09:44:57 /msg NickServ IDENTIFY Rainer_Bielefeld AnItRaM64& 09:56:27 Rainer_Bielefeld: just in case you didn't notice the leading space above, better change your nickserv password 19:42:54 greetings WG9s 19:43:00 how goes it? 19:43:23 doing OK here 19:44:05 tryuing to keep the 2.53 nightly builds running and being archived to archive/ftp .mozilla.org 19:44:33 and the relevant source as well if the builds work for all paltforms. i don;t update the source if it fails to build on any platform 19:44:47 nor do i update where latest-253 goes 19:45:40 so i upload builds even if they don;t allwork to nightly/yyyy/mm/ but only update the source and rhere the 253-latest thing redirects to if all the builds work 19:46:06 I think that makes sense but am welcome to other opinions 19:48:16 I am not looking forward to crapping out a release today explaining that Interlink is forced to drop oauth for google (and everything else really) because of Google's pay to play restrictions. I could offer a way for users to input their own oauth codes for private use but I would bet eventually Google would simply take steps to ban the client wholesale as that really is a sort of bypass of their intent to lock out everyone but their chosen vendors 19:48:16 who can pay.. One project was told they couldn't have a key at ANY price.. and google would still likely further restrict it in the future. Not to mention.. where google leads others follow so Microsoft and Verizon Media would likely follow suit.. Best to just get rid of it completely in one short sharp jab and be done with it even if it will make my client less useful to some. 19:48:41 SeaMonkey is lucky as you have permission to use the long standing key 19:49:27 I been needing to resolve this since I found out about the Thunderbird keys being hard coded in the provider's jsm but intended to get my own.. Now there seems little point to have it at all 19:51:15 so release today or tomorrow presenting a notification if the user has a google account setup then next scheduled release will just have oauth2 disabled at build time 19:51:47 I knew something like this would happen eventually the moment oauth2 left the web and started being shoehorned into other Internet Protocols 19:52:05 that and the push to shove other protocols into the web 19:52:23 and ftp was completely shunned 19:52:46 CaptainTobin: I seemto have an issue where I think i will need to get a verizon business internet service so that I can jsut run my mailserver as godintended \ 19:53:56 WG9s: I my self bought into the google do no evil lie back in 2010 .. if i had known then so there are bits of google i can't ever fully seperate from 19:54:12 I have had it configured to use the gmailsmtpserver as a relay host but now that seems to require an application api login but you can;t do that if y9ou don;t turn on 2 factor auth for your account and i have no intention of doingthat becuase that would mean no way to acces mhy account if i don;t have mhy phone handy 19:54:52 so I might go back to using my own squirrel mail on my linux box and give up on gmail 19:55:09 yeah so get an oauthkey that could be terminated at any time.. or give google more personal info and bind yourself to your likely android phone and make logging in even MORE difficult 19:55:58 and bite the bullet and pay the extra for a business internet account instead of using the residential. this would also give me a staic IP address so would solve the issue of being down for a day or so everytime they re-subnet my neighborhood. 19:56:52 I suppose I could go backto xfinity but would still have the no way to ahve my server send emails via a command line command 19:57:24 with sfinity I had the same dhsp ip address for over 10years not so much with Verizon FIOS 19:57:29 WG9s: just get a cheap vps 19:57:35 I recommend afterburst 19:58:06 https://afterburst.com/unmetered-vps/ 19:58:21 problem is all of these crap services decide to block you connecting outbound to port 25 as what they term a security fix 19:58:44 but if you pay extra for a business account I guess it is ok to spam people? 19:58:52 of course 19:59:04 business are allowed to spam 19:59:25 especially if the spam allows or links to something with google analytics 19:59:39 and has google ads 20:00:02 as long as you don't ever say anything bad about google, their partners, their advertisers, or have an opinion of any kind 20:00:49 I am not sure this is intnetionally evil, it is just people trying to do security who have no clue! 20:01:42 WG9s: unintentional evil is the best evil because they can say it is unintentional and handwave it away as it continues 20:02:10 eventually it becomes normalized evil 20:02:14 and if you are very lucky 20:02:21 an industry standard! 20:02:55 but current stupoidity is google is blocking connecting via smtp using your username and password so you have to use application api credentiols but you cant us application api credentials on an account that does not require 2 factor auth. the 2 things should be mutuallh exclusive 20:03:22 well an app password with 2fa OR an oauth key 20:04:08 but i BET for some scopes it will soon be.. 2fa is required to get an oauth key 20:04:16 else the oauth key may be compramised! 20:04:37 well if that works I w ish they would post info on how to set it up. 20:04:51 it is documented 20:04:57 but not easy to find 20:05:14 anyone can get an unverified rate limited oauth key for personal use 20:05:19 until such time they kill it 20:05:25 co you know how to do this? I might need to get my modem back connected to my land line so that I can use qpage. i use this to send alerts to my cell phone if my automated builds fial. 20:05:31 fail 20:05:50 I could got back to suing qpage for this 20:06:00 if you DO get verified you have to pay between 4500 to 75000 or more every year PLUS whenever they say you need to be re-evaluated and you have to pay that no matter what even if they reject you 20:06:18 really? 20:06:21 yes 20:06:59 OK so I think I would rather pay Verizon FIOS for the business acount and go back to using my own email and ditch gmail altogether 20:07:17 i would do the same if i was able 20:07:31 i currently am not 20:07:34 i want to 20:07:38 but yeah 20:08:28 this is what I did before all the ISPs decided was a good idea to block oubound connction to port 25 on any host on all residentail accounts 20:09:49 this would also fix the number of spam "Do you want to see my nude pics" emails i get on my gmail acount 20:10:06 well tls smtp auth gets around it 20:10:28 but also many ISPs don't want you running home servers of any kind 20:13:32 back until someone sued someone they were blockin inbound connections to port 80 on riesidentiol accounts 20:13:44 but for some reason not port 443 20:13:54 things ISPs do that make no sense 20:14:54 and no my cat is sitting on my keyboard so had to move to here 20:15:54 why? to push the https everywhere agenda 20:16:26 if you make the entire web https even where it makes no sense you can add additional gatekeeper status 20:16:34 and with Google trying to become a CA 20:16:39 does this surprise you? 20:16:57 no becuase they were stupid and thought blocking port 80 was sufficint to block you from running home webserver. this is why I say a lot what they do is because they do not have a clue 21:24:11 CaptainTobin: ac tually that is what prompted me to get a cert so I gould run heepts 21:24:23 https 21:24:32 see 21:24:47 90% of the web has ZERO business being under https 21:25:01 half of that has no business having account services at all 21:28:04 CaptainTobin: I also think a real issue with things like NordVPN. yes it is all encrypted before i gets to NORDVPN but these NORDVPN turkeys have access to all of you internet access unencrypted. Why is this a good thing? 21:29:20 why do people use tor when most if not all exit nodes have been compramised for a decade and the tor project administration was purged and replaced in 2013 with people connected to all the major tech companies 21:29:44 vpn isn't even a term in practice being used.. it is merely a proxy 21:30:46 it works for work at home becuase the vpn termination point is at your company but not for general internet access 21:31:30 yes but nordvpn or any other providers are literal proxies NOT virtual private networks 21:31:38 not even using the same technology 21:32:18 is kind of like a proxy but data is encrypted end to end beween your system and NordPVN but then it is decrypted there adn they have acces to whatever you did uncrypted and also between them and the server on the net ulness it was https to satrt with it is still unencrpted.