I have used ff on android with ublock for 5 years on an s20. It has been superb for me. The only complaint from me is that the bookmark page as "tile" doesnt work.
Hasura is great if you want to get a CRUD GraphQL API. Prisma on the other hand in an ORM that you import into your application code giving you more flexibility into the potential use-cases for it.
I am palestinian and have family in the West bank and Gaza. And what OPs saying isn't true at all. They are an occupied and oppressed people, treated like dirt and without representation.
Gaza is literally a concentration camp that is extremely hard to get out of. Moreover, the Israelis block imports of food and building supplies, essentially trying to starve the inhabitants to death.
What OP is saying is similar to saying that black people loved slavery and then segregation, because their masters were so fair and kind to them.
I'm the OP, and I agree that the situation in Gaza is beyond reprehensible. I see where Gaza is today, I see how it got there and the Israeli / Egyption hand in it, and I only wonder if it could have worked out differently.
They would need to make some tie between sasl authentication and what FROM: headers you're allowed to use. I don't know what MTA they use, but there are MTAs that have that feature. It's controlled_envelope_senders in postfix. I assume other MTAs have similar features.
It sounds kind of lazy to me. Though I'm sure they would get lots of complaints if they turned it on...some mailing list software depends on spoofing, for example. Or web based "contact us" forms. So perhaps it's just to avoid lots of support tickets.
The reason is probably that nothing can stop the successful spoofing of the From header. DKIM is a signature for authenticating a domain, however that domain does not have to match the domain in the From header.
Take a look in Gmail at a signed email and you’ll see a “Signed by” field in its header info, with a domain name as a value.
Also the SPF setting has nothing to do with the From header either.
In other words the “From” value cannot be protected, unless you sign your email with PGP or S/MIME.
They know who authenticated to the SMTP server, so they could enforce that the From address is who it was authenticated by. Otherwise, they basically act as an open relay.
Sending from multiple From addresses is a common use case. I send from at least 4 different email addresses all hosted by fastmail in the same account. Having to create different logins to authenticate each sender would be a huge pain.
Gmail requires that you prove ownership of an email address by clicking a link in an email before letting you choose it as a From: address. I think this is a good compromise.
You can also take a blacklisting approach, where it's open-by-default and users shall be able to restrict any domain to properly authenticated users only. That way, it is purely a security enhancement for those who want it (like me).
I demonstrated this behavior to eggsampler after discovering it quite a long time ago by messing around with HTTP payloads in their web interface - it's wild to me that FastMail will use the DKIM private keys from an entirely different FM account to sign your messages.
Unlike eggsampler, I won't be ditching them, but I hope that FM reconsider their policy eventually. That they have awarded themselves the privilege of a "green tick" on their own official emails while throwing everybody else to the wolves is slightly ironic.
I'm not certain, maybe there's a technical reason they can validate account credentials but not map credentials to addresses/aliases. Doesn't instill confidence either way.
("firefox-bin" on some Linuxes, "/Applications/Firefox.app/Contents/MacOS/firefox" on Mac, etc.). This launches a Profile Manager; pick a profile that isn't being used by any other running Firefox. This avoids accidentally logging keys for normal browsing traffic, making it easier to pick out the target SSL traffic and avoiding a security risk.
Second, launch tcpdump:
tcpdump -i en0 -w dump.pcap
(where en0 is your primary Internet interface).
Browse to the site you want to debug and make some websocket requests.
Finally, you can use tshark to inspect the traffic:
The -e fields I chose there are just examples; this particular example dumps out all the websocket payloads to a file.
You can also configure Wireshark to use the log file, so that you can inspect the traffic interactively; to do so, edit Preferences -> Protocols -> SSL and set the (Pre-)Master Secret key log filename appropriately.
Consul seems to get some love when looking at the releases, but I am really getting this impression when looking at Nomad. Seems like its been 0.6 forever.
