My company failed. Worked on it 6 years and ended in a burnout. Thing is I can say I tried. And now I have another few years (like atleast 40 I hope^^) to do something else. Failing early isn’t the Ende. You did atleast try if you fail.
Before implementing SRP, our authentication flow relied on email verification.
The general inconvenience of waiting for emails aside, this flow also had the potential to lock out customers who were using Ente Auth to store their email's 2FA credentials. So it was important that we fixed this.
Once OPAQUE becomes more mainstream, we will very likely adopt it.
Note that there may be incompatibilities (as noted in the article) until NIST has published the final revisions. Some specifications are on Round 3 kyber, others are on FIPS 203.
This one will interoperate with Bouncy Castle (both Java and C#) as we both use FIPS 203 draft, but it won't interoperate with OQS simultaneously (three-way interop) as that is still on the Round 3 submission.
First of all: Awesome! Most people do not try to understand the basics and jump right in to specific frameworks. Understanding the basics will help you in the long run to adapt to different things.
One thing Im personally missed out (now 27; started at 12 with web stuff) is writing. Not only writing blog articles or documentation, but writing for the sake of documenting small hacks or bigger concepts. So that would be one tip I personally would loved to get.
About projects:
- either do things like features for small projects (e.g. dark mode for something like altcha.org)
- try to fix some bugs
- or try to recreate small projects based on a framework or vanilla for the sake of learning stuff.
As a tip for learning more things etc. in the web dev space -> Look into accessibility. Its a huge and interesting topic.
Also "that is hard and might be too hard for my skill level." -> Do it. Get started with something "easy", read papers, do tutorials, write stuff about what you learned. You wont learn if you wont try :D
In general -> Keep on learning. Don´t waste time on chasing the next framework and ask. Asking questions can be interpreted as being annoying. But if you try to understand different view points, different tech etc. you will end up talking with people that will bring you forward.
Ohhh and before I forget it -> one skill that helped me a lot ->
Hosting my own stuff securely on bare servers without docker for example. It helped to understand security concepts, how much resources a website really needs and what I even need to host a website.
It´s nothing against docker, but keeping a bare web server secure and then introducing databases etc. with self build images is nice.
They do. You either pay Transit pricing or have settlement free peering (as in everyone pays his costs and the data exchange is free; as long as certain requirements are met).
Thing is: charging the data center/content provider above global average pricing and also charging the end customer for the same service again.
I fail to understand how it can be 2023, and GitLab have full IPv6 support, but GitHub is all "... oh, is this IPv6 thing new? we'll put it on the backlog with the extremely limited resources of .. err, Microsoft .. who are currently occupied with some OpenAI something-or-other ..."
IPv4 will continue to dominate until IPv4 experience is very noticeably degraded for users or seriously more expensive for providers to get an address.
It's just reality, it's hard to care about non-problems, specially when fixing them creates real my-problems.
