Erin
@erincandescent@queer.af
I mean, to be fair, you should probably question the decisions that lead you to this point if you're including <gcrypt.h> alone in your source file, but combining it with sodium just takes the biscuit
> #include <gcrypt.h>
> #include <sodium.h>
I'm sorry, but when your source file includes two different cryptography libraries, you should perhaps question the decisions that lead you to this point.
Especially if this is to implement one algorithm
---
RT @dfaranha
@SoatokDhole @XorNinja We actually tracked it down to calling libgcrypt: https://git.gnunet.org/gnunet.git/tree/src/util/crypto_ecc.c
https://twitter.com/dfaranha/status/1281253651915386880
This is by far one of the bits of engineering I find most fun, by the way!
If someone offered me a job as "debugger of gnarly bugs and production incidents", I'd be very tempted by it!
---
RT @erincandescent
The emergent behaviour of distributed systems is complex and amazing and so much fun to debug.
At work I just debugged and fixed a problem which someone introduced to our codebase back in August 2017 - nearly 3 years ago!
https://twitter.com/erincandescent/status/1281280157073002496
There's a Thunderbolt 4 now?!
It's... also 40gbit/s?
I'm sure there's no way that any confusion could result from this
So, can I politely request a "remind me tomorrow" action which works in "human mental time", that squishy notion linked to sleep cycles but where in practice the cutoff no earlier than 5am?
And occasionally I set one of these past midnight without noticing, and I get a bit confused the next day (I had a vague memory of a thing, but it's not there?), and sometimes it's late the day after
But what I'm really using this feature for is "please stick this reminder into my queue for me to look at after I sleep". I don't really care about the 9am bit, it's just before I normally check slack
But in practice that's never what I want. And I confess I don't know what the right cutoff is - 9am? 8am? 7am? I've never used this reminder early in the morning
Like, I realise that if I ask you to remind me of something tomorrow, and it's 00:01 AM on Tuesday, that does strictly mean Wednesday. And so it dutifully sets a reminder for 9AM on Wednesday
But also, as someone who's a bit of a night owl and also sometimes suffers from insomnia, I must say that it's definition of "tomorrow" is a tad... Pedantic?
Dear @SlackHQ,
As a strategy for dealing with an incredibly busy workspace, I make heavy use of the reminders feature; especially the Remind Me Tomorrow one to defer things to the next morning
Mailgun and SES require verification before sending. Sendgrid is the odd one out here, in a way which opens your users up for phishing
@SendGrid, you can and should do better
---
RT @bradleyjkemp
@erincandescent Both Mailgun and SES require verification for all domains before you can send
https://help.mailgun.com/hc/en-us/articles/360026833053-Domain-Verification-Walkthrough
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verβ¦
https://twitter.com/bradleyjkemp/status/1278462983354617857
(I'm not aware of if either Mailgun or Amazon SES allow these sorts of things to take place; Sendgrid are at fault here)
But realistically Sendgrid are being negligent here in not preventing these sorts of cross customer attacks
They're in a privileged position as an SPF/DKIM permitted sender for people's domains; they should be doing better for their customers
We saw fraudsters doing the same thing a little while ago at @monzo. We turned on strict DMARC to fix it; GitHub should do the same; it protects against other types of attack
Hey @github
Why do you have DMARC disabled on your domain?
Hey @SendGrid
1. Why do you allow a customer to place a different customer's domain in the mail's From header?
and/or
2. Why do you share DKIM keys between customers? If you used differing ones, DKIM verification would have failed here
---
RT @glenmaddern
@1Password This is what the headers look like in gmail btw:
https://twitter.com/glenmaddern/status/1278333730977918976
I appreciate the confluence of circumstance that means that despite none of my friends ever having watched Initial D, they all know Running in the 90s and appreciate and supply me with memes
---
RT @SakanaSenpaii
I am wake now
https://twitter.com/SakanaSenpaii/status/1277877196753965056
Edit: my number is obviously wrong. It's 2.9m
