Oh for sure. What I meant was “check router for a built in VPN and use it if it has one, otherwise use wireguard because it’s the easiest”.
The specific VPN doesn’t really matter so much. The built-in one would be the easiest, so checking for a solution that took a few clicks is worth it. :)
I would use something like wireguard, or another VPN service you can host yourself if your router supports it natively.
From the looks of it Minecraft servers seem to have dogshit authentication, so using some form of private network setup is going to be your best move.
Because the headline literally says “world’s first all electric train”, which it very much is not.
So, you’re correct that active emergencies take priority.
That being said, in essentially every place that has 911, both numbers connect to the same place and the only real difference is pick-up order and default response.
It’s the emergency number not simply because it’s only for emergencies but because it’s the number that’s the same everywhere that you need to know in the event of an emergency.
It should be used in any situation where it should be dealt with by someone now, and that someone isn’t you. Finding a serious crime has occurred is an emergency, even if the perpetrator is gone and the situation is stable.
A dead person, particularly a potential murder, generally needs to be handled quickly.
It’s also usually better to err on the side of 911, just in case it is an emergency that really needs the fancy features 911 often gives, like location lookups.
The time an automod hid a comment and then it was restored will be the first item in the list? Really?
I know that people like to get in a tizzy anytime anyone talks about codes of conduct in a programming environment, but this is such and absolute nothing to get hung up on.
Regardless of your feelings about the direction community organization is heading, save the energy for something actually impactful rather than just trying to stir up drama.
It looks like one comment was temporarily hidden, by an automod I’m guessing. That hardly qualifies as “running someone out”. He even continues to engage in the discussion a few comments later.
https://daniel.haxx.se/blog/2020/12/17/curl-supports-nasa/
https://daniel.haxx.se/blog/2023/02/07/closing-the-nasa-loop/
Their process for validating software doesn’t have a box for “open source”, and basically assumes it’s either purchased, or contracted. So someone in risk assessment just gets a list of software libraries and goes down it checking that they have the required forms.
As the referenced talk mentions, the people using the software understand that all the testing and everything is entirely on them, and that sending these messages is bothersome and unfair, and they’re working on it. Unfortunately, NASA is also a massive government bureaucracy and so process changes are slow, at best.
The TLAs don’t generally help NASA, and getting them involved would unfortunately only result in more messages being sent.
As for contributions, I think that turns into an even worse can of worms, since generally software developed by or for the US government isn’t just open source, but public domain. I think you’d end up with a big mess of licensing horror if you tried to get money or official relationships involved. It’s why sqlite is public domain, since it was developed at the behest of the US.
Mostly just context for what you said. NASA isn’t being arrogant, they’re being gigantic. Doing their due diligence in-house while another branch goes down a checklist, sees they don’t have a form and pops of an email and embarrassing the hell out of the first group.
The time limit thing is weird, but it’s a common practice in bureaucracies, public or private. You stick a timeline on the request to convey your level of urgency and the establish some manner of timeline for the other person to work with. Read the line again, but extremely literally: “we have a time frame of 5 days for a response”. “Our audit timeline guessed that it would take a business week for you to reply, so if you take longer we’re behind schedule”. The threatening version is “your response is required on or before five business days from the date of this message”.
The presumption is that the person on the other end is also working through a task queue that they don’t have much personal investment in, and is generally good natured, so you’re telling them “I don’t expect you to jump on this immediately, but wherever you can find a moment to reply this week would keep anyone from bothering me, and me from needing to send another email or trying to find a phone number”
It has organizational support from ICANN, so it’s not done in total isolation.
Paul Eggart is the primary maintainer for tzdb, and has been for the past 20 years.
Tzdb is the database that maintains all of the information about timezones, timezone changes, leap whatever’s and everything else. It’s present on just about every computer on the planet and plays an important role in making sure all of the things do time correctly.
If he gets hit by a bus, ICANN is responsible for finding someone else to maintain the list.
Sqlite is the most widely used database engine, and is primarily developed by a small handful of people.
ImageMagick is probably the most iconic example. Primarily developed by John Cristy since 1987, it’s used in a hilarious number of places for basic image operations. When a security bug was found in it a bit ago, basically every server needed to be patched because they all do something with images.
That’s called a timeshare, and they’re not a good idea. Very sketchy, almost impossible to get rid of if you don’t want it.
You have to sign up because although you bought the apartment, you’re not the only one who bought the apartment.
You buy it and then get to sign up to use it, and then you pay a fee to use it every year even if you don’t end up using it.
You don’t get to live there.
Google analytics is loaded by JavaScript. There are also other things like Google analytics that are also loaded by JavaScript.
Updating a website can take time, and usually involves someone with at least a passing knowledge of development.
Google tag manager is a service that lets you embed one JavaScript thing in your page, and then it will handle loading the others. This lets marketing or analytics people add and manage such things without needing to make a full code deployment.
It also lets you make choices about when and how different tracking events for different services are triggered.
It’s intended usage is garbage tracking metrics and advertising. Some sites are built more by marketing than developers, and they’ll jam functional stuff in there which causes breakage if you block it. These sites are usually garbage though, so nothing of value was lost.
Yup, that would indicate that likely a bot is trying to guess it’s way in.
You are still safe.
The only weird thing here is that Microsoft lets such things bother you instead of guessing that you didn’t teleport to Brazil and instead putting a little extra burden on the Brazil end before sending you an email.
If you’re still feeling worried, the biggest thing you can do is enable two-factor auth (which you should do anyway), or even better: enable something like passkeys which are very secure and also easier than username/password.
Two-factor/password manager is the “remember to brush and floss” of the security industry, so… Please do those things. :)
That is wonderful advice and I’m glad you pointed that out. :)
If I knew how to give directions to the page, I would, but unfortunately I don’t know the Microsoft site layout, only the URL that their help center directed to.
In mitigation of my indiscretion: it’s generally safer to trust a person you approach out of nowhere than to trust someone who approaches you out of nowhere.
Since they chose the venue and asked the question, the likelihood that an attacker is present in the replies is lower than the expectation that an unsolicited email is from an attacker.
But it’s also entirely correct to be distrustful of anything anyone asks you to click on, triply so if it involves security or login pages.
It is actually safe to ignore them. It means either someone has an email address similar to yours, or a bot of some sort has you email address and only your email address.
Essentially, someone or something goes to the login screen, enters your login, and says “I don’t have the password, let me in!”.
Sending a code to your email like this is the first step in letting someone in without the password, or more specifically to having them reset it.
Since the email is to check “did you ask for this?”, doing nothing tells them that you did not.
If you want some extra peace of mind: https://account.live.com/Activity should show you any recent login activity which you can use to confirm that no one has gotten in.
Also, use two factor, a password manager, and keep your recovery codes somewhere safe. The usual security person mantra. :)
From a theft perspective, being able to hijack someones steam account is likely to be more lucrative than most. There’s a window where they might be able to resell the account to someone who doesn’t know how easily valve can verify true ownership and fix it.
You’ve still got a lot of botnets and cryptocurrency miners flying around. Ransomware is the big one that targets people with important data that a gaming device is immune to.
There were some reports from game devs who said that the big reports from Linux users was worth it just for that.
He actually pulled together stats for it all, and it was 5.8% sales making 38% of the big reports, which tended to be high quality.
So from his experience as an independent game dev, he said it was worth it just for the QA you get out of it.
I think a lot of the libraries and tooling being updated to be more platform agnostic helps too. It’s not “press button to support Linux”, but it’s getting a lot easier than needing to rewrite your engine for every platform.
Bless your heart.
It’s not their intelligence I’m concerned with my dude, but their inability to hold precision tools.
I hate to be the one to remind you, but they can only use their mouths, and it’s really hard to mine or build complex machines underwater.
They don’t have legs my friend.
They also overheat without the water to keep them cool.
Yeah, it’s definitely faster, but I’m not sure it’s going to make too much of a difference for a Minecraft server.
With setting it up being a bit annoying by hand, I’d still rank the router option higher even if it’s a worse VPN. Otherwise you risk ending up in that yak shaving situation where you’re fighting with routing tables and DNS when you wanted a Minecraft server.