libera/#maemo/ Tuesday, 2019-02-12

WikiwideIf there is a problem (and I don't think there should be), then Qml-browser defaults to duckduckgo, regardless of searchengines.04:00
WikiwideI don't know where order of search engines is hijacked to have DuckDuckGo always at the first place in the list?04:11
WikiwideCould be in the binary.04:11
Vajbhuh, I might have fixed my device.09:43
Vajbas simple as bending those golden leaf springs slightly backwards.09:44
Vajbin sim slot09:44
KotCzarnywhich one?09:45
KotCzarnythose 6 that touch sim?09:45
siceloyes09:45
KotCzarnymight do that as well, i guess09:45
Vajball seven09:46
KotCzarnyi guess fix didnt work 100%09:50
KotCzarny:>09:50
sicelohaha09:51
KotCzarny:)09:53
Vajbdo you happen to know my good frien Mr. Murphy? :p09:58
KotCzarnywe do.10:03
KotCzarny;)10:03
KotCzarnyseems worse than ever?10:09
KotCzarny:)10:09
Vajbthis is kind of amazing problem. It works for few hours and all of sudden stops working10:19
sicelowhat operator is this?10:19
Vajbbut there was external event which triggered it10:19
VajbElisa10:19
VajbFinnish operator10:20
siceloexternal event?10:20
Vajbexternal thing that I refered to was that I came back in after spending half an hour outside10:20
Vajbtemperature change from -1 to +2310:21
inzYour sim card is trying to tell you to spend more time in the great outdoors.10:21
VajbI think I will bend those spingy things a bit more since it helped some10:21
KotCzarnyhow much charged is your battery?10:23
KotCzarnycurrently10:23
sicelowhat is the problem by the way? non-working internet, or no gsm connection at all?10:24
KotCzarnyin my case 'cellular network not available' and sometimes 'no sim'10:25
KotCzarnybut i suspect sim troubles10:25
KotCzarnysince the card itself is old10:25
sicelooh you still have issues KotCzarny as well :-010:27
KotCzarnywell, no-sim problem stopped10:27
KotCzarnybut in last few weeks it happened 2-3 times10:27
Kabouik_Hey lads, is there anything in the works regarding the SSL certificate of TMO?16:11
Kabouik_My website with probably 1000 times fewer daily visits than TMO still is on https. Why is it not deemed important for TMO?16:13
Kabouik_"Most users ever online was 14,978, 11-29-18 at 23:08."16:15
Kabouik_Erratum, 15000 fewers visits on my website. :> By the way, not sure what happened on Nov. 29th, but it's great to see that the record was so recently. Probably a spambot wave though, I reckon.16:15
KotCzarnymaybe bot attack16:16
KotCzarnywho knows16:16
KotCzarnyor some maemo-leste announcement hit the media16:16
KotCzarnyas for https, whats the gain?16:18
KotCzarnyapart from used server resources16:18
KotCzarnygive 3 real points16:18
KotCzarny(for tmo)16:18
Kabouik_To be honest I didn't even think SSL should be debated, I believe it's a security standard and should not be a question when a site gathers so many people. But I am not an admin, nor a professional in this topic, I might be wrong.16:19
Kabouik_I'm afraid Leste hitting the media wouldn't attract 15k people, unfortunately ;p16:20
KotCzarnyagain, im against doing anything just because everyone does it and creates a fad16:20
KotCzarnyif admins had some real advantage to go full ssl, they would do it16:20
Kabouik_It is not just because everyone uses it, browsers also start to complain/warn when they see something non-ssl, and the security of users should be the primary priority, even when they could just check whether the URL they typed is correct16:21
KotCzarnyyou dont understand security16:22
Kabouik_I might not, I acknowledged16:22
KotCzarnyit's not about 'i dont wanna see anyone seeing me doing things'16:22
Kabouik_I know16:22
KotCzarnybecause if you were highprofile target, ssl wont help16:23
Kabouik_That is not what I had in mind16:23
KotCzarnyas your computer/os is bugged16:23
KotCzarnyso what is the security you are talking?16:23
KotCzarnyyou can set login page in bookmarks to be https16:23
KotCzarnybut then?16:23
KotCzarnysure, there is one point of mitm injection attacks16:24
Kabouik_I just believe a website drawing hundreds of users a day should not be flagged as "not secure" by most browsers, and I don't believe the putative costs of going https overweigh the benefits of having a website recognized as genuine16:24
KotCzarnyso basically, you are complaining because your browser is complaining16:25
Kabouik_No I am not complaining16:25
KotCzarnyand not because you know what is it about?16:25
Kabouik_I am asking why it is not deemed relevant for TMO.16:25
sixwheeledbeastWhats up with the cert it's TLS1.2 with LE and expires in May?16:26
Kabouik_On top of that, as I said I don't know much about administrating a website or security, but I happen to have a website with a SSL certificate. It is not much, but I am sure the majority of TMO users don't, and they will probably be more concerned about browsers flagging the website as "Not secure" than I am after checking the URL. Assuming everyone knows about http/https and can make an educated assessment of the real situation after checking the full16:27
Kabouik_URL would be an issue, and I don't think browser warnings should be overlooked.16:27
Kabouik_Because those warnings they do concern people, including TMO users.16:28
sixwheeledbeastwarnings?16:29
Kabouik_Err, sorry I edited my sentence and left some words out of place.16:29
Kabouik_https://0x0.st/zz_6.png16:30
Kabouik_But well, I see if I type https:// that TMO does have a certificate16:31
Kabouik_It just doesn't automatically redirects to https16:31
Kabouik_What is the benefit of that?16:32
sixwheeledbeastSo use 443 instead of 80?16:32
sixwheeledbeast^ exactly16:32
Kabouik_But why?16:32
sixwheeledbeastBecause Midgard16:32
sixwheeledbeast~midgard16:32
infobotA PHP Application Server Suite - Web building with Web-based tools. URL: http://www.midgard-project.org/16:32
sixwheeledbeastI use HTTPS Everywhere so never have this issue16:33
Kabouik_I don't know how I ended up on the http version of TMO honestly, but I assumed I should have been redirected to https if it existed16:33
Kabouik_Probably just typed "talk.maemo.org" in the address field16:34
KotCzarnyi think login page redirects to http16:34
KotCzarnyafter successful login16:34
Kabouik_That might be it, I logged in today16:35
Kabouik_I am not sure what are the benefits of leading people to the http urls if there are https ones16:35
KotCzarnyserver load16:35
KotCzarnyin old times it was an issue16:35
Kabouik_Alright, I see16:36
sixwheeledbeastIt something that is not easy to fix it's been requested before many times over the years.16:36
KotCzarnyso its more a legacy from ancient times16:36
Kabouik_Well anyway, sorry for the noise, I was just bothered by this "not secure" label since a few days but didn't realize the website had a proper certificate16:36
Kabouik_I guess it would be best indeed if users were always on https, it would be less confusing and wouldn't raise any question about whether the website is actively maintained16:37
KotCzarnykeep in mind new certs might kill n900's browser :P16:38
KotCzarnyso 'always on https' might not be the best idea16:38
sixwheeledbeastEven HTTPS Everywhere shows the site has (partial HTTPS). It's something that would be nice to fix but not simple with everything being tied into midgard and volunteer staff keeping it running.16:38
sixwheeledbeastThat too N900 compatibility is another thought.16:39

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!