-
Rainer_Bielefeld
/msg NickServ IDENTIFY Rainer_Bielefeld AnItRaM64&
-
njsg
Rainer_Bielefeld: just in case you didn't notice the leading space above, better change your nickserv password
-
CaptainTobin
greetings WG9s
-
CaptainTobin
how goes it?
-
WG9s
doing OK here
-
WG9s
tryuing to keep the 2.53 nightly builds running and being archived to archive/ftp .mozilla.org
-
WG9s
and the relevant source as well if the builds work for all paltforms. i don;t update the source if it fails to build on any platform
-
WG9s
nor do i update where latest-253 goes
-
WG9s
so i upload builds even if they don;t allwork to nightly/yyyy/mm/<timestamp> but only update the source and rhere the 253-latest thing redirects to if all the builds work
-
WG9s
I think that makes sense but am welcome to other opinions
-
CaptainTobin
I am not looking forward to crapping out a release today explaining that Interlink is forced to drop oauth for google (and everything else really) because of Google's pay to play restrictions. I could offer a way for users to input their own oauth codes for private use but I would bet eventually Google would simply take steps to ban the client wholesale as that really is a sort of bypass of their intent to lock out everyone but their chosen vendors
-
CaptainTobin
who can pay.. One project was told they couldn't have a key at ANY price.. and google would still likely further restrict it in the future. Not to mention.. where google leads others follow so Microsoft and Verizon Media would likely follow suit.. Best to just get rid of it completely in one short sharp jab and be done with it even if it will make my client less useful to some.
-
CaptainTobin
SeaMonkey is lucky as you have permission to use the long standing key
-
CaptainTobin
I been needing to resolve this since I found out about the Thunderbird keys being hard coded in the provider's jsm but intended to get my own.. Now there seems little point to have it at all
-
CaptainTobin
so release today or tomorrow presenting a notification if the user has a google account setup then next scheduled release will just have oauth2 disabled at build time
-
CaptainTobin
I knew something like this would happen eventually the moment oauth2 left the web and started being shoehorned into other Internet Protocols
-
CaptainTobin
that and the push to shove other protocols into the web
-
CaptainTobin
and ftp was completely shunned
-
WG9s
CaptainTobin: I seemto have an issue where I think i will need to get a verizon business internet service so that I can jsut run my mailserver as godintended \
-
CaptainTobin
WG9s: I my self bought into the google do no evil lie back in 2010 .. if i had known then so there are bits of google i can't ever fully seperate from
-
WG9s
I have had it configured to use the gmailsmtpserver as a relay host but now that seems to require an application api login but you can;t do that if y9ou don;t turn on 2 factor auth for your account and i have no intention of doingthat becuase that would mean no way to acces mhy account if i don;t have mhy phone handy
-
WG9s
so I might go back to using my own squirrel mail on my linux box and give up on gmail
-
CaptainTobin
yeah so get an oauthkey that could be terminated at any time.. or give google more personal info and bind yourself to your likely android phone and make logging in even MORE difficult
-
WG9s
and bite the bullet and pay the extra for a business internet account instead of using the residential. this would also give me a staic IP address so would solve the issue of being down for a day or so everytime they re-subnet my neighborhood.
-
WG9s
I suppose I could go backto xfinity but would still have the no way to ahve my server send emails via a command line command
-
WG9s
with sfinity I had the same dhsp ip address for over 10years not so much with Verizon FIOS
-
CaptainTobin
WG9s: just get a cheap vps
-
CaptainTobin
I recommend afterburst
-
CaptainTobin
-
WG9s
problem is all of these crap services decide to block you connecting outbound to port 25 as what they term a security fix
-
WG9s
but if you pay extra for a business account I guess it is ok to spam people?
-
CaptainTobin
of course
-
CaptainTobin
business are allowed to spam
-
CaptainTobin
especially if the spam allows or links to something with google analytics
-
CaptainTobin
and has google ads
-
CaptainTobin
as long as you don't ever say anything bad about google, their partners, their advertisers, or have an opinion of any kind
-
WG9s
I am not sure this is intnetionally evil, it is just people trying to do security who have no clue!
-
CaptainTobin
WG9s: unintentional evil is the best evil because they can say it is unintentional and handwave it away as it continues
-
CaptainTobin
eventually it becomes normalized evil
-
CaptainTobin
and if you are very lucky
-
CaptainTobin
an industry standard!
-
WG9s
but current stupoidity is google is blocking connecting via smtp using your username and password so you have to use application api credentiols but you cant us application api credentials on an account that does not require 2 factor auth. the 2 things should be mutuallh exclusive
-
CaptainTobin
well an app password with 2fa OR an oauth key
-
CaptainTobin
but i BET for some scopes it will soon be.. 2fa is required to get an oauth key
-
CaptainTobin
else the oauth key may be compramised!
-
WG9s
well if that works I w ish they would post info on how to set it up.
-
CaptainTobin
it is documented
-
CaptainTobin
but not easy to find
-
CaptainTobin
anyone can get an unverified rate limited oauth key for personal use
-
CaptainTobin
until such time they kill it
-
WG9s
co you know how to do this? I might need to get my modem back connected to my land line so that I can use qpage. i use this to send alerts to my cell phone if my automated builds fial.
-
WG9s
fail
-
WG9s
I could got back to suing qpage for this
-
CaptainTobin
if you DO get verified you have to pay between 4500 to 75000 or more every year PLUS whenever they say you need to be re-evaluated and you have to pay that no matter what even if they reject you
-
WG9s
really?
-
CaptainTobin
yes
-
WG9s
OK so I think I would rather pay Verizon FIOS for the business acount and go back to using my own email and ditch gmail altogether
-
CaptainTobin
i would do the same if i was able
-
CaptainTobin
i currently am not
-
CaptainTobin
i want to
-
CaptainTobin
but yeah
-
WG9s
this is what I did before all the ISPs decided was a good idea to block oubound connction to port 25 on any host on all residentail accounts
-
WG9s
this would also fix the number of spam "Do you want to see my nude pics" emails i get on my gmail acount
-
CaptainTobin
well tls smtp auth gets around it
-
CaptainTobin
but also many ISPs don't want you running home servers of any kind
-
WG9s
back until someone sued someone they were blockin inbound connections to port 80 on riesidentiol accounts
-
WG9s
but for some reason not port 443
-
WG9s
things ISPs do that make no sense
-
WG9s_
and no my cat is sitting on my keyboard so had to move to here
-
CaptainTobin
why? to push the https everywhere agenda
-
CaptainTobin
if you make the entire web https even where it makes no sense you can add additional gatekeeper status
-
CaptainTobin
and with Google trying to become a CA
-
CaptainTobin
does this surprise you?
-
WG9s_
no becuase they were stupid and thought blocking port 80 was sufficint to block you from running home webserver. this is why I say a lot what they do is because they do not have a clue
-
WG9s
CaptainTobin: ac tually that is what prompted me to get a cert so I gould run heepts
-
WG9s
https
-
CaptainTobin
see
-
CaptainTobin
90% of the web has ZERO business being under https
-
CaptainTobin
half of that has no business having account services at all
-
WG9s
CaptainTobin: I also think a real issue with things like NordVPN. yes it is all encrypted before i gets to NORDVPN but these NORDVPN turkeys have access to all of you internet access unencrypted. Why is this a good thing?
-
CaptainTobin
why do people use tor when most if not all exit nodes have been compramised for a decade and the tor project administration was purged and replaced in 2013 with people connected to all the major tech companies
-
CaptainTobin
vpn isn't even a term in practice being used.. it is merely a proxy
-
WG9s
it works for work at home becuase the vpn termination point is at your company but not for general internet access
-
CaptainTobin
yes but nordvpn or any other providers are literal proxies NOT virtual private networks
-
CaptainTobin
not even using the same technology
-
WG9s
is kind of like a proxy but data is encrypted end to end beween your system and NordPVN but then it is decrypted there adn they have acces to whatever you did uncrypted and also between them and the server on the net ulness it was https to satrt with it is still unencrpted.