Most things do, which is good news. I'd be interested to know if there are any projections of how these costs may be reduced. Do you have any references on hand?
4chan is a big place with a long history. It's kind of like 50 different websites and communities under one domain, where there's surprisingly little overlap between them all. I think you'd find that most people who visit the less notorious boards on 4chan are your totally normal geek crowd.
Yep, Prolog is pretty great for that kind of thing. I'm working on a project right now where I'm using Prolog (via tau-prolog) in the browser to determine permissible input options based on the user's existing selections. I'm also using it (via https://github.com/mndrix/golog) to apply those restrictions on the server, and to calculate the pricing for a configuration. In most cases I'm generating Prolog code from a collection of tick boxes, but for complex campaigns I can dig in and write a specific implementation of the required rules. Very flexible.
I would be fiercely interested in any more details around this. I'm sure many of us have seen Scotty from Strange Parts doing his headphone socket project, and the franken-phone built from spare parts, but it sounds like you're suggesting something even more than that.
Oh man, Sikuli (and SikuliX http://sikulix.com/) is amazing. It's the kind of thing where I hate that it has to exist, but I'm so happy that it does exist.
Australian here, but I've worked for NZ companies before.
Especially down in our corner of the world, it's all about who you know. If you've got a few people you've worked with where you can go "hey I'm looking for a new job soon, heard of any openings?", that'll get you wayyyyy better jobs on average than what ends up hitting the public job advertisements.
Speaking from experience, advertising a job publicly is what you do after you've asked everyone you know if they know anyone personally who would work well.
It's interesting you say this, as that's pretty much exactly how Lightsail (Amazon's easy-mode VM thing) works by default. Public IP, ports 22 and 80 open. I'm guessing for a good chunk of users, that default config is all they need.
Tell that to the project I migrated from scrapy to go six months back. Granted, scrapy might be doing other "fun" things to eat into performance, but it was really night and day. Immediately went from CPU bottleneck to network.
Ahhh. That rabbit hole is deep. Buckle up if you're going in because it starts ugly and gets worse.
I've spent quite some time exploring the caverns of XACML (eXtensible Access Control Markup Language), even going so far as writing a limited implementation of it in JavaScript. It's infinitely flexible, extremely capable, horrendously complex, and just about the least fun standard to work with. Sure as heck gets the job done though. Just get yourself used to writing and debugging XML and you'll be fine.
I've also looked in great detail at Amazon's IAM policies. These are significantly simpler, and heavily inspired my current favourite library, ladon [1]. I recently wrote a GraphQL API and I found that GraphQL mutations and field accesses mapped nicely to policies in ladon.
It sounds like your problem is with the infosec industry rather than the infosec community. The community in general would agree with you about the industry being kind of broken, I'd say.
I'm not sure about what's used in all industry applications, but this video explains one implementation of a super-cooling setup: https://www.youtube.com/watch?v=7jT5rbE69ho.
I won't even try to summarise it - I'm sure I'd get it wrong! Fascinating stuff though.