paritybit.ca

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 1902211526c2d2cf96e117568f928fb010e50143
parent b5690795ee9961ae671010f6603cfe00d656239d
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Wed, 15 Jul 2020 23:32:17 -0400

Publish new blog post

Diffstat:
Mpages/blog.md | 1+
Apages/blog/be-a-good-netizen.md | 80+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mpages/home.md | 4++--
Mpublic/feeds/sitewide-feed.xml | 43+++++++++++++++++++++++++++++++++++++++++++
Apublic/img/cisco-ssl-error-thumb.png | 0
Apublic/img/cisco-ssl-error.png | 0
Apublic/img/firefox-settings-thumb.png | 0
Apublic/img/firefox-settings.png | 0
Apublic/img/reporting-cisco-error-thumb.png | 0
Apublic/img/reporting-cisco-error.png | 0
Mpublic/sitemap.xml | 1+
11 files changed, 127 insertions(+), 2 deletions(-)

diff --git a/pages/blog.md b/pages/blog.md @@ -27,6 +27,7 @@ href="https://social.paritybit.ca/@jbauer">Mastodon</a>. ### 2020 <ul> + <li>2020-07-15 <a href="blog/be-a-good-netizen">Be A Good Netizen</a></li> <li>2020-07-14 <a href="blog/debian-with-btrfs">Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</a></li> <li>2020-07-13 <a href="blog/using-rm-with-trash">Using the "rm" Command with Trash</a></li> <li>2020-07-13 <a href="blog/new-desktop-checklist">New Desktop Checklist</a></li> diff --git a/pages/blog/be-a-good-netizen.md b/pages/blog/be-a-good-netizen.md @@ -0,0 +1,80 @@ +## Be A Good Netizen + +[//]: # "Since my post for today is taking longer than expected, I want to share this story to encourage others to be good netizens." + +[//]: # "main.min.css" + +[//]: # + +<div class="byline"> +<b>Written By:</b> Jake Bauer | + <b>Posted:</b> 2020-07-15 | + <b>Last Updated:</b> 2020-07-15 +</div> + +I was working on my post for today and since that's taking a little longer than +expected, I figured I'd tell this story in the hopes that it gets more people to +do the same when they encounter a situation like this. + +A [toot about some recent Cisco +vulnerabilities](https://social.paritybit.ca/web/statuses/104521055804587168) +caught my attention. I'm used to seeing Cisco vulnerabilities, but what I +wasn't used to was the following SSL connection error I encountered when trying +to view the advisories: + +<figure> + <a href="/img/cisco-ssl-error.png"><img src="/img/cisco-ssl-error-thumb.png" + alt="A tab in Mozilla Firefox showing an attempt to connect to + tools.cisco.com with the following error message: Secure Connection Failed + An error occurred during a connection to tools.cisco.com. Peer attempted old + style (potentially vulnerable) handshake. Error code: + SSL_ERROR_UNSAFE_NEGOTIATION The page you are trying to view cannot be shown + because the authenticity of the received data could not be verified."/></a> +</figure> + +Which I was only alerted to when I shared this link with a friend, and he told +me about the following settings (which I have since activated) in Firefox: + +<figure> + <a href="/img/firefox-settings.png"><img + src="/img/firefox-settings-thumb.png" alt="Mozilla Firefox's about:config + page showing the settings 'security.ssl.require_safe_negotiation' and + 'security.ssl.treat_unsafe_negotation_as_broken' both set to true."/></a> +</figure> + +When those settings are activated (technically only the first is strictly +necessary to prevent connections to broken sites) they will stop the browser from +connecting to websites with broken SSL negotiation. This is a [fairly +significant issue](https://wiki.mozilla.org/Security:Renegotiation) so it's good +to have those settings activated. + +[I poked fun at Cisco in a response to the original +toot](https://social.paritybit.ca/web/statuses/104521184568713589) because... +well... how does a company this large which specializes in networking and +network security equipment allow something like this to happen, especially on +their security advisories page? + +However, the moral of this story (aside from turning on those settings in +Firefox), is: when something is broken be a good +[netizen](https://www.merriam-webster.com/dictionary/netizen) and let the +siteowners know; things can't be fixed if they don't know about it. I submitted +the following report to Cisco letting them know of the problem: + +<figure> + <a href="/img/reporting-cisco-error.png"><img + src="/img/reporting-cisco-error-thumb.png" alt="A Cisco general contact page with + a filled out contact form. The form is filled out with information relating + to the SSL error I experienced when previously trying to connect to + tools.cisco.com. Also filled in is my email address, my name, and the link + that I was trying to access. On the right is a set of radio buttons labelled + 'Page rating' with the least favourable option 'Poor minus minus' + selected."/></a> +</figure> + +If you come across something like this in the future, I hope you too will be a +good netizen and do the right thing! + +_This is my seventy-second post for the +[#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload) +challenge. You can learn more about this challenge over at +[https://100daystooffload.com](https://100daystooffload.com)._ diff --git a/pages/home.md b/pages/home.md @@ -18,6 +18,8 @@ This site will soon™️ be available over Gopher and Gemini. <a class="rss-icon" href="/feeds/sitewide-feed.xml"> <img src="/img/feed-icon.png" width="15" height="15" alt="Click for RSS Feed"/> </a> </div> +2020-07-15 <a class="feed-item" href="blog/be-a-good-netizen">Be A Good Netizen</a> + 2020-07-14 <a class="feed-item" href="blog/debian-with-btrfs">Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</a> 2020-07-13 <a class="feed-item" href="blog/using-rm-with-trash">Using the "rm" Command with Trash</a> @@ -35,8 +37,6 @@ This site will soon™️ be available over Gopher and Gemini. 2020-07-08 <a class="feed-item" href="blog/my-todo-solution">My TODO Solution</a> 2020-07-07 <a class="feed-item" href="blog/are-todo-applications-a-waste-of-time">Are TODO Applications a Waste of Time?</a> - -2020-07-06 <a class="feed-item" href="blog/improving-blog-searching">Improving Blog Searching</a> ### What is a Parity Bit? It is a bit (in the 1's and 0's sense) used in checking for errors in digital diff --git a/public/feeds/sitewide-feed.xml b/public/feeds/sitewide-feed.xml @@ -7,6 +7,49 @@ <description>The feed that covers all notable additions, updates, announcements, and other changes for the entire paritybit.ca website.</description> <item> + <title>Be A Good Netizen</title> + <link>https://www.paritybit.ca/blog/be-a-good-netizen</link> + <guid>https://www.paritybit.ca/blog/be-a-good-netizen</guid> + <pubDate>Wed, 15 Jul 2020 23:26:40 -0400</pubDate> + <description><![CDATA[<h2 id="be-a-good-netizen">Be A Good Netizen</h2> +<div class="byline"> +<p><b>Written By:</b> Jake Bauer | <b>Posted:</b> 2020-07-15 | <b>Last Updated:</b> 2020-07-15</p> +</div> +<p>I was working on my post for today and since that’s taking a little longer than expected, I figured I’d tell this story in the hopes that it gets more people to do the same when they encounter a situation like this.</p> +<p>A <a href="https://social.paritybit.ca/web/statuses/104521055804587168">toot about some recent Cisco vulnerabilities</a> caught my attention. I’m used to seeing Cisco vulnerabilities, but what I wasn’t used to was the following SSL connection error I encountered when trying to view the advisories:</p> +<figure> +<a href="/img/cisco-ssl-error.png"><img src="/img/cisco-ssl-error-thumb.png" + alt="A tab in Mozilla Firefox showing an attempt to connect to + tools.cisco.com with the following error message: Secure Connection Failed + An error occurred during a connection to tools.cisco.com. Peer attempted old + style (potentially vulnerable) handshake. Error code: + SSL_ERROR_UNSAFE_NEGOTIATION The page you are trying to view cannot be shown + because the authenticity of the received data could not be verified."/></a> +</figure> +<p>Which I was only alerted to when I shared this link with a friend, and he told me about the following settings (which I have since activated) in Firefox:</p> +<figure> +<a href="/img/firefox-settings.png"><img + src="/img/firefox-settings-thumb.png" alt="Mozilla Firefox's about:config + page showing the settings 'security.ssl.require_safe_negotiation' and + 'security.ssl.treat_unsafe_negotation_as_broken' both set to true."/></a> +</figure> +<p>When those settings are activated (technically only the first is strictly necessary to prevent connections to broken sites) they will stop the browser from connecting to websites with broken SSL negotiation. This is a <a href="https://wiki.mozilla.org/Security:Renegotiation">fairly significant issue</a> so it’s good to have those settings activated.</p> +<p><a href="https://social.paritybit.ca/web/statuses/104521184568713589">I poked fun at Cisco in a response to the original toot</a> because… well… how does a company this large which specializes in networking and network security equipment allow something like this to happen, especially on their security advisories page?</p> +<p>However, the moral of this story (aside from turning on those settings in Firefox), is: when something is broken be a good <a href="https://www.merriam-webster.com/dictionary/netizen">netizen</a> and let the siteowners know; things can’t be fixed if they don’t know about it. I submitted the following report to Cisco letting them know of the problem:</p> +<figure> +<a href="/img/reporting-cisco-error.png"><img + src="/img/reporting-cisco-error-thumb.png" alt="A Cisco general contact page with + a filled out contact form. The form is filled out with information relating + to the SSL error I experienced when previously trying to connect to + tools.cisco.com. Also filled in is my email address, my name, and the link + that I was trying to access. On the right is a set of radio buttons labelled + 'Page rating' with the least favourable option 'Poor minus minus' + selected."/></a> +</figure> +<p>If you come across something like this in the future, I hope you too will be a good netizen and do the right thing!</p> +<p><em>This is my seventy-second post for the <a href="https://social.paritybit.ca/tags/100DaysToOffload">#100DaysToOffload</a> challenge. You can learn more about this challenge over at <a href="https://100daystooffload.com">https://100daystooffload.com</a>.</em></p>]]></description> + </item> +<item> <title>Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</title> <link>https://www.paritybit.ca/blog/debian-with-btrfs</link> <guid>https://www.paritybit.ca/blog/debian-with-btrfs</guid> diff --git a/public/img/cisco-ssl-error-thumb.png b/public/img/cisco-ssl-error-thumb.png Binary files differ. diff --git a/public/img/cisco-ssl-error.png b/public/img/cisco-ssl-error.png Binary files differ. diff --git a/public/img/firefox-settings-thumb.png b/public/img/firefox-settings-thumb.png Binary files differ. diff --git a/public/img/firefox-settings.png b/public/img/firefox-settings.png Binary files differ. diff --git a/public/img/reporting-cisco-error-thumb.png b/public/img/reporting-cisco-error-thumb.png Binary files differ. diff --git a/public/img/reporting-cisco-error.png b/public/img/reporting-cisco-error.png Binary files differ. diff --git a/public/sitemap.xml b/public/sitemap.xml @@ -3,6 +3,7 @@ <url><loc>https://www.paritybit.ca</loc></url> <url><loc>https://www.paritybit.ca/home</loc></url> <url><loc>https://www.paritybit.ca/blog</loc></url> + <url><loc>https://www.paritybit.ca/blog/be-a-good-netizen</loc></url> <url><loc>https://www.paritybit.ca/blog/debian-with-btrfs</loc></url> <url><loc>https://www.paritybit.ca/blog/using-rm-with-trash</loc></url> <url><loc>https://www.paritybit.ca/blog/new-desktop-checklist</loc></url>