OCI

In short, untreated mental illness

Right. And then they locate it and search the rooms nearby. Exactly what their disclaimer is about

Just FYI, you need very little skill to clone the WiFi access gateway of a hotel WiFi, and then blast their SSID from your router, to lure close guests into your honeypot. Once people are on your malicious gateway, the fun starts.

In a hotel with hundreds of hackers on alcohol, it’s not unlikely for people to fuck around.

There is also no requirement to be a “good guy” to attend the conference.

Telegram is not just IM. Open the search and search for channels. Get creative, they have keyword filters. City name is always a good start. Check the channels with ❄️ and 🍄 emojis. This is where people are scammed for drugs. Maybe sometimes not scams.

A lot happens on Telegram, and it’s right behind that little search icon.

Building houses is probably generally allowed, but not an easy solution.

Someone who migrates to another country, to work there in a regular job, can get a regular apartment. But everyone wants to live where the living conditions are best. You can’t build infinite housing in those locations, and the increased demand drives prices.

Someone who seeks asylum is in an entirely different situation, and housing them is a different challenge. Building a house in a nice place costs 10x what it costs in a remote country region. But now people have nobody to integrate with and less social options.

Any house being built costs money. Building houses for people who are still in search of employment is a bad investment. Nobody wants to build those houses. They want to build the nice houses in the nice places that will gather lots of rent. If you want to have the houses anyway, because maybe the people are already here, you probably have to use taxes for it. Some citizens will never be able to accept that, creating conflict.

Reddit is free. Other people paying for your free service is a very weak argument to bring up. If Lemmy dies today, nobody but hobbyists and amateurs will care. Just like with LE.

I’ve been there. Not every CA is equal. Those kind of CAs were shit. LE is convenient. There are more options though.

I actually agree. For the majority of sites and/or use cases, it probably is sufficient.

Explaining properly why LE is generally problematic, takes considerable depth of information, that I’m just not able to relay easily right now. But consider this:

LE is mostly a convenience. They save an operator $1 per month per certificate. For everyone with hosting costs beyond $1000, this is laughable savings. People who take TLS seriously often have more demands than “padlock in the browser UI”. If a free service decides they no longer want to use OCSP, that’s an annoying disruption that was entirely not worth the $1 https://www.abetterinternet.org/post/replacing-ocsp-with-crls/

LE has no SLA. You have no guarantee to be able to ever renew your certificate again. A risk not anyone should take.

Who is paying for LE? If you’re not paying, how can you rely on the service to exist tomorrow?

It’s not too long ago that people said “only some sites need HTTPS, HTTP is fine for most”. It never was, and people should not build anything relevant on “free” security today either.

People who have actually relevant use cases with the need for a reliable partner would never use LE. It’s a gimmick for hobbyists and people who suck at their job.

If you have never revoked a certificate, you don’t really know what you’re doing. If you have never run into rate-limiting issues with LE that block a rollout, you don’t know what you’re doing.

LE works until it doesn’t, and then it’s like every other free service on the internet: no guarantees If your setup relies on the goodwill of a single entity handing out shit for free, it’s not a robust setup. If you rely on that entity to keep an OCSP responder alive for free so all your consumers can verify the validity of your certificate, that’s not great. And people do this to save their company $1 a month for the real thing? Even running the shitty certbot in compute has a larger cost. People are so blindly in love with this “free” garbage. The fanboys will never die off

the claims in some media that Telegram is some sort of anarchic paradise are absolutely untrue. We take down millions of harmful posts and channels every day,

Gotcha. Millions of harmful posts every day. That really does sound like a great place.

Following along with the style of your own post: YAML doesn’t suck, because I feel so.

Thanks for asking.

Okay. But where’s the cost analysis for me giving them respect? I doubt it is worth a mere 53% performance increase in the common ranks.

Not sure if this works for you, but when I’m in a socially confusing situation, I involve people. If you think someone is talking bad about you, ask them about it. Ask for guidance. If you ask someone for help, they will often remember it positively. It takes courage to ask for help, as it’s a sign of weakness, and people usually respect that you trust them with your request.

Ideally it will turn out to be a misunderstanding, or you get some constructive criticism, or you get a confirmation that people are actually talking bad about you. At least you will have more clarity. If there wasn’t really anything bad going on, now you’re still in a conversation. Even if you say thanks and end the conversation, you’ve broken the ice with that person.

Friends are very much necessary. You need people in your environment, other than your family, to exchange ideas with and talk about things that are on your mind. Don’t try to substitute friends with online relationships. It will never be equal. Finding local people with similar interests online is fine if that helps you to reach out. You can’t force making friends, it’s a waste of time. Start with making one friend. Quality over quantity

I’d be more worried about media than the ability to pirate it.

Music has adapted to generate plays. Platforms are already being polluted with genAI music.

TV was replaced by streaming services. Series come and go and are very specifically tailored to get people to subscribe. Exclusives are the standard. Single season productions are not uncommon. People are also already investigating ways to pollute this pool with genAI as well.

Movies are a stream of Marvel and Disney garbage that was already more CGI than acting. Now genAI and upscaled classics are on the menu.

Piracy will not go away. People used to record movies with camcorders in the cinema, now they pull raw files from CDN nodes. There is always the scene. The platforms that try to profit from the scene come and go.

The only time I came across this subject was when there were malicious commits in a code base. When else would this matter? The commit contains your name and email address. Who cares about time zone? Just as anything in a commit, these metadata can be freely manipulated and serve purely as information for other developers. Who are you scared of seeing your time zone in a commit on a seemingly public code repository? This is such a pointless non-discovery

I can’t answer this with confidence, but I was thinking the link in the email opened in the default browser, which wasn’t Tor in their case. Or something in the email client perhaps. Ultimately, I have no idea what happened and I was just speculating

Depends on the product. It’s just something to think about when signaling errors. There is information for the API client developer, there is information for the client code, and there’s information for the user of the client. Remembering these distinct concerns, and providing distinct solutions, helps. I don’t think there is a single approach that is always correct.

Agreed. There are countermeasures to take against everything I mentioned. You just have to be aware and ideally not be a criminal in the first place.

People who used left-pad deserved everything that happened to them. But, very valid point.

There is no honor system. If your code is open for commercial reuse, that’s it. If you have any expectations that are not in line with that, then yes pick a different license.

I guess I agree with you, I’m just phrasing it from a different perspective.