HackerTrans
TopNewTrendsCommentsPastAskShowJobs

switknee

no profile record

comments

switknee
·6 เดือนที่ผ่านมา·discuss
Fiber is the cause of many of intestinal issues, making constipation and crohn's disease worse.

Red meat also helps people stay at a healthy weight, lower the risk of heart disease (caused by glucose) and some types of cancer (which feed on glucose). What do fiber and red meat have in common? They are not sugar. You could replace fiber with other indigestible material such as sand, the effect would not be much different.
switknee
·7 เดือนที่ผ่านมา·discuss
There never will be a 1 for 1 replacement because the two systems have different approaches. Why would you want a direct replacement when you could have something better?

GPOs are a windows thing and don't apply to other systems. The generic equivalent is configuration management, for which there are many solutions. Linux updates are much easier than windows updates, and many linux systems now use immutable and atomic updates by default, which further reduces risk.

For directory, openLDAP just does LDAP. DNS is done with Kea or Unbound.

Fundamentally the issue is a lack of familiarity. The only way to become familiar with a system is... to use it.
switknee
·7 เดือนที่ผ่านมา·discuss
Chrootkit is the sort of thing you run on your affected drive from a system you believe isn't affected.

EDR is pretty much just logging and remote access. The rest is fluff. Yes, you need a "host agent" for operational and regulatory reasons, but there's more flexibility than you think in what you can deploy for that. And none of the vendors use the best technical solution.

It's true the desktop security model sucks, but there's progress in improving it. Wayland, containerization, immutability.
switknee
·7 เดือนที่ผ่านมา·discuss
Flicking that switch would be pretty much a one time deal. Not likely.

What would happen instead, and has happened in the past, is Microsoft (or juniper, etc) leaving a remote vulnerability unpatched while certain groups use that exploit. It's much more deniable. So deniable, that it's impossible to say for certain that it was intentional.

It's more practical to audit FOSS systems for bugs than a Microsoft solution, and the tools for doing so are open source and getting even better every day. Like you said, sharing the burden helps with cost: It also helps with the trust issue. Going one step further, formally verified software solutions are possible (and exist!). Good luck getting that from Microsoft, they ship a calculator that needs updates and internet access to run.
switknee
·8 เดือนที่ผ่านมา·discuss
What would make it illegal to do this? Generally anything which hasn't been invented yet is legal, it's rare (but not impossible) for something to be banned before it exists.
switknee
·8 เดือนที่ผ่านมา·discuss
Yup, if it works in your testing, why bother changing it?
switknee
·8 เดือนที่ผ่านมา·discuss
Part of the issue with merit pay is if it's tied to simple metrics like grades, those metrics will get inflated without raising the things those metrics were meant to measure.
switknee
·8 เดือนที่ผ่านมา·discuss
Isn't a conspiracist someone who colludes with others to commit a crime, often in secret?
switknee
·8 เดือนที่ผ่านมา·discuss
Snowpiercer was pretty good.
switknee
·8 เดือนที่ผ่านมา·discuss
Am I the only one who read this and thought, "doesn't everyone self host a NAT gateway?"

Mine's in the living room, it says TP Link.

More seriously, NAT is fun and all but it can introduce unexpected behaviors that wouldn't exist in a firewall that doesn't do translation. Less is more.
switknee
·9 เดือนที่ผ่านมา·discuss
What's impractical about everyone having a domain name? It surely isn't due to lack of domain names, because foo.bar.baz.bim.bim.bap.com is a valid domain name.

It is true that full data sovereignty isn't something most people are interested in, but this is more about a cooperative model for data ownership and access. Having your data identifier be [email protected] isn't particularly different from it being jackdaniels.is.technically.bourbon.com. In both cases another organization owns some of the path to your identifier and could potentially lock you out of it. In both cases, verizon is near the top of that list (.com).

As far as the domain name system being centralized, I'm not sure I agree. DNS is like a feudal system with hundreds of kings (top level domains) who all work together with one pope (ICANN), and various lords and ladies occupying positions under those kings. If ICANN goes completely bonkers the kings can get a new pope, some of them are literally sovereign because they are nation states. Just for fun, some of those states are ruled by literal kings, too. There are experiments to run a TLD by Decentralized Autonomous Organization (DAO), but I think for the most part nobody really cares because the current system happens to work pretty OK. If you have an idea for a more decentralized way to organize a namespace that doesn't involve your grandmother typing in a massive UUID or onion address, and doesn't result in someone being able to domain squat literally everything; I would love to hear about it.
switknee
·9 เดือนที่ผ่านมา·discuss
Do you seriously believe that hasn't been genericized? Computer people talk about SSH all the time and usually mean openSSH. When they're not talking about openSSH the next most likely is dropbear on embedded hardware. Nobody ever talks about SSH Communications Security except in the context of the trademark registered in the previous century. It's cool that they were the first to develop the protocol, but they're not relevant today and have no right to harass newer projects that people actually use.
switknee
·11 เดือนที่ผ่านมา·discuss
If the VM has:

-Access to your private data

-Exposure to untrusted content

-The ability to externally communicate

Then it's not "locked down"

Depending on your security requirements you should have only one or two of those capabilities per VM