Bit of an alarmist headline here. The vulnerability has been patched in the most common clients (openssh) and it was because the protocol wasn’t being implemented correctly. To say that the SSH protocol “just got a lot weaker” is just not true.
Bit of an alarmist headline here. The vulnerability has been patched in the most common clients (openssh) and it was because the protocol wasn’t being implemented correctly. To say that the SSH protocol “just got a lot weaker” is just not true.
I disagree with the $ per hour framing (it’s more about the value the entertainment provides than the amount of time it takes to consume) but yes you should pay for your entertainment. I got far too used to paying nothing or close to nothing as a student that it took me a while to readjust.
I think for most people it’s whatever you got used to first. I agree the hatred the GUIs get is overblown. I would always recommend people learn the command line but if you want to use a GUI, go for it, doesn’t affect me unless your commits are bad, in which case the CLI wouldn’t have helped anyway.
Why are people weaving social media and the internet into a single thread? The internet is so vast, social media makes up a tiny sliver of it.
Because to most people outside Lemmy the “internet” (by which they mean the world wide web but that’s me being a pedant) IS social media. There might as well not be anything outside the walled gardens of social media to them because they’ve been conditioned to only stay on one, maybe two platforms for years at this point. The old “what’s a browser?” question these days gets answered with “I don’t need a browser I have Facebook”. Completely nonsensical to us but to them it’s totally natural. Not being derogatory about them or anything but the 60k lemmy users and however many million on Reddit are not the majority. Facebook with it’s 3 billion (with a b) users, IS the majority of the internet.
My friend and I are looking to make a game and the general consensus has been that perforce is still better than git LFS, so we’re setting up a perforce server. What is it about SVN and perforce that you miss? I’ve only ever used git professionally for VCS so I’m finding perforce’s always-online and exclusive-checkouts model just very strange (though I understand the need for it when working with binary files).
I like it and have been using it for something like 6 months. I had an issue where I really liked the application and how simple it was but I didn’t really want to “budget”, just keep an eye on where my money was going. That was fine, just keep zero-ing the numbers every month, slightly tedious though. Now they’ve got a “report” style behind an experimental flag and that’s made it pretty perfect for me.
I set up some family members with the electron app after they had spent 3 days to do in a spreadsheet what I had done in 3 hours in actual. There was resistance initially due to sunk cost fallacy but now they’re loving it.
Other options like ynab and firefly were just too bloated and complex for our simple use case.
Why is it surprising that you had a pocket knife confiscated at a bar?
I did the same with manjaro, though I split it so I technically can get back to macos if I really want to. Annoyingly that now means I need to keep an eye on the disk usage.
I’ve spent entirely too long in the last week or so researching this. You either go cheap but DIY, or expensive but prebuilt. That’s not to say that a DIY is always cheaper than a prebuilt, you can go absolutely nuts if you want, but the performance and spec will always be better for the money going DIY. Hot swap drawers are over-rated as you’ll maybe use them once a year if that. I can’t recommend any specific prebuilt because I haven’t used any and am waiting for parts for my DIY build.
Yeah this is definitely a downside to using spare gear over purposeful purchases. I think it makes sense to use what I have and optimise later. I’ve got an old intel i5 and mobo I’m planning on using for the NAS. Need to find another use for my old Ryzen 5 2600X.
Thanks, the flexibility and closed source (I assume) of turn key solutions puts me off them. I’ve already got a raspberry pi running a few containers and I work with docker and Linux in my day job so I know a decent amount. The form factor of the turnkey solutions is the big draw for me at the moment to them as I’ve just got a spare ATX mid size tower handy. Would ideally replace with smaller case but then I’d need a smaller motherboard and that’s just raising costs for starting out. Potential upgrade path anyway.
Thanks for the suggestion. That wasn’t a standard format I was just trying to write them out in a way that represented what I was seeing in my DNS controller and now realise it probably would have been clearer as a table. I honestly wasn’t sure if *.local
would work either but it’s working great now.
No but it’s an important step I didn’t cover in the post so good spot. I’ve solved my issue now, see the edit in the post.
So I put debug mode on and I see no requests to Ionos which seems like it’s the main problem.
Yes, thanks.
Yes it’s ionos. I think from the other comment and the fact my DNS hasn’t been changed (I’d assume I should be able to see the acme challenge record if it was successful) the DNS integration seems to be the culprit. Not sure how to fix it though!
Yes I’ve got the domain I just replaced example.com for explanation purposes. Yes I know public certs are easily searchable which is why I’m trying to use a wildcard domain (*.local
) which is public. Caddy should be handling the domain record updates as required but I would assume that I’d see an error from the API request to update the record before seeing the cert failure. Maybe it’s silently failing. I’ll check if possible.
The “Invaders Must Die” fight in Hi-Fi Rush had me beaming ear to ear. By that point in the game I was so in tune (intended) with the mechanics I just chewed through the fight, headbanging the whole time. One of my all time favourite gaming moments.
Yes I was wrong to say that this an implementation detail rather than a protocol problem as the OpenSSH release notes to prevent this vulnerability include extensions to the SSH Transport Protocol, however I still believe that the headline is sensationalist at best since it can and has been protected against by patching ssh clients and servers. It would be entirely unreasonable in the majority of cases to simply stop using SSH on the basis of this vulnerability and that’s why I think the headline exaggerates the problem. The Register has a much more measured take on this including comments from the paper’s authors that people shouldn’t panic and try to fix immediately.