Well, at least the people behind Commodore are passionate (in fact they acquired the trademark just four months ago…) and the distribution can be downloaded free of charge. They mostly sell merch, but they also have the Commodore 64 Ultimate which is basically a C64 implemented via FPGA. Their distribution also comes with its own BASIC.

I have no connection to the C64, but this seems a lot more friendly than a lot of other companies that just try to cash in on Nostalgia.

I was just at it-sa where Synology had a booth and they put the news that certified drives are no longer required on a screen next to certified drives. I was somewhat surprised this requirement ever existed. I guess that happens when you think you’re more important than you actually are.

God I hope they go bankrupt from this stupid greed. Certified drives for an expensive consumer grade stack. When I wanted a NAS and liked at their options, I always found them to be either overpriced or functionally lacking compared to an old PC of mine. Finally switched to an Odroid H4 Plus in the end. Not paying premium for a fancy case where the manufacturer decides which drives you can put into…

Besides. Taiwan is an open supporter of israel. Which now that I say it out loud sounds exactly lile the “Iran threats” said as the reason both Israel and the US bombed Iran.

Without having looked into it, I’m pretty sure Taiwan supports whomever the US supports.

How do you schedule meetings for dates in the past?

Oh, this looks really interesting. You only need dedicated CPU cores, but the rest of the hardware can be shared? Better performance than VMs, including Xen? Still some security benefits due to the isolation between kernels? “zero-down kernel update”?

This reads phenomenal, even though I understand it’s just RFC at this point. Let’s see what comes out of it…

Fortunately, it was the imaginary half, dislocated from the real one

Every other doctor agreed

The difference is that tourists are not a somehow disadvantaged group. My livelihood isn’t endangered because I can’t go to a tourist spot in Spain somewhere without being heckled (though, when I actually was in Spain, everyone was nice, but Madrid isn’t that much of a tourist spot compared to others).

Also, in some cases, it isn’t “the rich” – I too love to point out the issues they cause – but sometimes, it’s just ordinary people hoping to make a quick buck buying up property to rent it out on AirBNB. Yes, it’s also rich foreigners getting property everywhere for themselves, which is a problem. But “the rich” don’t bother with AirBNB, they just build hotels, and these normally don’t compete with normal housing.

Raceism, specifically centering around skin colour and related features, is actually pretty recent and pretty Western.

If I may take a guess, it’s also because up until historically recently, larger groups of ethnicities didn’t know that other such groups existed. To be racist, you need to be aware of people you’d clarify as another race

It’s not like homophobia (or, say, racism) is unique to western civilizations.

It’s funny how the bigots insist that only what your birth certificates states is relevant for anything except for when they don’t like what it says.

Client data absolutely is encrypted in TLS. You might be thinking of a few fields sent in the clear, like SNI, but generally, it’s all encrypted.

I never said it isn’t, but it’s done using symmetric crypto, not public key (asymmetric) crypto.

Asymmetric crypto is used to encrypt a symmetric key, which is used for encrypting everything else (for the performance reasons you mentioned).

Not anymore, this was only true for RSA key exchange, which was deprecated in TLS 1.2 (“Clients MUST NOT offer and servers MUST NOT select RSA cipher suites”). All current suites use ephemeral Diffie-Hellman over elliptic curves for key agreement (also called key exchange, but I find the term somewhat misleading).

As long as that key was transferred securely and uses a good mode like CBC, an attacker ain’t messing with what’s in there.

First, CBC isn’t a good mode for multiple reasons, one being performance on the encrypting side, but the other one being the exact reason you’re taking about: it is in fact malleable and as such insecure without authentication (though you can use a CMAC, as long as you use a different key). See https://pdf-insecurity.org/encryption/cbc-malleability.html for one example where this exact property is exploited (“Any document format using CBC for encryption is potentially vulnerable to CBC gadgets if a known plaintext is a given, and no integrity protection is applied to the ciphertext.”)

As I wrote in my comment, I was a bit pedantic, because what was stated was that encryption protects the authenticity, and I explained that, while TLS protects all aspects of data security, it’s encryption doesn’t cover the authenticity.

Anyhow, the point is rather moot because I’m pretty sure they won’t get a certificate for the IP anyways.

Public key crypto, properly implemented, does prevent MITM attacks.

It does, but modern public key crypto doesn’t encrypt any client data (RSA key exchange was the only one to my knowledge). It also only verifies the certificates, and the topic was about payload data (i.e. the site you want to view), which asymmetric crypto doesn’t deal with for performance reasons.

My post was not about “does TLS prevent undetected data manipulation” (it does), but rather if it’s the encryption that is responsible for it (it’s not unless you put AES-GCM into that umbrella term).

Right, and for the challenge, you need to have access to a privileged port (which usually implies ownership), which you won’t get assigned.

Let’s Encrypt are rolling out IP-based certs, you may wanna follow its development. I’m not sure if it could be used for your forwarded VPN port, but it’d be nice anyhow

It shouldn’t be because you’re not actually the owner of the IP address. If any user could get a cert, they could impersonate any other.

I believe encryption helps prevent tampering the data between the server and user too. It should prevent for example, someone MITM the connection and injecting malicious content that tells the user to download malware

No, encryption only protects the confidentiality of data. You need message authentication codes or authenticated encryption to make sure the message hasn’t been transported tampered with. Especially stream ciphers like ChaCha (but also AES in counter mode) are susceptible to malleability attacks, which are super simple yet very dangerous.

Edit: this post is a bit pedantic because any scheme that is relevant for LE certificates covers authenticity protection. But it’s not the encryption part of those schemes that is responsible.

I’m all for alternatives, regardless of whether I’m gonna use them, but in my opinion, one of systemd’s big advantages is that you’re not relying on scripts for service management; scripts mix configuration with logic and this was a big reason why a lot of distributions switched to systemd in the first place. The init scripts (that they had to write themselves) were sometimes getting very large and complex in order to cover interdependencies (both to other services, but also to eventual mountpoints) and ordering.

Now, please don’t see this as a general criticism of this init system, firstly I’m not an expert on the subject, second I don’t believe there is the one and true design that covers all cases. My criticism is more towards the reporting about this when comparing to systemd.

There are comparisons that state that this isn’t the monolith systemd is. From the author’s own blog in comparison to runit:

nitro favors a monolithic approach, and keeps everything in a single process. This makes it also easier to install for containerization.

So if you’re really into that “do one thing and do it well” mantra, use something different. Note: personally, I think use what does the job best, and if you think nitro does a particular job better than systemd, go for it. I’d guess that it could be particularly suited better for the last three bullet points in the OP compared to systemd, but that would need to be tested in practice.

Anyhow, if you hate systemd or another piece of free software, go touch grass.

Duh

I really don’t care about people not being sober as long as they can function correctly.

Regardless of the rest you wrote that I disagree with, she crashed her car on the way to the flight that she was removed from, blaming the steering. Not sure how that would qualify as “function correctly”

A lot of people have no idea about aviation safety, it shows in these kind of threads. I worked in aviation for about 5 years, so I at least have an idea, though I’m far from an expert (about a year as a technical officer in the German Air Force, more of a management role but you still get the basic safety courses like Maintenance Resource Management training, four years of procurement for a maintenance IT system), and how some people approach the subject stumps me. Flying isn’t the safest mean of travel because of its nature, but rather because of rigid rules at every step of the process that are enforced by supervisors and inspectors.

Literally heard this phrase Sunday: Accidents don’t happen – they’re caused.

I’m not worried. I don’t live my life around freak accidents. This really doesn’t need to be national news ruining her life if there wasn’t a crash before hand, that’s the real issue.

I mean she literally crashed her car on the way to the flight she was finally removed from? I agree it’s weird that this makes the news, but it’s probably because the case is so odd…

Expecting a shit wage employee to act better than cops (let’s set that bar real low) in a dangerous event is silly.

It’s shameful that Virgin pays so little. But then again it doesn’t excuse going on the job drunk. Don’t take the job, go on strike for better conditions, all fine by me. But don’t show up drunk to your job where you operate safety equipment. Too much to ask? Also I do expect cops not to be drunk