It'll be fine even at 3.0C. The IPCC report has scenarios up to 5.0C, and if you carefully read those and compare the population adversely affected to the overall population of the planet, you'll see that mankind will not end from climate change. Not even remotely.
There are tons of reasons to not use an external CA.
First, cost. Any CA that issues unlimited certificates will charge tons of money. Free CAs like letsencrypt do have rate limits that we would frequently hit with autoscaling environments, CI jobs, and such.
Also, CAs require the use of certificate transparency logs. Which will expose your internal infrastructure data to the public. It will, by exposing autoscaling data, also expose financial data (at least in hints), e.g. by showing that last christmas, your scaling peak was far higher.
And external CAs are a security risk because you need to provide firewall exceptions and/or transfer mechanisms for certificates into your internal infrastructure that you would usually want to isolate.
Lastly, an external CA is an availability risk. Should your external CA be unreachable for some reason, you might not be able to run any CI jobs or auto-scale-up your infra.
There are tons of reasons to not use an internal CA.
First, cost. You're not just going to slap the root CA onto the network drive and let the developers have at it - you're going to need infrastructure to keep the key safe and handle automated cert provisioning and suchlike - that's going to need people to maintain it. And it'll be an important part of your infrastructure, so you'll need enough experts you can maintain round-the-clock support.
Second, it reduces your security because your users will inevitably learn to ignore certificate errors.
Thirdly, you'll never stop the certificate errors. Oh, you're going to set them up for both Chrome and Firefox and Edge and Safari on Windows, Mac, Linux? Oops, you forgot Android and iPhone. And your CI system. And Java and Docker and Git. And the network printer and the electronics team's network-enabled oscilloscope. Think you've covered everything? Surprise, Slack is distributed in a Snap now, it's generating certificate errors.
Just have your cloud provider take care of it. Not in the cloud? A wildcard cert on your load balancer will get you 99% of the value with 1% of the work.
I think you've entirely misunderstood the discussion here. Your post seems to be about using internal certificates for an externally visible website (although I'm confused about the mention of network printers and Slack--are you thinking this is a MITM certificate? nobody had suggested using an internal CA for those things) but that's not what anyone here was talking about. They're talking about internal use for communication between your own backend services.
Recall the post that started this subthread:
> Having to communicate with outside is kinda overkill if you just want to have container A talking to container B.
The article here is about the same.
#2 and #3 in your post don't apply; we're not talking about browsers or end users at all here. #1 may apply but I think you're overstating it; Active Directory Certificate Services takes care of all that. Remember that you don't have to follow the CA Baseline Requirements as a private CA. It's harder to get rid of an ADCS PKI than to set it up.
> #2 and #3 in your post don't apply; we're not talking about browsers or end users at all here.
Y'all don't have internal tools implemented as webapps? Self-hosted version control servers? Nexus? SonarQube?
Oh, I'll agree that you can outsource all that stuff if you want to - but any business with that philosophy would surely also outsource their certificate provisioning. Especially considering how easy and cheap AWS make it.
> although I'm confused about the mention of network printers and Slack
Do you not want graceful handling of internal URLs when mentioned in slack? Such as previews, image unrolling etc? Do you not need a certificate for the internal file server your scans upload to, and so on?
You're still talking about a completely unrelated use of CAs here. We're talking about how you get two k8s pods to communicate with each other securely, as an alternative to using self-signed certificates and without leaking details of your internal infrastructure to a CT log. Nobody suggested using self-signed certificates for any of the things you're talking about; we are talking about what you should replace your self-signed certificates with. That's what both the article and this thread are about. You're arguing against a point that nobody made. You'd never use a self-signed certificate for a user-facing website or service and nobody suggested that you would. It is specifically the situations where you'd use a self-signed certificate that this subthread is suggesting using an internal CA for instead.
Stated another way, I believe you are saying "don't use internal CAs for things you'd otherwise use public certificates for" but what we're saying is "use internal CAs for things you'd otherwise use self-signed certificates for". I believe both statements are correct but we weren't talking about the first thing at all until you brought it up.
So I'll route my CI integration tests that test communication from application to database through the loadbalancer? And I'll teach the loadbalancer to talk to itself to talk to the autoscaling web backends it needs to talk to because only the loadbalancer has a valid certificate? Nice brain-knot.
And talking about security risks, wildcard certs are especially dangerous and should be forbidden from ever existing. They just lead to "copy it everywhere"-keys that, sooner or later, will leak. And that won't be revoked or replaced, because of course everything will break at once.
Oh, and the certificate errors will also come with external CAs. Chain too long? Error in some browsers. ECC signature? Error in some browsers. Chain with different paths? Error in some browsers. 4096bit certificate somewhere? Error in some browsers. Two different valid roots? Error in some browsers.
The result is different when comparing to self-signed certificates. For instance, yes you should be careful with your key, but losing it makes your security as bad as when using self-signed certificates. Yes, you might be teaching some of your users to bypass the warnings. Just like when using self-signed certificates.
> Free CAs like letsencrypt do have rate limits that we would frequently hit with autoscaling environments, CI jobs, and such.
You're expected to design around that. Deploying should never create a new certificate, those should live in secure storage and get deployed when needed.
The main rate limit also doesn't apply to renewals, so you could potentially issue N*50 domain names on your Nth week using Let's Encrypt.
If you need to issue certificates for new domains at a higher rate, you're very likely a large company that can afford to pay some money for any excess certificates you need. Failing over to ZeroSSL (zerossl.com) on rate limiting should be an easy engineering task since both use the ACME API.
I'm sorry but this is simply not true. Certificate Transparency logs ARE (meta?)data which would be exposed. If the certificates were meant to be reached externally, you wouldn't indeed care at all - but if they're for internal flows (e.g. App server to DB, 2 steps behind a balancer and a set of web frontends) you are indeed publishing stuff you would have rather kept private.
Before this (d)evolves into a zero trust, security-by-obscurity discussion - some auditors won't certify you in some edge cases related to this, and you may be operating in a regulated sector where such a certification is necessary. Just because it doesn't impact your use case, doesn't mean this is the case for someone else.
It you are not personally aware of the basis behind a security posture, please avoid denouncing it as FUD.
Yout own ignorance, uncertainty, or doubt does not suffice to replace the informed advice of a professional.
Over here, your water bill has 2 components, the price of the fresh water and the price of the waste water. Waste water is at least as expensive per m³ as fresh water, sometimes more than double. If you are using rain water, you save on the fresh water price, but you have to still pay for the waste water. And since waste water price is calculated from your fresh water consumption, you either have to have a second meter for the rain water (expensive) or you pay for an estimated amount of rainwater calculated from the roof area you are collecting from. Also very expensive, because the estimate is always not in your favour.
So not really "free" at all, and rather expensive enough that nobody does it...
This also depends a lot on your locality. If you live in an area where septic tanks are allowed you don't have to pay for city sewer usage.
You can also skip that entirely with a composting toilet. Again depending on your local laws, gray water can often be drained directly outside, potentially through a leech field if required. Plenty of areas allow this for specific uses like washing machines, the only reason it can't be done with standard toilets is because of the solid waste.
Water bottles, if not cleaned properly with a soap and brush on the inside, will be coated with a bacterial "lawn". Copper prevents that. Lots of bacteria need such a lawn to propagate, only some can multiply without a substrate. So even if the "free" water part won't be desinfected, copper has an overall positive effect on the bacterial content of your drinking water.
As someone who washes my (steel) water bottle at most 1x a week, and drinks ~10-14L of water a week, I've never gotten sick from drinking out of my bottle before.
You can usually tell if the water in your bottle is going bad / filled w bacteria..
No. I was just explaining why copper is better in that regard, not that I would personally care that much. I do prefer stainless steel, because it is more robust, dishwasher-safe and cheaper.
>Your pet is more harmful to the environment than your car.
as do their human companions. I mean if you're going to Modest Proposal pets, why stop there?
And here's #13: turn off your phone, your laptop, your desktop computer. Read a book if you want edification. Go talk to someone in person if you want to express your opinion.
No. The problem is overall resource consumption. Which is a product: people * consumption/person. Since consumption per person has a lower limit, there has to be an upper limit for the sustainable number of people on the planet. Since standard of living should be at least equal to that of your ancestors, resource consumption per person will also be above the bare necessary minimum. And since the normal mode of population growth is exponential, any change in consumption per person is meaningless anyways, the overall resource consumption would be exponential nonetheless. So yes, we are always on the verge of overpopulation, followed by catastrophic collapse. We only avoided collapse in the past because technology (industrialization, green revolution) enabled exponential growth in resource production. But that might be a one-time thing.
Wrong. Pollution per person is extremely unequal across the world. There's a significant fraction of human population living in a completely sustainable manner and another fraction that is destroying life on earth.
Don't try to blame the first group for the sins of the second.
The population growth trend is already declining in many (western) countries and is projected to go down in a few decades max everywhere. Best contraceptive is education, prosperity and urbanization.
IMHO the best way to limit our negative impacts is
- stop exploiting other countries (there are almost no poor countries, only overexploited ones)
Good luck trying to convince Russia or China to stop exploiting other countries, abandon fossil fuels or stop animal agriculture.
Here is the unsolvable problem of the climate activism. They can't save the climate, but they are capable of destroying their own homeland, playing right into the hands of those authoritarian monsters.
Well then you didn’t understand the point of climate activism. It’s not about “saving the climate” but instead “keeping our home habitability”. You can choose to:
- keep packing more fellow on your homeland, our children with them. Don’t change anything but wish them good luck, the Science and Industry will solve everything as it always did anyway, right ? Guess what, it won’t make the two giants stop being authoritarian.
- not doing (much) more children in your homeland so no descents will suffer from the density. The “authoritarians monsters” will probably profit of that.
Do you really value democracy and freedom (I value it a lot, me too) so much that you continue gambling with descents’s home habitability?
It’s not about giving up but about recognizing that adding more soldiers won’t stop the war.
I absolutely agree on trying to become a better person in terms of producing less waste. My point it, little effort won't work. We need radical solutions that could work on the global scale.
I want people to think big. Instead of carrying a water bottle and use paper bags focus on how you can help a whole country like India or China or even a whole continent like Africa.
Set goal of stopping Coca-Cola from dumping their plastic waste in Afrika. This would include much more effort than just carrying a water bottle or sleeping 8h.
There are two possible answers to climate change: avoidance and preparation. Avoidance means that the world reduces its CO₂-footprint to zero or less to limit global warming or even to revert it. Preparation means that, if global warming cannot be avoided, states prepare for the changes in weather, sea level, agriculture, etc.
Avoidance can only work if all nations worldwide do participate to reduce their CO₂-footprint. If some big nations do nothing, or even worse, if non-consumption of fossil fuels by western nations causes a price drop and a shift of fossil fuel consumption to the rest (instead of an overall reduction), avoidance by the west is pointless and a waste of resources. All the world has to participate for avoidance to be successful.
On the other hand, preparation mostly works on a more local level. Nations with coastlines invest to protect those, nations threatened by water shortages invest in countermeasures such as maybe desalination or storages, etc. Even if the rest of the world doesn't care, preparation will mostly work for the local community.
Both avoidance and preparation need a lot of resources. But allocation to avoidance is only sensible if every nation agrees to it, otherwise those resources are wasted and far better spent on preparation.
The problem is, the general preparation problem is even harder than the avoidance problem. How do most countries handle 60m+ sea level rises from a complete melting of Antarctica? Where is going to get to a regular wet bulb temperature above 35 degrees? Can we handle the level of ocean acidification that business as usual will result in? We need to prepare, but let's not pretend we don't also need to avoid as best we can.
I'm sure there were anti-natalist groups in the thousands of years of human history but well they weren't so numerous a 100 years ago, and they probably won't be so numerous a couple of hundred years from now either.
Would you elaborate on your thought? Why questioning the demography is “enemy of mankind”? Is there other subjects/sciences we should avoid completely to be friends with mankind?
Also, most ORMs make it hard or ignore the possibility of using database transactions, checkpoints, partial or full rollbacks, etc. Which might be fine for trivial queries, low write load and unimportant data. But for anything moderately important or complex, transactions are essential.
They do? Every ORM I've used supports explicit transactions and rollbacks. EF, NHibernate, GORM, SQLAlchemy. What major ORMs deny you this functionality?
It isn't that there is no such thing as "a way to open/close transactions". It is that transactions usually break all the supposed ORM benefits like composability. Often, you cannot even method-chain transactions like foo.search().begin().insert().insert().commit(), you have to do it in multiple lines. Even worse, rollback handling is often an exception, breaking control flow of your application.
And most only support basic transactions, not checkpoints.
There are no tropical forests in the EU. And German forests do only grow by increasing biomass of older trees, new saplings are completely eaten away by deer if not actively protected.
Problem is, Germany is in a central location in Europe. Lots of east-west and north-south transit going through. That transit has to use the autobahn, for various reasons.
One is the EU: forcing them to use railway loading (such as in Switzerland) isn't possible due to the EU demanding free transit. Making transit on the autobahn prohibitively expensive by fees isn't possible, because the EU can and will veto higher fees or special transit fees. Changing status quo in the EU isn't possible, because all Germany's neighbours will veto.
Second is technical: Railways aren't standardized. Track width changes towards the east. Train station platforms and tunnels are different width and height per country, your load will bump into stuff unless you do lowest-common-size (which is smaller than a normal 20ft/40ft container crosssection, so non-viable). Signaling is different in each and every EU country. Rolling stock for goods transport is usually decades old and doesn't support any of the necessary modern safety standards like ECTS that are used on new tracks and cross-border. So you would have to have huge reloading terminals on each railway track and each border. Or you would have to modernize the railway system across Europe. Huge costs and lack of current demand create a chicken-egg-scenario here. Also, reloading creates delays, which the current just-in-time logistics are allergic to.
Third is domestic: There is also non-transit traffic, where origin or destination is somewhere in Germany. Those will still have to use roads, because the country doesn't have a dense-enough railway network. And building a sufficiently dense one would take forever, if at all possible. New construction is usually extremely expensive, delayed or stopped due to environmental/noise/landmark protection reasons (usually NIMBYs successfully abusing those regs). Only possibility is small extensions, such as "make this road/track/... a little wider", because it is already there which makes arguing against it on the aforementioned grounds harder.
So we maybe will debate if railways ever will take off and then just extend the autobahn. Because there is actually no other choice.
I think both groups (climate activists, surveillance-repression fascists) are separate, but the latter welcome the fact that the former gives them an acceptable excuse for more restrictive laws, more control, more surveilance.
