Even if you can't authenticate at the application level, it's still much better to encrypt/authenticate traffic on the wire (using a VPN or something like Tailscale) instead of 802.1x auth.
Probably 802.1x, but it's easy to bypass if you have access to an authorized device. This kind of authentication has to be done at the application level, treating the network as a perimeter doesn't work.
The company also should have restricted network access to the port in the conference room so that an unknown device like a Raspberry Pi could not make an Ethernet connection from that spot
Bad take - the actual problem is that there was a trusted network in the first place. This kind of network access control is trivial to bypass, and trusted devices can get compromised.
This. It's easy to forget that Postgres is fundamentally a single-node database without distributed transactions. It won't pass the Jepsen test suite with multiple nodes. DBOS, Temporal and friends inherit this limitation.
Something like Restate actually implements distributed transactions.
Don't worry, they accept PRs on that repo. They just merge them internally and then re-export them.
There are some variations, but this is generally the same with all open source projects which live in their internal monorepo, such as gVisor or Bazel.
> How do you know the clanker respects the instruction not to search the internet?
You can't, but given that it's a previously unsolved problem, it doesn't seem relevant? (nor are the author's potential biases - the claims are easily verified independently)
Fun fact: In Germany, the civil courts will usually take the case anyways if it has merit, but the winner ends up paying for the whole lawsuit if they failed to make an effort to resolve the case before suing.