Who among us does not have an etherkiller stashed away in an opaque bag in a cardboard box marked Do Not Use!!! in black marker, behind a box of blue satin rollover RJ45-DB9 cables?
=> More informations about this toot | View the thread
Advanced Security Poll
Password managers: do you use them?
=> More informations about this toot | View the thread
Security poll:
Do you know all your email passwords?
(That is, for each email account that you have, for home or work or whatever, do you remember the password? Just accounts that include email. Do NOT tell us your password.)
Please boost.
People who use password managers or Yubikeys or whatever, there's a different poll for you -- just answer Yes here.
=> More informations about this toot | View the thread
Issue one. Outsourcing your identity/authentication/authorization.
(That's your usernames and passwords, at a minimum.) It should be intuitively obvious to the most casual observer that the most fundamental aspect of data control, much less security, is the entity which is trusted to say "yes, that's Jane and she has the ability to change things here".
Yet organizations routinely give this power to others, usually paying them for the privilege of having someone else handle it. My mind boggles.
Issue two: running containers of software by getting the latest version of an image from an external repository.
If you are pulling code from an external source, it has either changed or it has not. If it has not changed, you would be better off with a local repository -- it will be faster, and you will know that it has not changed.
If it has changed, you need to detect that and test it before it goes anywhere. "Production" is not where you test new code, assuming you have any sanity or self-respect.
The only time you should be pulling code from the ourside is to put it into your local repository for testing well in advance of deployment. Code or config changing out from underneath you is a nightmare. It appears to be standard procedure for many organizations.
Exactly the same goes for VM images, flatpaks, appimages, language modules, libraries, and package updates.
Exactly the same goes for code and config that your organization is developing: the tested version that your deploy to production must be separate from the versions that you are currently developing, assuming you have any sanity and self-respect.
These are not hard concepts. They are also not particularly hard to do, assuming you have enough storage space. So make sure you have enough storage space.
/rant
=> More informations about this toot | View the thread
https://www.jwz.org/blog/2025/01/i-prefer-to-meet-people-where-they-are-says-reasonable-sounding-white-dude-holding-court-at-a-table-in-the-back-of-a-nazi-bar-redux/
=> More informations about this toot | View the thread
What can compare to the feeling of seeing an Oracle patch alert email and knowing that there hasn't been an Oracle product on your network in three years?
Well, there's Microsoft Patch Tuesday happening to other people, because there aren't any Microsoft products, either. That's pretty satisfying, in the way of schadenfreude.
=> More informations about this toot | View the thread
Phone: Ring! Ring!
Me: $WORK, this is $ME.
Phone: blip pause This is Victor with $SOMETHING_FAKE, how are you today sir?
Me: Hi, "Victor", what's your real name?
Phone: ... My nem is Victor Wilsin, what's your fucking name?
Me: Your cold-call system doesn't tell you who you called? That's not very useful.
Phone: silence click
=> More informations about this toot | View the thread
Nothing says that biology has to be pleasant, and it frequently isn't.
But my thoughts on cyborg body replacements have come around to "needs more testing and an actual maintenance plan, thanks".
=> More informations about this toot | View the thread
Authors! If your eldritch horror attaches itself to a willing host and they go off adventuring together, in such a way that the horror eats creatures and people that they kill together...
It is NOT a "parasite".
Parasites derive sustenance primarily from the living flesh of their hosts.
The eldritch horror described above is a predator in a commensal relationship with the host. That means they both get useful things out of the relationship, and the horror is not actively eating the host.
https://en.wikipedia.org/wiki/Cymothoa_exigua is a parasite. Don't click on that unless you really like horror, or you've already read The Laundry Files.
Clown fish and anemones live in a mutually beneficial relationship.
The Klyntar symbiotes, of whom Venom and Carnage are the best known examplars, are in fact correctly called symbiotes. The relationship doesn't have to be pleasant to be mutually beneficial in biological terms.
This minirant brought to you by a novel in which an eldritch horror is clearly a symbiote, not a parasite, but is consistently and aggravatingly mislabelled.
=> More informations about this toot | View the thread
Back at the same airport, again trying to get home. Same music, or a clone of Music for Airports which is nearly indistinguishable. Perhaps it is on a loop, maybe it is procedurally generated.
=> More informations about this toot | View the thread
I just realized that this departure lounge is in fact playing Music For Airports.
=> More informations about this toot | View the thread
If you needed to build a practical vehicle for a sci-fi movie in the 1960s through 1990s, something that actors could get in and stunt drivers could drive, you used flat pieces of plexiglass and sheet metal because complex curves are expensive in time and effort, and therefore money. You can do a lot in fiberglass and vacuum-formed plastic, but not for something that needs to be structurally sound enough to drive a hundred meters with people inside.
Modelmakers could do miniatures and set designers can do great things, so your trains, spaceships and so forth - static sets and external FX shots - could be quite imaginative. If nobody bumps into it, styrofoam and paint can work wonders.
Anyway, this explains the Cybertruck.
=> More informations about this toot | View the thread
235 years, 27 releases including one which completely backed out a prior release's features, and we're only just now getting around to QA testing.
=> More informations about this toot | View the thread
What sort of arrangements do major villainous lairs have for logistics?
I'm thinking about Coil's underground base in Brockton Bay, for example, which houses about 60 mercenaries plus Coil and occasional trusted visitors. I understand that it has a kitchen and storerooms and such, but... how does it get resupplied? Secretly?
=> More informations about this toot | View the thread
New hardware report: Google Pixel 9 Pro XL Fondleslab(TM)
It's a big black slab of glass. It weighs about half a pound, or a quarter kilo. It has radios and cpus and gpus and memory and stuff.
Design pros: the camera bar across the back means that when you set it down on a table, it does not rock when you touch it, and the lenses are not pressed into the surface. Also, there's always a little space for you to get your fingers in between the slab and the table. Every edge is rounded so you won't cut yourself.
Design cons: whoever thought up in-display camera holes should have a camera hole placed in their forehead. The trend to bigger displays via longer aspect ratios is now ridiculous. Glass backs are ridiculous: we have resilient plastics for a reason.
Design meh: once again the placement of power/volume buttons is different from my last phone.
Tech pros: the in-screen fingerprint reader is fairly fast and accurate.
Software pros: unlockable bootloader. Which I did, and immediately installed #GrapheneOS on the thing. Bye bye "AI" features! Yay!
That's all for now.
=> More informations about this toot | View the thread
12 data centers
11 metaverses
10 whiny nazis
9 strictly worse trains
8 hallucinations
7 AI racists
6 busted unions
5 EN EFF TEEEEES
4 cyber cults
3 sex pests
2 crypto scams
And a bunch of bullshit backed by VCs.
=> More informations about this toot | View the thread
Bonus points to certbot: when it errors out saying "(probably caused by a firewall)" -- it was, indeed, a firewall issue. Who uses port 80 these days?
TLS cert verification via HTTP-01, that's who.
Moves my priority for DNS-01 up a bit, but that involves switching the whole authoritative DNS infra for the home org.
=> More informations about this toot | View the thread
When I despair at the state of the IT/operations world, I am reminded of my first sysadmin-boss, 30 years ago...
who despaired at the state of the IT/operations world.
=> More informations about this toot | View the thread
Blocked a whole domain today. It might be a one-person server, it might be bigger, but I have no desire to interact with racist/dominionist/Trump supporters/fascists -- but I repeat myself.
The owner decided to follow me, which is how I figured it out.
=> More informations about this toot | View the thread
It turns out that certain people don't learn from other people's experiences; it's a combination of lack of empathy and arrogance. We call those folks executives, or sociopaths.
Sociopaths are responsible for most "new technology integration" decisions. The socially responsible response is to eat them. Make sure that all applicable safety and food-handling regulations are followed. ServSafe certification can help.
=> More informations about this toot | View the thread
=> This profile with reblog | Go to dashdsrdash@tilde.zone account This content has been proxied by September (3851b).Proxy Information
text/gemini