-
tomman
-
CaptainTobin
i said that before tomman
-
CaptainTobin
over and over ust the other day
-
njsg
also if anyone from the palemoon forum reads this: ray ids should also show up as headers in requests
-
njsg
I'm not even sure if turnstile has the capability of showing ray IDs, I've only seen these in the full-screen browser integrity check
-
njsg
(or is that one broken too now?)
-
tomman
njsg: as I've said, I get no ray ID from my bank failpage :/
-
tomman
however I haven't peeked at the requests
-
tomman
other than one request going 403, but according to whatever crap they log on the console, a 403 may be "normal"
-
tomman
forum.palemoon.org/viewtopic.php?f=…99af2ed558a6c6c824&start=20#p249812 oooh, ClownFart closed the ticket from Moonchild over completely unrelated reasons
-
tomman
yaaaaaay~
-
tomman
CLOSED WONTFIX SUSPICIOUSACTIVITY
-
tomman
OK, need to find a "Clownfart is the enemy of the free Internet" blogpost not written by a nutcase, and THEN I'll have more than enough material to start penciling my formal complaint letter to my bank over this pathetic episode
-
tomman
the problem is that half of the letter will be full of links, and most likely I face the bank rejecting it over "we won't click on those links for SEKURITAH reasons"
-
tomman
but no problemo, the banking regulator told me to bug them again if they tried to play silly
-
tomman
ah no, it's the bank CF's challenge page returning a 403, but instead CF's expected error for some other thing is a 401
-
tomman
" next request for the Private Access Token challenge may return a 401 and show a warning in console."
-
tomman
> cf-ray: 863d2cfc6d4e5c7c-MIA
-
tomman
found it on the headers, as expected
-
tomman
> 863d2d762f5e5c7c-MIA
-
tomman
of course every request comes with a different ray ID
-
njsg
tomman: devtools inspector, network tab, check headers of requests to cloudflare
-
njsg
ah, (I'm reading the backlog sequentially)
-
njsg
I'm this: – far from submitting something to the orange site
-
njsg
tomman: and the 403 is the difference between this and Firefox 70 (where it works)
-
njsg
working interaction IIRC has a 401 indeed
-
CaptainTobin
wait so they closed moonbeast's thing but he is a paying customer that relies on klanflare .. do you perhaps think it is because 1 he doesn't pay them enough to care?
-
CaptainTobin
and two.. Moonchild runs an old and insecure browser project in the eyes of many?
-
njsg
no, it's because it's first-level support
-
njsg
they have some kind of attraction to shrug anything as "not supported" if the browser is not in their short list
-
CaptainTobin
so their script must literally tell them to do that.. first level support people get fired if they use common sense
-
njsg
*even* if it's an obvious issue on cloudflare's side (such as requiring Origin: everywhere *in fallback code* and triggering a DDoS against cloudflare)
-
CaptainTobin
well Moonchild is not just a customer but a .. MOSTLY legit browser vendor
-
tomman
it's pretty obvious where is ClownFlare attention: at $GOOG's
-
njsg
this is precisely why I keep saying the way to get support is news.ycombinator.com :-P
-
CaptainTobin
and a named party in that now pathetic vs google court case
-
njsg
you may get hit by those who will "but why u no 'modern' browser?", but it is a proven way to get it to the attention of someone inside CF
-
tomman
njsg: I'm THIS close of creating a Hackernews account, but the stench would linger on me for months
-
tomman
but since this involves a party favorite (CF), a bank, real money, and a country everybody loves to blame its downfall on 'merica, it would be nice bait
-
njsg
tomman: I prefer not to explain why I feel like I'm a bit closer than you on that regard. Don't ask me why but it *exists*.
-
CaptainTobin
i'd love to go on a crusade about this with you but i am not sure at this specific juncture that would be the wise move for me or y'all
-
CaptainTobin
good ol band of strung out mozaddics crusading for internet freedom
-
njsg
tomman: banking entities who have customer-facing IT systems can't just enter contracts with CF or cloud providers without realizing the legal implications of doing so. That's not meant as a threat, but really just an observation.
-
CaptainTobin
and there will be some of that to come i am sure but not for me today lol
-
njsg
it might even be seen by some that doing it in the cloud is the way to do it, but they can't just ignore what that implies
-
tomman
njsg: I'm reading the applicable laws on that here, ackshually
-
tomman
fun fact: they're supposed to supply the source code of whatever tool/lib/service if they ever go bust :D
-
tomman
good luck getting ClownFlare sourcecode when they tank
-
CaptainTobin
tomman: it's so much *easier* to just ashroom the law and do what you want
-
tomman
but... yes, our applicable laws on IT stuffs on banks are a good read anyway:
sudeban.gob.ve/wp-content/uploads/N…O-CC-SBIF-DSB-II-GGTI-GRT-01907.pdf
-
tomman
not that banks or the regulator ever care unless someone at the Party gets pissed off
-
tomman
this is why if I wear my Party T-Shirtâ„¢, I could try to spin this as a national security threat against a "embargoed nation" :D
-
tomman
Ironically it was CF and not the bank that broke access here
-
njsg
I now somehow want to read all this topic through Mafalda
-
njsg
frg, tomman: works in FF78.15.0esr
-
njsg
oh wait, I wanted to test 68
-
njsg
I was finding it strange it didn't tell me the browser was "out of date", I'm amazed I managed to mix the versions this way, though
-
njsg
I had a 78.15.0esr in the same folder I just saved 68.12.0esr in, and grabbed the wrong one
-
njsg
68.12.0esr fails (needs UA override to get over said "out-of-date" notice), POST gets 302 to the same location and is followed by a GET which gets 403
-
ContributorTobin
njsg: sure am glad this channel is logged cause it is a lot to follow
-
njsg
fails in FF69.0.3 as well (also needs UA override for the same reason as above)
-
njsg
so whatever makes cloudflare work is present in 70.0 but not in the latest 69 or 68esr
-
njsg
ah, the successful request not only has Origin and Referer, it has a value in the Referer that might be computed by the scripts
-
tomman
-
tomman
they *really* are run by clowns and hire clowns too :D
-
tomman
or they simply want us "gone with the wind"
-
ContributorTobin
can't we just have Moonchild gone with the wind and we all just stay with the calm? tomman :P
-
tomman
Just following the situation~
-
tomman
it's obvious that CF wants us, y'know, dead
-
ContributorTobin
well yeah
-
tomman
at least 2 years ago they did the PR show on Hackernews
-
ContributorTobin
anyone not using chrome is obviously a kiwifarmer
-
ContributorTobin
don't you know
-
tomman
but nowadays, not even that
-
ContributorTobin
tomman:
-
ContributorTobin
well that's fine.. like I said, the key to the whole thing is the distinction between world wide web and navigators vs open modern web and browsers and never forget we have an internet which is still .. for the moment more than the web
-
ContributorTobin
if AOL came back in a real way and offered 100mb broadband for 23.95 a month but you had to use the AOL client with chrome in it.. people would overwhelmingly do it
-
ContributorTobin
or some similar service
-
ContributorTobin
hell MSN would work as long as no one knew it was MSN
-
ContributorTobin
as something else disconnected from microsoft it would be big in the majority tech consumer land
-
ContributorTobin
so.. until I can make a navigator from scratch or get seamonkey working on central.. I have built me a firefox without some of the experiments and with some cheap tab style tabs styling
-
ContributorTobin
plus my LFS is awesome.. and awesomely limited cause I don't have nothin but the baseos