Now a problem. Here I wrote a rogue webserver: rogue_webserv.py
It can ask a client to log in using digest method: digest.txt
But can also ask for basic method: basic.txt
A typical web browser can try to log in using basic method having no idea that the original web server only supports digest auth. And this can be cracked so easily during wiretapping/eavesdropping.
This is very dangerous if HTTP is only used, without TLS: an attacker can 'downgrade' digest auth to basic and get password easily.
Some time ago (before 24-Mar-2025) there was Disqus JS script for comments. I dropped it --- it was so motley, distracting, animated, with too much ads. I never liked it. Also, comments didn"t appeared correctly (Disqus was buggy). Also, my blog is too chamberlike --- not many people write comments here. So I decided to switch to the model I once had at least in 2020 --- send me your comments by email (don"t forget to include URL to this blog post) and I"ll copy&paste it here manually.
Let"s party like it"s ~1993-1996, in this ultimate, radical and uncompromisingly primitive pre-web1.0-style blog and website.