tm9-801.com

[pfarber]

After a short period of 'figuring it out' you can now view TM9-801.com via an encrypted (https://) connection.

This helps get through corp firewalls and also makes some admin functions (I use a web based email client when at work to get personal email) and encrypting the link makes my life easier.

All domains that I have will move to https:// as soon as I get the certificates. If your bookmark is for http:// you'll just get redirected to the https:// site.

[pfarber]

Wow I just got the https:// upgrade done in the nick of time. My work is going full retard with Internet filtering.. that means no self signed certs and all sites must have a full certificate chain available for verification.

Funny thing is, not only is it blocking personal sites, and 'dubious' URLs... but many of our vendor webs sites are being blocked because they don't have the intermediate certs installed on their web servers. HAHAHAHAHAHA But since its a C-level edict IT is laughing at all the complaints. First, we were TOLD to institute retard level filters by C-Level folks, and its clearly showing how stupid some managers are.. and by that I mean vendors IT staff not even KNOWING what a certificate chain is, where to get intermediate certs and how to install them.

Its fun to sit on top of the mountain and watch the villagers panic. hahahahaha

[pfarber]

After reading up on my jobs new proxy implementation (and the IT managers probably getting yelled at for filtering out about half the sites admin employees need to do their job.. yes my phone ran ALL. DAY. LONG.) they *FINALLY* put out some documentation on what is filtered, and what will be allowed. Better a week late than never, I guess.

Anyway, I point one of the tools at my personal web sites:

sslreport.PNG (20.6 KiB) Viewed 3787 times

Not bad. The issue with using nerd tools is that you have no way to categorize what the parameters are. For example my site got a B because its allows the RC4 cipher... which it does. But its an RC4 attack is very difficult to pull off, and all in all considered a very low probability of success. But because the tools author wants a perfect world, free from every attack possible, no matter probability or practicality, they cap your 'score' at a B. Its kind of like taking a test and giving the right answer, but not the teachers right answer.

[pfarber]

The http:// -> https:// redirect is in place. It all happens automagically on the server side, so you don't have to update any bookmarks.

Suck it, NSA!