Testing an alternative text under the image. Better than the real 2001 quote?

At some point I think it will only be fair to require --insecure for #curl to do an unauthenticated protocol transfer (unless it is localhost). For clear text http:// etc.

#curl release presentation coming up line in a few minutes on https://www.twitch.tv/curlhacker

#curl 8.16.0 was just released:

daniel.haxx.se

curl 8.16.0

Welcome to one of the more feature-packed curl releases we have had in a while. Exactly eight weeks since we shipped 8.15.0. Release presentation h...

I will live-stream a release presentation at 10:00 CEST on twitch

I think this shows how @npub1thyg...uwec is not necessarily on our side.

Mastodon

The "HTTP1 must die" details are now public: https://portswigger.net/kb/papers/dzmxreq/http1-must-die.pdf (via https://http1mustdie.com/)

My Open Source influencer life style pays off. Framework sent me goodies with a note...

AIfication They managed to make "AI" feel no better than "crypto" when used in a sentence.

If you can trick a user to run a command tool in a way that ends up causing the user problems, that is not a security problem in that tool. Just saying. In case you're thinking of submitting such a report about a command line tool in your toolbox. But surely no sane person would. Right? Right?

On the internet, everyone is an "infosec professional".

What do you think are the primary challenges for Open Source the coming years? Security? CRA? Financing? Maintainer burnout? Recruiting young developers? Adapting to a country-former-ally going nuts? AI slop? AI bot overload? Something else? (I'd like some more food for thoughts for an upcoming talk)

The AI bots that desperately need OSS for code training, are now slowly killing OSS by overloading every site. The curl website is now at 77TB/month, or 8GB every five minutes.

Ars Technica

Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries

AI bots hungry for data are taking down FOSS sites by accident, but humans are fighting back.

#OpenSSL suddenly decided to provide an API for others to do #QUIC with it:

GitHub

Add an API for other QUIC stacks to use our TLS implementation by mattcaswell · Pull Request #26683 · openssl/openssl

We provide some callbacks for third party QUIC stacks to use in order to be able to reuse the OpenSSL TLS implementation in that stack. This is ess...

'To #curl something': to use a non-browser tool to download a file or resource from the Internet

Is there any modern software that actually appreciates or uses SIGPIPE ?

The thing about me being a BDFL for #curl is that it has the D in there. I have the means and ability to push for just about anything I like. I say that I truly try to be a benevolent dictator, but then I presume quite a few dictators would say so. Next week I will tell you all about how I view this dictatorship and how it is not quite like a dictatorship of a country since in our case, everyone could just leave if I misbehave.

Daniel's weekly report May 24, 2024

[Daniel's week] May 24, 2024

#curl talk, 8.8.0, reproducible, ://, graphs, c-ares, survey, bonus, curl work