cloudflare seems to have had a major outage that started *precisely* at the leap second. I wonder if SSL has "this is from the future" coding checks? I know it blew up some of the connections to ziprecruiter machines for quite a few hours seems likely - https://github.com/golang/go/issues/12914 I know internal to zip, they were seeing the upstream ntp suddenly being one second back admittedly, many of the internal ntpd could have used an upgrade in the past few years. :) I can't recall if "one second" is still within the slew range I know there's some threshold where it will basically give up. I gotta think it's more like a minute my brother seems to recall when 7 seconds were added "all at once", but I think he's mis-remembering Ugh that fucking golang thread is absurd. The community is so terrible and why is documented right there. so is that why google was doing smearing? Ha. staticsafe: how are you liking the new fibe/fiber im liking it a lot still going through the Mikrotik PPPoE Client or using the mikrotik strictly for Layer 2 and let the HH3000 do the NAT? mhoran: you find the golang community terrible? (I know nothing of it, so that's why I'm asking...) yeah. We write/maintain a lot of go at Pivotal/Cloud Foundry. I hate it. up_the_irons: Happy Invoice Day / New Year / Congratulations on the new auto provisioning VMs s/New/Happy New up_the_irons: Happy Invoice Day / Happy New Year / Congratulations on the new auto provisioning VMs nathani: did you see that bbr is in linux 4.9 now? nope you have a link to the release notes? it'll be on kernelnewbies probably github or whatever linux doesn't have proper release notes oh it's not there yet /lib/modules/4.9.0-1-ARCH/kernel/net/ipv4/tcp_bbr.ko.gz it's in there heh :) https://github.com/torvalds/linux/search?utf8=%E2%9C%93&q=bbr cool The PDF if anyone is interested: https://mnathani.com/bbr/BBR-Congestion-Based%20Congestion%20Control.pdf nathani: thanks!! mhoran: ah interesting And I personally disagree with a lot of the core tenets of the language. mhoran: is it like OpenBSD bad, hipster bad, or...? ;) ah Google bad. aaah They don't believe in shared libraries, mostly copy and pasting code and sticking to what's in the core lib. It works for Google where they maintain all their code and have subject matter experts on everything they maintain, but doesn't work for smaller organizations that utilize open source and leverage other communities. Package/code management is terrible, and constantly changing since there's no clear direction (and Google doesn't use it so it's not maintained well.) Statically linked binaries are huge and pull in the whole world for the sake of portability (which is nice, but see shared libraries above). eww And then there's naming practices. Single letter variables all over the place, and hard to read, spaghetti code. For highly concurrent systems that are complicated and need high throughput,it's OK. But for everyday programming, I miss Ruby. are you working at google or something? https://medium.com/@octskyward/modern-garbage-collection-911ef4f8bd8e#.lktwkvmat -- here's a great article about some other FUD around GC in Go. GC is what put me off D mercutio: Pivotal, we work on Cloud Foundry which is mainly written in Go. mhoran: oh man that sounds terrible; i'm sorry to hear that Go has a lot of promise and then is just so disappointing. mhoran: i knew about the shared library thing... i mean, having a single binary that can be copied around systems, dependent-less, is kinda one of their "things" yeah. And for Google it works great! Or so I hear. But I haven't seen it work well. yeah ... https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ Google probably has enough disk and bandwidth that they can copy the world bundled with each of their binaries without issue. I'm surprised they didn't just implement containers that bundle the world for each app... oh wait... Yep ever since amos had huge executables on amiga back in the day i've had pet grudges over executable size.. it doesn't slow things down as much when you have demand paging, but it just seems so wrong hey guys allah is doing sun is not doing allah is doing to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger oh, to have ops... any one else having issues viewing ssl certificate details using chrome? they seem to have removed the option completely wow it is confusing i see what you mean there's probably a way ,lnot sure how yet though just press fa12 f12 go to security and view certificate is under there cool thanks dont need to use firefox for that task anymore :-) i had to guess my way there pretty sure it was an oversight on their part though i dunno F1, F2, F3, .. F12 ? finding out site passowrds got harder before i think sometimes they just don't want to make some of these things too easy f12 is the normal debugging mode there's other cool stuff in there too right Oh rad, instant provisioning! Yeah, for some reason Chrome removed the extremely accessible cert information modal and combined it with the confusing for people who aren't web programmers inspector widget... Which seems ... really bad for security. they also say not secure when you enter a password on non encrypted site now That's a nice feature. i always consider websites that ask for a password insecure there's been so many big leaks... I consider it completely insecure to give my password to another person/company, including a Web site. I think we're in agreement there. https://twitter.com/mikeburns/status/529369409941680128 - this was my prediction in 2014! TWITTER: Browsers might as well render password fields like text fields when the form action is non-HTTPS. And even then ... (Mon Nov 03 20:27:57 +0000 2014) i think some kind of generic login that isn't associated with facebook etc would be nice preferably one that can't link back to you, so much as ensure you are legit Right, just some simply public/private keypair thing. like if you have two sites, and use some kind of sahred login system the sites shouldn't be able to identify you as the same person I also question "logging in" to Web sites as a general concept, but that's neither here nor there. I don't care about SSO so much as public/private keypair. I'm fine with a new keypair for each service. i tend to just hav chrome remember passwords for me I use a password manager. but as soon as i'm not in front of chrome i don't have any idea what my password is for most of those Yeah a password manager helps with that. well atm there are so many not very important things that want logins like logins for online shopping basically and whenever possible i pay with paypal And hosted email service, if you use one of those. as bad as it is at least it means i don't have to worry about sites having my credit card # Yeah I also don't like entering my CC number into a Web site -- especially a non-CC Web site. Like, I'd rather enter my CC # into visa.com than into, I dunno, gilt.com. yeah although i still am hesitiant about americanexpress hah i had credit card fraud on my credit card and they rung me up from a blocked phone number If only someone made a public/private keypair for payment that wasn't also criticized as being only used by criminals. and wanted me to say my credit card # etc That's bold. it was legit but like there was no other communication method in line with it i got a reference number from them and went through their avr but that again seems like one of those areas that needs to be improved like if a company wants to validate me, how do i validate them first? We, as a culture of engineers, sure have built a lot of phishing-friendly products, from phones to emails and beyond. well most geeks have known about social engineering for ages. "what's your password?" :) We just think we've above it. Or that it's a problem that can be solved later. but lots of people are trusting Or busy. true it was a pita going through the avr Yeah I bet. That's what she said!! i wish there was a way to shortcut it like you should just be able to press 0 then type in a 12 digit number or something They should have a phone number that you call them on, agreed upon ahead of time. it's on your credit card Right. but you still have to put in heaps of details etc Oh I see. and go through annoying avr and wait in queue In Sweden I used a public/private keypair to auth with my bank. That was nice. wow BankID. Unpleasant software, but a great idea. i can download my transactions in csv going back years i thought that was normal. but apparently some banks don't make that that easy. Lots of legacy software and arbitrary restrictions. and some will only go back two years or something banking just got improved recently here, so that you can normally transfer money between banks within an hour it used to be overnight. now that was a legacy system... Yeah, using tapes physically mailed to banks or something. i think they used to use isdn http://www.npr.org/sections/money/2013/10/04/229224964/episode-489-the-invisible-plumbing-of-our-economy - this MP3 talked about it, IIRC. i wouldn't be suprised if they use the interne tnow.. I would be surprised if a US bank used any recent technology. well i'm not in the US.. Ah, right. Then maybe! ok i'm going to have to watch that err listen? http://www.npr.org/templates/transcript/transcript.php?storyId=229224964 - here's some words. on that note, i've been searching for ages, and still have no idea what the best way to listen to music at gym is .. which could include podcasts i kind of thought stuff would have improved by now. That'd be a great subtitle for a documentary about the year 2016. the easiest seems to be bluetooth watch with music playing with bluetooth headphones which would be fine for podcasts but not so good for music I got my friend a Bose QC20 for his gymwork he's now pretty happy with it not bluetooth... but the noise cancelling is amazing even in a gym damn they're expensive :) mike-burns: yeah, VMs without an OS (blank) are now instant; we're working feverishly to also get the OS part done by Feb. I think they may even exceed the classic Bose I bought (twice) ear-clamps that I had years ago i found there's this cool alternative firmware for mp3 players. i have a feeling that wires are going to be annoying but i probably should experiment with my old phone xduoo x3 is my current idea then using big clunky headphones but where to put it! That's what she said!! there's this alternative firmware called rockbox, and that's one of the only current mp3 players it works with.. there are some older models that are hard to get now like sandisk clip which would be more convenient.. I use a classic iPod they discontinued the product in favour of smaller flash based devices and the iPod touch classic ipod actually works with rockbox too ipods are stupidly expensive second hadn here yea and the batteries are likely to die on old ones bought now it's cheaper to buy a new xduoo x3 @google xduoo x3 15,800 total results returned for 'xduoo x3', here's 3 The xDuoo X3 DAP now has a fully functional Rockbox port. Here ... (https://www.reddit.com/r/headphones/comments/4c2u3a/the_xduoo_x3_dap_now_has_a_fully_functional/) Mar 26, 2016 ... Hello guys. I have been immensely enjoying my xDuoo X3 DAP and thought I would share my experience now that the player has received a ... XDUOO X3 HiFi Lossless Music Player MP3-92.81 Online Shopping ... (http://www.gearbest.com/mp3-mp4-players/pp_440370.html) Just US$92.81 + free shipping, buy XDUOO X3 HiFi Lossless Music Player MP3 online shopping at GearBest.com. XDUOO® X3 Mini HI-FI Music Player JZ4760B Chip 24bit: Amazon ... (https://www.amazon.co.uk/XDUOO%C2%AE-JZ4760B-Lossless-Supports-Formats/dp/B017K9XVX6) XDUOO® X3 Mini HI-FI Music Player JZ4760B Chip 24bit/192khz HD format Audio Player Lossless Music Player Silver Supports MP3 WMA APE FLAC WAV ... @google Rockbox 162,000 total results returned for 'Rockbox', here's 3 Rockbox - Wikipedia (https://en.wikipedia.org/wiki/Rockbox) Rockbox is a free and open-source software replacement for the OEM firmware in various forms of digital audio players (DAPs) with an original kernel. It offers ... Rockbox Technical Forums - Index (http://forums.rockbox.org/) Welcome to the Rockbox Technical Forums! Thank You for your continued support and contributions! Rockbox Ports are now being developed for various digital ... Rock Box | Japanese style karaoke | Capitol Hill, Seattle (http://www.rockboxseattle.com/) Rock Box is a Japanese style karaoke lounge in Capitol Hill, Seattle with full bar. Sing and drink with your friends in a private room or karaoke box! xduoo has annoying firmware hmm, so I can convert my iPod to a Rockbox? yes like there's a second gap between songs rather than seemless playing from track to track whats the advantage over the iPod firmware i haven't seen the ipod firmware but it has quick previous/next etc eq is it stable? i'm not an expert on it though some devices can dual boot it's really old so should be I have had to use iTunes with the iPod which is a huge resource hog oh yeah that problem should go away :) you should be able to play flac etc too you can drag and drop songs to it it acts like a drive people keep talking about flac support when googling hah how does it deal with creating / modifying playlists long press that's as much as i know i haven't tried it yet i don't have a mp3 player :) https://support.apple.com/content/dam/edam/applecare/images/en_US/ipod/ipodclassic/psp-hero-ipodclassic.png ahh thats the iPod classic I have is Spotify available in NZ ? you could use your Samsung if it is i don't want to use my normal phone in gym sounds way too dangerous well i was initially but now i don't :) i have a moto g too though i'd rather use proper headphones though i hate those in ear things whats the danger? drops and such? yeah get a rugged case :-) well there's still the issue of it being bulky and not fitting in pockets of gym clothes that easily i was considering getting a gear fit 2 iPod touch sells arm bands which has music playing using bluetooth to bluetooth headphones my brother just bought a fitbit charge fitbit charge doesn't have music my brother has a fitbit charge all of the herat rate things seem non ideal none of them are responsive enough to work well with HIIT I used to have a watch that measured heart rate which is where heart rate is most important yeah i think it'd be fun to see what my heart rate over the day is and it'd be nice if i could get notifications from my phone not sure what range is like though I got an A on my new Wildcard SSL Install: https://www.ssllabs.com/ssltest/analyze.html?d=graphs.winvive.com&s=67.227.192.97&latest you may want to enable HSTS are you going to try and get A+? mercutio: do you know if it can be set globally in Apache? i've never enabled it in apache so i have no idea does the test give suggestions on how to improve i'd do it per site generally though so I can try to get A+ i'm not sure, i didn't see it.. somewhere should say how to improve it so you do want to try for the A+? :) probably get the folks at liquidweb to do it its a managed box managed hah they need to be told what to do and then they do it so semi-managed I guess no proactive stuff ahh https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html#HTTP_Strict_Transport_Security maybe this would help you thanks