I like how everything network-related is revolutionary by either serializing it, or just shitting it out over UDP. "Trust the network, bro."
or. OR. "It doesn't need its own registered port number. Put it over 443/TCP (or udp now, I guess) and its unblockable.
what If I want to be able to block it?
How dare you not be webscale, forward-thinking and/or cypherpunk by handing over yet another fucking web protocol to Google, Cloudflare or Microsoft.
@da_667@infosec.exchange
Or drop it on 53.
Nobody blocks 53.
@da_667@infosec.exchange QUIC taking over has been a boon for getting through lazy port filtering from ISPs. All of my wireguard infra is on 443/UDP and it never fails to get through with the quickness
@da_667@infosec.exchange
massive bong rip
What if we just straight up get rid of the transport later altogether? Why even have all these ports?
@cR0w@infosec.exchange @da_667@infosec.exchange reminds me of being tasked to implement a system that used tftp for parallel file transfer, up to 40 in parallel.
"Sure no problem, what port range are we using?"
"Here's 5 ports"
"But tftp needs ports for adressing..."
"That's what the design doc says and we can't revise it again without making the customer mad"
So I did THINGS, that probably work, usually, but it definitely wasn't tftp.
@cR0w@infosec.exchange "luke, you've turned off your targeting computer."
"Why bother. Hardware sucks, Software sucks, I'd be better off guessing."
@kevingranade@mastodon.gamedev.place @cR0w@infosec.exchange @da_667@infosec.exchange ah. The days I spent dealing with sales engineers who came to me and said, βguess what I soldββ¦.
Always a facepalm moment.
@kevingranade@mastodon.gamedev.place @da_667@infosec.exchange cursed π
@da_667@infosec.exchange @cR0w@infosec.exchange "Luke, it's not that bad."
"My targeting system crashed and my engines won't turn back on without a credit card."
"Oh."
"It's fine. Darth Vader suffocated while his chest thing was installing an update."
@da_667@infosec.exchange "Vibe targeting engaged"
@cR0w@infosec.exchange @kevingranade@mastodon.gamedev.place that reminds me of all the arcane shit I had to do to get FOG/PXE booting to work over a small subset of ports, through a firewall.
@cR0w@infosec.exchange We just let the AI vibe architect the deathstar
I think there's a weakness in the design they're trying to exploit
You're crazy. This battlestation is impregnable
@cR0w@infosec.exchange We just let the AI vibe architect the deathstar
I think there's a weakness in the design they're trying to exploit
You're crazy. This battlestation is impregnable
da_667
