- 0 Posts
- 36 Comments
I’m from Australia.
Some spiders are absolutely bros.
Others seem to exist only to fuck you up.
Once you know the difference you’re fine, but I don’t blanket assume that every spider I find is a friend.
eclipse@lemmy.worldto News@lemmy.world•Proton Mail says it’s “politically neutral” while praising Republican Party10·5 months agoI strongly recommend Mullvad. Exceptional performance, wireguard support and if you’re really paranoid about anonymity you can literally send them money via post.
eclipse@lemmy.worldto News@lemmy.world•Proton Mail says it’s “politically neutral” while praising Republican Party56·5 months agoEven for the technically literate, running a mail server is an ongoing nightmare. If you think it’s easy, you’re not doing it right.
eclipse@lemmy.worldto News@lemmy.world•Proton Mail says it’s “politically neutral” while praising Republican Party82·5 months agoFrom a UX perspective I disagree. 1password wins at UX hands down but Bitwarden is a very close second and IMO has better privacy guarantees.
Security is useless if it’s too difficult. Despite liking Bitwarden I am a 1Password subscriber and happy with my choice.
eclipse@lemmy.worldto News@lemmy.world•CIA now backs lab leak theory to explain origins of Covid-19141·5 months agoHypothesis
eclipse@lemmy.worldto Programmer Humor@programming.dev•Can somebody solve this puzzle?18·10 months agoYour comment is painful to read.
What excuses are you referring to?
Are you also arguing that if a problem isn’t in your immediate periphery then it doesn’t exist? We are all human beings, living on the same planet.
There’s nothing wrong with feeling a modicum of empathy for those less fortunate by circumstance of geography or socioeconomic influence.
Even more simply:
Government: closes their curtains in the evening.
eclipse@lemmy.worldto News@lemmy.world•FBI says Trump was indeed struck by bullet during assassination attempt3·11 months agoSorry, all you get is images of a maxi pad to indicate enormous damage for what was likely a graze.
An attempt on a former president’s life is a big deal, whether I think he’s a human dumpster fire or not.
However, the way he played this up was and is ridiculous. He didn’t need to prove anything. Someone shot at him and that’s not in doubt. Instead he chose to milk it and I personally find that ludicrous given the circumstances.
eclipse@lemmy.worldto Asklemmy@lemmy.ml•What makes gel capsules so expensive in comparison to other pills?7·1 year agoThey’re not more effective. They might assist with speed of absorption but that’s it.
eclipse@lemmy.worldto Asklemmy@lemmy.ml•What is the worst IT setup you have seen at a company?2·1 year agoNever trust the network in any circumstance. If you start from that basis then life becomes easier.
Google has a good approach to this: https://cloud.google.com/beyondcorp
EDIT:
I’d like to add a tangential rant about companies still using shit like IP AllowLists and VPNs. They’re just implementing eggshell security.
eclipse@lemmy.worldto Asklemmy@lemmy.ml•What is the worst IT setup you have seen at a company?5·1 year agoI actually disagree. I only know a little of Crowdstrike internals but they’re a company that is trying to do the whole DevOps/agile bullshit the right way. Unfortunately they’ve undermined the practice for the rest of us working for dinosaurs trying to catch up.
Crowdstrike’s problem wasn’t a quality escape; that’ll always happen eventually. Their problem was with their rollout processes.
There shouldn’t have been a circumstance where the same code got delivered worldwide in the course of a day. If you were sane you’d canary it at first and exponentially increase rollout from thereon. Any initial error should have meant a halt in further deployments.
Canary isn’t the only way to solve it, by the way. Just an easy fix in this case.
Unfortunately what is likely to happen is that they’ll find the poor engineer that made the commit that led to this and fire them as a scapegoat, instead of inspecting the culture and processes that allowed it to happen and fixing those.
People fuck up and make mistakes. If you don’t expect that in your business you’re doing it wrong. This is not to say you shouldn’t trust people; if they work at your company you should assume they are competent and have good intent. The guard rails are there to prevent mistakes, not bad/incompetent actors. It just so happens they often catch the latter.
eclipse@lemmy.worldto Programmer Humor@lemmy.ml•Basically the extent of my IPv6 knowledge1·1 year agoHonestly, these days I have no idea. When I said “wouldn’t recommend” that wasn’t an assertion to avoid; just a lack of opinion. Most of my recent experience is with Cloud vendors wherein the problem domain is quite different.
I’ve had experience with most of the big vendors and they’ve all had quirks etc. that you just have to deal with. Fundamentally it’ll come down to a combination of price, support requirements, and internal competence with the kit. (Don’t undermine the last item; it’s far better if you can fix problems yourself.)
Personally I’d actually argue that most corporates could get by with a GNU/Linux VM (or two) for most of their routing and firewalling and it would absolutely be good enough; functionally you can do the same and more. That’s not to say dedicated machines for the task aren’t valuable but I’d say it’s the exception rather than rule that you need ASICs and the like.
eclipse@lemmy.worldto Programmer Humor@lemmy.ml•Basically the extent of my IPv6 knowledge8·1 year agoI agree. GeoIP was never a good idea, but here we are. Any ASN could be broken up and routed wherever (and changed) but it’s still far too prevalent.
eclipse@lemmy.worldto Programmer Humor@lemmy.ml•Basically the extent of my IPv6 knowledge2·1 year agoI might be misunderstanding. It’s definitely possible to have as many IPv4 aliases on an interface as you want with whatever routing preferences you want. Can you clarify?
I agree with your stance on deployment.
eclipse@lemmy.worldto Programmer Humor@lemmy.ml•Basically the extent of my IPv6 knowledge121·1 year agoGiven how large the address space is, it’s super easy to segregate out your networks to the nth degree and apply proper firewall rules.
There’s no reason your clients can’t have public, world routeable IPs as well as security.
Security via obfuscation isn’t security. It’s a crutch.
eclipse@lemmy.worldto Programmer Humor@lemmy.ml•Basically the extent of my IPv6 knowledge8·1 year agoThis article is biased to selling you more F5 equipment but is a reasonable summary:
https://www.f5.com/resources/white-papers/the-myth-of-network-address-translation-as-security
Long story short is that NAT is eggshell security and you should be relying on actual firewall rules (I wouldn’t recommend F5) instead of the implicit but not very good protections of NAT.
It is what?
I’m dying here with anticipation.