This would require a complete new ecosystem and likely new language where any degradation of code flow becomes communicatable in a standardized and fully documented fashion.
The closest we have is something like Java with exceptions in type signatures, but we would have to ban any kind of exception capture except from final programs, and promote basically any logger call int an exception that you could remotely suppress.
We could philosophize about a world with compilers made out of unobtanium - but in this reality a library author cannot know what conditions are fixable or necessitate a fix or not. And structured logging lacks has way too many deficiencies to make it work from that angle.
One thing that has not quite been mentioned in the blog, is how much of the MITM spyware comes from very big and well known „security“ companies.
You know, the ones that really know about security. X-PAN-AUTHCHECK type of security.
The amount of CVEs some of the big firewall companies collect make it seem like it is a competition for the poorest security hygiene.
The real problem we have is compliance theatre where someone in management forces these solutions onto their IT department just so they can check a box on their sheets and shift all responsibilities away.
If I infiltrate someone else’s computer, secretly run code in order to to exfiltrate data I risk prison time because objectively it seems to satisfy criminal laws over where I live.
How do prosecutors in any modern country/state not charge this behavior when done by a website owner?
The difference is that there's implied consent to run arbitrary (albeit sandboxed) code when you visit a website. Moreover it's not the website causing the code to be executed, it's your browser. Otherwise if the bar is "code is being run but the user doesn't know about it", it would lead to either any type of web pages with javascript being illegal (or maybe without javascript, given that CSS turing complete), or a cookie banner type situation where site asks for consent and everyone just blindly accepts.
The GPDR is not criminal law. But ignoring that, regulators barely pursue GPDR violations.
Consider the swaths of dark patterns surrounding cookie terror banners. The GPDR language is extremely clear that none of them are legal, but virtually nobody is ever punished.
While the GDPR does not directly prescribe prison sentences, it absolutely enables countries to establish criminal offences for severe data protection violations, and they will clearly extradite!
We operate an MSP business for tens of thousands of customers and have our own ASN, but gmail outright refuses all our corporate email. Why? We do not know and gmail refuses to tell us. Their postmaster tools lie, are incomplete, display no data, display errors or contain no useful information.
There is no human postmaster to contact, all our attempts have been ignored successfully. It’s downright silly but we have to send our corporate mail via a paid third party relay to be delivered to gmail.
These gmail postmaster tools seems to exist to make antitrust cases difficult, not to enable other MSPs to deal with deliverability issues.
At the same time gmail is emerging as the number one source of spam for our customers. If our spam fighting is too tight we falsely flag important mail as spam, and this is absolutely unacceptable to customers. As a consequence we have to relax our spam classification for gmail senders, which manifests itself in false negatives from the perspective of our customer.
But to the customers this reflects on us, not on gmail.
It’s just gmails best interests to make other MSPs miserable to operate. It drives our users to them.
You can run your own mail server and name server on top. The network of mail is very much federated.
In mail we have so many freedoms. We have become so locked into technology that we have to introduce a term like “federation” to signify the interoperability and freedom of a single component. Mail is federation layered upon federation.
The fact that you can just use a mailings list address as a member of another mailing list gives you even more federation possibilities. All with the simplest of all message exchange protocols.
> You can run your own mail server and name server on top. The network of mail is very much federated.
While I do completely agree with that in theory (and I also love mail) I think it does not stand the reality test because of email deliveravility which tends to be a nightmare.
How do you solve this? Do you use a third party SMTP?
I ran multiple mail servers for years until about 10 years ago (moved out of the industry). The deliverability problem, as far as I know, hasn't really changed that much in the last decade. The key was to configure DKIM, SPF, only use secure protocols and monitor the various black/block-lists to make sure you aren't on them for very long. In my experience, if you end up on a few bad lists, and don't react quickly, the reputation of your domain goes down rapidly and it's harder to get off said lists.
You also want some spam filtering, which, these days, is apparently much more powerful with local LLMs. I used to just use various bayesian classification tools, but I've heard that the current state of affairs is better. Having said that, when you've trained the tool, it does a pretty good job.
It's not "plug-and-play", but it's not that hard. Once you've got it up and running the maintenance load goes to almost zero.
> It's not "plug-and-play", but it's not that hard. Once you've got it up and running the maintenance load goes to almost zero.
This is where I disagree. In my opinion it might not be that hard but the maintenance is really not zero as you just described how you need a reputable IP as a prerequisite and constant monitoring of block lists.
Just having DKIM, SPF and DMARC really was not enough last time I checked for getting delivered to let's say outlook.
I just realised, and this could be red herring, that almost all of the domains I've administered were based in Australia. I suppose it's possible that the IP ranges I'm dealing with have a better reputation than those from other countries. I have administered a few domains from US companies and IPs, but they've often been based in known data centres which may help their cause. I can't really talk to the reliability of hosting a mail server on a consumer / small business IP in the US / Europe/ Asia. It's possible that all known, common IPs in these areas have a natural disadvantage when it comes to reputation. I suppose try running a tunnel from your server to a small VPS in a knwon data centre? Not ideal, but it may help.
It would be annoying if entire US/European/Asian ISP IP ranges were immediately blocked. We should have moved on from that for many reasons unrelated to email.
The monitoring of block lists is much more important than people assume. I haven't looked into it in detail, but it always seemed like the reputation was based on a ratio of number of messages to known bad messages. If you have a moderately busy server, and you manage to keep off the block lists (or at least pro-actively remove yourself from them) then the reputaion gets higher and higher, and the maintenance goes down.
If you're a domain that only receives occasional messages, and you end up on Spamhaus and co, you're gonna have a problem. It seems that reputation at small scale is viral. You need actively good reputation and response time. But, honestly, it seemed that it didn't take more than about 3 months per domain I administered until they were just accepted by the net as valid, good actors.
It's not about receiving. Receiving is the easy part. It is about the delivery of your own mail.
> you stop giving money to your mail host and get a different one.
I was entertaining the "host your own mail server" thought, I agree that if you don't host it yourself then you can change your provider if it fails you.
Who needs the transmission more - the sender, or the recipient?
Much of the time, when it's for signup verification, especially for a free service, they just write "don't use @live.microsoft.com" underneath the email address box. The user wants to be signed up for the service more than the service provider wants a new user, at least by enough to use an alternate email address. Enough cases like this, and the user quits @live.microsoft.com.
Sure but then your mail gets dropped on the other end: The main issue I had the last time I tried running my own setup for mails was basically getting an email to an outlook or live.microsoft address. My mails were dropped for no reason, effectively not landing in my friends mailboxes and without any error on my side to know that my mail was getting rejected.
This is when I decided to stop trying getting through with this and came back to paying a provider.
The fact that it is a nightmare is a bit of a myth. Granted, not everybody can do it, but that's not necessary.
And then there are many mail providers other than Gmail. It's just that nobody cares and probably the fact that a ton of (most?) people were forced to create a Gmail account by Google.
> The fact that it is a nightmare is a bit of a myth. Granted, not everybody can do it, but that's not necessary.
I agree to some extent. But it is more involved than deploying a Discourse instance in my opinion.
> And then there are many mail providers other than Gmail. It's just that nobody cares and probably the fact that a ton of (most?) people were forced to create a Gmail account by Google.
100% agree. This is the tradeoff I went for. I would love for it to be easier to self host but you can definitely use another provider.
And it is also rarely if ever measured in petabytes. Commercially percentile based (in terms of speed) billing is the norm, but that only applies to businesses that act as downstream customers of ISPs
Apple has global IX presences and generally maintains open peering policies, which means it only costs a few bucks monthly to maintain any given PNI (e.g. 10Gbit), and they are also available on those open routing server ports. IX presence is dirt cheap.
You can use your own router in Germany, this is enforced by the regulation agency BNetzA. Your ISP must provide you with sufficient information to set it up.
I think it's fair to say the vast majority of users won't be able to pull that off. I doubt even half of them know what a router is, let alone that there are differences between models.
For those who know they can use their own modems, sufficient information must be available, but only a sliver of the people with AVM modems will have that kind of knowledge.
There is the class that fails at reading and adhering to IKEA instructions, yeah.
But this is something that ask the non-obvious things will get explained to you if you walk into a MediaMarkt to where modern routers are and queue in line for the area's sales person to get to you and tell you what to buy, and how to get your hands on the relevant access credentials/how to get the new one to connect to the ISP.
You're forgetting that most installs of non-ISP-provided moderns for residential Internet are set up by the tech person of the household who quite possibly never heard of what a NAS is and why they may want one.
Often the only paper manual thing in the box is literally the quick start guide that a motivated person who has what could be called "common sense" on treatment of/interaction with computing equipment. You know, the person who knows to check the plugs because they don't consider themselves above it but do know that it's one of if not the first thing they are asked if they can support.
As a point of interest, there is a class of patterns called Standard Essential Patents (SEP), which the patent holder is required to sell licenses under fair, reasonable, and non-discriminatory (FRAND) conditions when an implementation of that patented idea is required to comply with certain standards.
What is even more interesting: At a given power rating, coal plants produce up to 3 times more radioactivity than nuclear power plants directly in leftover ash because coal contains large numbers of radioactive isotopes. It might not seem like much, but when you consider that a 1TWe coal plant burns 3.2Mt of coal a year compared to 27t of uranium for an equivalent nuclear power plant, this might become more apparent.
Most of that waste is captured in ash via particle filters and has to be treated like any highly toxic and radioactive waste, but as far as I know this waste it not destined for secured long term nuclear disposal where it would be kept safe from interacting with the environment. We don’t seem to have a problem with that…
Further, some low percentage (literature tends to point at .5%) of it is in gaseous form or cannot be filtered, so it gets vented into the atmosphere. That’s assuming modern and intact particle filters. And we aren’t even talking about CO2 here.
It’s somewhat absurd we have to have discussions about nuclear power plant waste in this reality.
Nuclear power plants produce many many orders of magnitude more radioactivity than coal power plants for a given amount of energy produced. You are probably misinterpreting the famous 1978 study [1] where the radioactive emissions of nuclear and coal power plants were estimated to be roughly the same. This does not include the solid and liquid nuclear waste, only the radioactive gases that are inadvertently leaked from nuclear reactors. Coal ash is barely radioactive at all, and the radioactivity is completely negligible compared to the chemical toxicity.
The closest we have is something like Java with exceptions in type signatures, but we would have to ban any kind of exception capture except from final programs, and promote basically any logger call int an exception that you could remotely suppress.
We could philosophize about a world with compilers made out of unobtanium - but in this reality a library author cannot know what conditions are fixable or necessitate a fix or not. And structured logging lacks has way too many deficiencies to make it work from that angle.