Goodbye, Flash.

On the 25th January 2017, Adobe announced the end of Flash Player (and I blogged about it). A few days ago, it all officially ended. Although with everything else going on right now you might not have noticed it, but a crucial piece of the web's history has been shutdown.

For those not in the know, before web browsers were as capable as they are today (before we had the HTML5 Canvas and all the other modern apis), Adobe put together a browser plugin called Flash Player.

This plugin - at the time - revolutionised the way content was displayed in your browser. Far from static pages containing animated GIFs or a little bit of Javascript to add the odd effect, Flash allowed developers to deliver interactive content in a way that wasn't possible before - and all you had to do was install a simple browser plugin.

I'm quite sure that sites like Newgrounds, Orisinal, and Nitrome wouldn't have existed if it weren't for Flash.

It was recognised that an update to the HTML 4.01 standard (and associated standards, such as CSS and Javascript) were clearly needed. Fast forward a few years, and HTML5 was born (it was about this time that my programming journey started, and although I played with the Flex SDK and ActionScript 3 - the language flash player content was written in, I ultimately decided to learn Javascript instead).

With it, came all sorts of Javascript APIs such as WebGL and the HTML5 Canvas - and the beginning of the end for Flash. Suddenly, Flash didn't seem necessary any more - since browsers had become capable enough to do what flash does on their own, and libraries such as three.js and game engines such as Phaser were invented to take advantage of these new capabilities.

Naturally, Flash's demise was sure to follow. I agree that turning Flash off is the best thing to do. At the same time though I can't help but feel that there should have been more fanfare about it, and the legacy that Flash is leaving behind.

Thankfully, due to the amazing efforts of BlueMaxima's Flashpoint, over 70 thousand games have been preserved for all to see and play well into the future.

Goodbye, Flash. I'll miss you - you were the first chapter in a much longer tale.

Using Cloudflare for DNS is awesome

Finally, a decent DNS provider! You might not have noticed, but I switched starbeamrainbowlabs.com to Cloudflare DNS the other month. I meant to blog about it at the time, but forgot - so I'm doing it now :P

This comes in a succession of various DNS providers such as GoDaddy and Uniregistry who, while nice enough, didn't really provide what I'm after.

The transfer process itself was really rather simple - much moreso than the transfer I did from GoDaddy to Uniregistry.

GoDaddy is way too expensive after the first year, and doesn't allow you to create many different DNS record types - instead preferring to roll them into various 'premium' products which I have neither the money nor the inclination to purchase. After all, you're only paying for a string of characters to be globally unique, and hosting for a small text file containing your DNS records!

Uniregistry is better, but they still don't support record types such as CAA, which let you whitelist who's allowed to issue SSL certificates for your domain.

Cloudflare, however, support all the record types. Even ones I've never heard of. It's so cool! They provide the service at cost-price (which means it's much cheaper than either Uniregistry and certainly GoDaddy), and they provide privacy as standard - at no extra cost! No individual should have to pay to hide their full name and address (I'm looking at you, GoDaddy).

You do have to be careful to set it to avoid proxying requests through Cloudflare for each DNS record you add, but this isn't a huge deal. Cloudflare's main business is improving the performance of your website by optimising it and serving it through their global network, after all - so I don't think I can fault them for setting it as the default :P

It's also slightly awkward that you can't actually buy domains through Cloudflare. You have to buy them elsewhere and transfer them in, which is a huge pain. I guess that if they let you buy domains directly, the rest of the domain-name trading business would collapse? Thoughtful of them I suppose, but considering that you can pay literally thousands of pounds for some domain names it does begin to make me wonder......

Anyway, I haven't yet moved starbeamrainbowlabs.co.uk over because Cloudflare don't support .co.uk domains yet, but if I haven't by the time this blog post comes out I'll be setting the name servers to Cloudflare at least very soon (top tip! You can set the name servers for a domain that you own to another provider like Cloudflare, even if you've got your domain registered with another company like Uniregistry).

Found this interesting? Transferring your domain name over? Got another cool provider? Comment below!

Responding to "the Internet is disintegrating"

The following post is my opinion on an article I've recently read and the issues it raises.

This isn't really my typical sort of post, but after I read this article on BBC Future recently I felt I had to post to set a few things straight.

The article talks about how authoritarian governments are increasingly controlling Internet traffic that's flowing through their countries. This part is true - China has their "great firewall", and several countries have controversial "off-switches" that they occasionally flip.

Internet protocols specify how all information must be addressed by your computer, in order to be transmitted and routed across the global wires; it’s a bit like how a Windows machine knows it can’t boot up an Apple operating system.

This is where it starts to derail. While Internet protocols such as HTTP and DNS do specify how different machines should talk to each other, it bears no resemblance to how a computer boots into it's operating system. In fact, it's perfectly possible to boot into macOS on a PC running Windows. It's important to distinguish between the hardware and the software running on it.

It also talks about "digital decider countries" being "scared" of an "open Internet".

“Nations like Zimbabwe and Djibouti, and Uganda, they don’t want to join an internet that’s just a gateway for Google and Facebook” to colonise their digital spaces, she says. Neither do these countries want to welcome this “openness” offered by the Western internet only to see their governments undermined by espionage.

Again, with this theme of not distinguishing between the hardware or network, and the software that's running on it.

An open Internet is not a space in which the likes of Facebook and Google hold total control. An open Internet is one in which people like you and me have choice. Choice of social network. Choice of email provider. Choice of news outlet.

An open Internet is defined by the choices we, as consumers, make. If everyone decides to use Facebook, then the Internet will then be subsequently dominated by Facebook. However, decentralised options do exist (also this) - and are increasing in popularity. Under a decentralised system, no 1 company has control over everyone's data, how it's processed, and who sees what.

While the obvious solution here is to simply 'block' misinformation and illegal content, it's not an easy one to implement, and it certainly comes with serious moral and ethical implications. How do we decide what is 'illegal' and what is 'legal'? How do we tell if a news article is 'real', or 'fake'? With over 10 million requests / second to CloudFlare alone, that's certainly far too much data flying around the Internet to handle manually.

Let's say we built an AI to detect what was legitimate, or implemented a set of rules (say, like a blacklist). What about satire? How do you decide out of the 1.3 billion web servers (not to mention that a single web server is likely to host several websites) which is legitimate, without potentially damaging vital competition to bigger businesses?

No algorithm is going to ever be 100% accurate. With this in mind, utilising such an algorithm would carry the terrible cost of limiting freedom of speech and communication. How can a government, which to my understanding is there to serve and represent the people, in good faith control and limit the freedom of expression of the people it is supposed to represent? There's a huge scope for abuse here, as has been clearly demonstrated by multiple countries around the world.

If blocking doesn't work, then how can we deal with misinformation online? Well, Mozilla seems to have some ideas. The solution is a collective effort: Everything from cross-verification of facts to linking to sources. When writing an article, it's imperative to link to appropriate sources to back up what you're saying. Cross-checking something you read in 1 article with another on a different website helps to ensure you have more sides of the story.

Although governments may claim that internet sovereignty protects its citizens from malware, many fear losing the freedom of the "open internet"

Malware is indeed another serious problem. Again the solution here is not "blocking" content, as malware authors will always find another way (also exhibits b, and c) to deliver their payload.

Again, the solution is in the hands of the people. Keeping systems up-to-date and making use of good password practices all help. Ensuring that device, networks, and software are all secure-by-design is great too (the website I was reading the article on doesn't even implement HTTPS correctly).

The article feels very one-sided. It makes no mention of the other alternative ways I've touched on above, or those tackling the challenges the article talks about in ways that don't harm freedom of expression. In fact, I'd say that it's more of an opinion piece (much like this post), but since it doesn't mention that it is as such, I feel it's rather deceptive.

...one thing is clear – the open internet that its early creators dreamed of is already gone.

Indeed, the early vision of the Internet has changed drastically as it's grown. However, your personal data belongs to you, so you've got the power to choose who processes it.

Sources and Further Reading

• The article in question
• Password Protect: Secure? by me
• This thumbdrive hacks computers. “BadUSB” exploit makes devices turn “evil” by Ars Technica
• Massive US-planned cyberattack against Iran went well beyond Stuxnet by Ars Technica
• German nuclear plant’s fuel rod system swarming with old malware by Ars Technica
• Fighting back against misinformation by the Mozilla Foundation
• The Onion a news outlet that publishes satirical articles that while amusing aren't true
• How we scaled nginx and saved the world 54 years every day by CloudFlare
• What is the Open Internet? by Techopedia
• Hackintosh Instructions, Tutorials, Compatible Systems, & More

Goodbye, Flash?

You're probably already aware that Adobe announced that they are ending support for flash at the end of 2020. You're browser has probably already disabled the plugin by default. This is good news for the web as a whole, but what about everything left behind?

What if I said that at the end of 2020 we'll lose an entire chapter of the Internet's history? I'm talking about the masses of content on the internet that's powered by flash. While the Internet Archive probably has a considerable portion of ti archived already, that's only the beginning of the issues at hand.

For example, much of the flash content of yore had what's called a site lock, which prevents it from working on any site other than specifically-approved domains. This was very useful in prevent thieves from taking off with valuable content, setting up a competing website, and earning tons of ad revenue from it, but it's a hindrance to archiving efforts.

The other problem at hand is that if Adobe end support for flash, it isn't going to stick around in our browsers for long after that - so we'll lose the ability to run all this flash content that makes up such a huge part of the Internet's history.

A scary thought, to be sure! Thankfully, all is not lost! Dedicated volunteers have set up a project called Flashpoint, which serves to not only archive all this content, but build a series fo programs that will allow people for generations to come to run said content - through the use of clever hacks such as an intelligent local proxy, and tools such as the standalone projector version of flash, Pale Moon, and other such software.

If you're interested in checking it out, I suggest heading over to Flashpoint's website and downloading the Infinity version - this downloads the content you wish to run dynamically - instead of all at once (totalling ~34GiB O.o). There's even a master list (also here) listing everything archived so far.

Mobile Network Types

At the moment I am rather busy with my coursework, but I still have some time to make a quick post.

This is just a small post to tell you about a quick reference I put together in 5 minutes. It tells you what the different types of mobile network are (like HPSA and EDGE) and how fast they should be.

Link: Mobile Network Types

I have also been looking at Windows 10 in a virtual machine, so I will have a (long!) post coming out soon all about my thoughts and suggestions.

Jabber & XMPP: A Lost Protocol

Welcome to a special tutorial post here at starbeamrainbowlabs.com. In this post, we will be exploring an instant messaging protocol known as XMPP.

Today, you will probably use something like Skype, Gmail, or possibly FaceTime to stay in touch with your friends and family. If you were to rewind to roughly the year 2000, however, you would find that none of the above existed yet. Instead, there was something called XMPP. Originally called Jabber, XMPP is an open decentralised communications protocol (that Gmail's instant messaging service uses behind the scenes!) that allows you to stay in touch with people over the internet.

Identifying Users

There are several programs and apps that have XMPP support built in, but first let's take a look how it works. As I mentioned above, XMPP is decentralised. This means that there is no central point at which you can get an account - in fact you can create your very XMPP server right now! I will go into the details of that in a future post. Having multiple servers also raises the question of identification. How do you identify all these XMPP users at hundreds, possibly thousands of server across the globe?

Thankfully, the answer is really quite simple: We use something called a Jabber ID (JID), which looks rather like an email address, for example: [email protected]. Just like an email address, the user name comes before the @ sign, and the server name comes after the @ sign.

Connecting People

Now that we know how you identify an XMPP user, we can look at how users connect and talk to each other, even if they have accounts at different servers. Connecting users is accomplished by 2 types of connections: client to server (c2s) and server to server (s2s) connections, which are usually carried out on ports 5222 and 5269 respectively. The client to server connections connect a user to their server that they registered with originally, and the server to server connections connect the user's server to the server that hosts the account to the other user that they want to talk to. In this way an XMPP user may start a conversation with any other XMPP user at any other server!

Here's an example. Bob is the owner of a company called Bob's Rockets and has the XMPP account [email protected]. He wants to talk to Bill, who owns the prestigious company Bill's Boosters who has the JID [email protected]. Bob will log into his XMPP account at bobsrockets.com over port 5222 (unless he is behind a firewall, but we will cover that later). Bill will log into his account at billsboosters.com over the same port. When Bob starts a chat with Bill, the server at bobsrockets.com will automagically establish a new server to server connection with billsboosters.com in order to exchange messages.

Note: When starting a conversation with another user that you haven't talked to before, XMPP requires that both parties give permission to talk to one another. Depending on your client, you may see a box or notification appear somewhere, which you have to accept.

Get your own!

Now that we have taken a look at how it works, you probably want your own account. Getting one is simple: Just go to a site like jabber.org and sign up. If you stick around for the second post in this series though I will be showing you how to set up your very own XMPP server (with encryption).

As for a program or app you can use on your computer and / or your phone, I recommend Pidgin for computers and Xabber for Android phones.

Next time, I will be showing you how to set up your own XMPP server using Prosody. I will also be showing you a few of the add-ons you can plug in to add support for things like multi-user chatrooms (optionally with passwords), file transfer proxies, firewall-busting BOSH proxies, and more!

IP version tester

You may have heard already - we have run out of IPv4 addresses. An IPv4 address is 32 bits long and looks like this: 37.187.192.179. If you count up all the possible combinations (considering each section may be between 0 and 255), missing out the addresses reserved for special purposes, you get about 3,706,452,992 addresses.

The new system that the world is currently moving to (very slowly mind you) is called IPv6 and is 128 bits long. They look like this: 2001:41d0:52:a00::68e. This gives us a virtually unlimited supply of addresses so we should never run out.

The problem is that the world is moving far too slowly over to it and you can never be sure if you have IPv6 connectivity or not. I built a quick IP version tester to solve this problem. I know there are others out there, but I wanted to build one myself :)

You can find it here: Ip Version Tester.

TraceRoutePlus

Hello!

Today I have for you a traceroute tool that I have built. I made it mainly for educational purposes, since I wanted to test the code behind it ready for something slightly more complicated.

Here is an example:

C:\>tracerouteplus github.com
Traceroute Plus
---------------
By Starbeamrainbowlabs <https://starbeamrainbowlabs.com>

=== github.com ===
 1: xxx.xxx.xxx.xxx 1ms
 2: xxx.xxx.xxx.xxx 33ms
 3: xxx.xxx.xxx.xxx 36ms
 4: xxx.xxx.xxx.xxx 54ms
 5: 4.69.149.18     119ms
 6: 4.53.116.102    115ms
 7: 192.30.252.207  118ms
 8: 192.30.252.130   118ms
=== github.com end ===

You can download the latest version of the tool from my repository. Instructions can be found in the download section of the README.

The code is up on GitLab, and pull requests are welcome :)

Edit: Moved to GitLab from GitHub.

Protecting your Privacy Online: Reviewing which Advertisers Track your Interests

This is a different kind of post about privacy on the web.

Protecting your privacy whilst browsing online is important. Most if not all advertisers will track you and the websites you visit to try and work out what you are interested in - The amount of information that advertising networks can accumulate is astonishing! I currently have an AdBlocker installed with a tracking prevention list enabled, but that isn't always enough to stop all the advertising networks from tracking you all the time.

Recently I have come across a website called youronlinechoices.com - a website for people in the EU that allows you to review and control which out of 96(!) advertising networks are currently tracking you and your interests. I found that about two dozen advertisers were tracking me and was able to stop them.

The Internet needs adverts in order for it to stay free for all (disable your adblocker on the sites you want to support), but one also needs to prevent ones personal information from falling into the wrong hands.