Re: Google uploading your plain text passwords

2021-06-11 Thread Jan Schaumann via NANOG 
William Herrin  wrote:
 
> It turns out that every password I allowed Chrome on Android to
> remember, it uploaded to Google. In plain text!!

Chrome does not store your passwords in plain text.
It encrypts them locally, on e.g. macOS using, I
think, a secret stored in the keychain under "Chrome
Safe Storage", on Windows using a similar API and
secret probably unlocked via your login credentials.

If you use your favorite internet search engine to
look for "how does Chrome store passwords", you'll
find the local sqlite file and more detailed
explanations.

-Jan

Re: "Permanent" DST

2022-03-15 Thread Jan Schaumann via NANOG 
Dave  wrote:
> Folks for most systems, this is a change to a single file. Not a really hard 
> thing to accomplish

Oh, hah, good one.

I twitch with mild PTSD thinking about the last time
there was change to DST in the US[1], and how
everybody quickly found out that e.g., Java,
databases, programming languages, etc. often ship
their own (poorly kept up to date) zonefiles different
from the OS's, and that was before un-updatedable IoT
systems became ubiquitous.

Change to a single file my foot.

-Jan

[1] 
https://en.wikipedia.org/wiki/Daylight_saving_time_in_the_United_States#2005%E2%80%932009:_Second_extension

Re: Google.com SSL cert issues

2022-09-21 Thread Jan Schaumann via NANOG 
Mark Stevens  wrote:
> Is anyone else getting the following error when trying to access any of
> google's services?
> SSL_ERROR_RX_RECORD_TOO_LONG

Isn't this usually a sign of a protocol mismatch?
I.e., TLS 1.3 vs TLS 1.2.

My money would be a MitM / middlebox / proxy that
messed up when your client tried to talk 1.3 to
Google, but the middlebox can't talk 1.3 and tried to
downgrade or something like that.

-Jan

Re: New addresses for b.root-servers.net

2023-06-01 Thread Jan Schaumann via NANOG 
Robert Story  wrote:
> 
> USC/ISI is renumbering both its IPv4 and IPv6 addresses for
> b.root-servers.net on 2023-11-27. Our new IPv4 address will be
> 170.247.170.2 and our new IPv6 address will be 2801:1b8:10::b.
> USC/ISI will continue to support root service over our current IPv4 and
> IPv6 addresses for at least one year (until 2024-11-27) in order to
> provide a stable transition period while new root hints files are
> distributed in software and operating system packages.

I know it says "at least", but support for the old
addresses for only one year seems like a very short
time in this context.  I hope USC/ISI will be able to
keep the old addresses functional for much longer.

-Jan