. Likewise "tagmanager", fonts and a multitude of JS nonsense. Then adsense/adwords. And they all signed up to webmaster tools and did exactly what google told them to do HTML-wise.
Then along came chrome and it's game, set, match.
I survived Wilma (Cat 5) in Cancun. It went right over us. Mexican houses are concrete block (including roof) so hold out a lot better in hurricanes. Not so good in earthquakes.
Only 2 deaths IIRC, both ventured outside during the high winds, one got nailed by a flying sheet of iron, the other by a downed power conductor.
In fact it's become some a huge mess that Verisign, having successfully applied for 12 transliterations of .com and .net, have only launched two of them - .コム for Japan and .닷컴/.닷넷 for Korea - and that was over a year ago. They have abandoned launching the rest. That would make for an interesting article in itself- why would a powerhouse like Verisign not be able to handle launching the lot of them at the same time, given they're for completely different markets?
With the launch of IDN equivalent TLD's for CNO along with the newGTLD's, ICANN had an ideal opportunity to fix this problem for good. Instead they made it worse.
What should have happened: Complete banning of mixing scripts between levels. All IDN's in CNO should have been moved over to their equivalent IDN newGTLD (eg cyrillic .com's should have been grandfathered over to .ком, etc,) and the system returned to only ASCII registrations allowed in the plain old ASCII CNO TLD's.
Instead, ICANN sat on it's hands and even let mixed scripts proliferate into the ASCII new GTLD's! So now you can register chinese scripts in .xyz. How useful.
SSAC were asleep at the wheel.
But don't get me started.
Or just wait a few years and watch it on Freeview.
I'm a few seasons behind on GoT etc etc. I care not.
I stopped following F1 when it disappeared from TV3 in NZ and went to Sky where you have to pay for an entire sports channel which is 60 bloody percent rugby, just to watch ~16 F1 races each year. No thanks.
I'm not paying for bundles just to watch a few shows. Sod that.
Blame must be shared with the browser writers that sold out to the google search home page, and all the silly webmasters enslaved to google analytics (and thus giving away all their visitors information to google) - along with google tag manage, google fonts etc etc.
Oh and all the facebook/google etc "like this page" icons that are served from the data slurpers servers instead of locally.
"So if you shopped online around November last year, and you get a note from one of the 40 affected websites confessing your payment card details were stolen, you know who to blame.
Aptos, its CEO Noel Goggin, and his team."
A software company, whose "Technology Leader" is right down the bottom of the "leader list", below the "Growth Leader" and the "Strategy Leader".
Give you an idea of what his security budget level was. Surprise.
Along with lazy plug-in devs who attach unneeded CSS and JS files, leading to wordpress websites that download sometimes 100 or more .css and .js files full of unused code.
Which is why people have to go out and get a faster computer or more RAM just to get a website to function half-pie decently.
But don't get me started. The entire WordPress system is a dog's breakfast.
"Note the big clickable Google Map and the “spelling correction” suggested by Google, both prominently above the actual Streetmap result"
Bzzzzt. That's not a spelling correction SUGGESTED by Google. Google has APPLIED their spelling correction suggestion and produced results for "aspley guise street map" and the user has to click the link to get the search they asked for.
In this case, that's an important point. It's actually a "Street map" result.
I wonder if they do automatic spelling corrections on fcuk? No I thought not.
Biting the hand that feeds IT © 1998–2019