It's paraphrasing Torvalds himself though. It's a cheeky title.
"... and I have absolutely no excuses to delay the v6.6 release any more, so here it is,"
It's paraphrasing Torvalds himself though. It's a cheeky title.
"... and I have absolutely no excuses to delay the v6.6 release any more, so here it is,"
So I think you may not know about quick sync, an Intel transcoding acceleration feature of Intel gpus in Intel CPUs.
https://handbrake.fr/docs/en/latest/technical/video-qsv.html
There's information about it for I think plex and handbrake and ffmpeg in general. This is how some people do real time transcoding for media servers. But I'm not an expert. I just hope you can be guided with easier search terms.
Traceroute.
When the horses have all bolted, BBC is the one to close the barn door.
Start realising that the way you're used to scrolling with your mouse wheel, is a cog between you and the service it's moving. Actually you were using natural all along. It was the early touch pads that were wrong and nonsense.
It's impossible to tell, because they fired all the people who were counting.
Many large discoveries by research in Australia in universities and CSIRO didn't get funding they needed in Australia, and the engineers and researchers simply found funding and moved to the United States. Then the US benefited from all that education and university research investment simply because the economy and startup funding was better.
I guess you know America is on a downturn if they see the same thing happening to them.
Don't feel bad because you're really good at using a tool that doesn't follow your values. I use Windows during the work week and I use Linux for gaming on the weekend where I literally can't work even if I wanted to.
For me Windows is a tool box with propriatry tools that have no Linux compatibility. That's OK for me. People get emotionally invested but that's neither healthy nor helpful. No point being angry at work, it's like being angry that your work uniform is made by one textiles vendor not the other.
You get to choose what you use at home in your own time. If you feel good using Linux then, do it!
Personally, it's the power of powershell that I use for the hundreds of windows servers. Otherwise it's the power of Linux bash shell scripts for the dozens of Linux servers. None of the Linux servers run a gui so there's no options there. Tbh for me, self documenting gui is the slowest way to do work. Configuring hundreds at once with peer reviewed scripts and change control is much more effective since the peer review and change control will be needed either way.
Oh though I use fortimanager a lot of configuring dozens of Fortigates. Only have a few scripts on it though.
Five words into the article says
Apple’s internal presentation from 2013
Literally at the top under TL;DR
If it's possible to do, and it causes a user experience issue, especially one as jarring as "stop accepting writes" you should start adding rate limits and validate inputs with rate limits expressed to the user before they hit the error rate.
To me you should already be sanitising input anyway, and this would just be part of that logic. If a user is trying to upload more than x it warns (with link to documentation of the limit). If user has gone past the rate limits, then error.
I'm not a sre or dev, just a sysadmin though. Users expect guard rails. If it's possible, it's permitted.
Yes, but first go check which list you want to use since they're a good starting point to understand a kind of level of tolerance and expectations around your experience.
There's lots of lists around here's a small sample:
https://arstech.net/pi-hole-blocking-lists-2023/
Be prepared for a bump in time outs as you work through things you might need (I blocked by accident a bunch of needed Microsoft services that I need to use during my job).
I haven't edited my white list in months, maybe over a year. It's going very well. I've been running pihole on ubuntu for more than 5 years as two virtual machines. I'm happy.
I'll give you one reason it's used commercially: Veeam can only use xfs or refs as a deduplication enabled store using fastclone. For example I have a 60 disk nas hosting hundreds of customer backups and a petabyte. Without deduplication imagine how many extra petabytes of storage would be consumed. Each backup is basically the same image as well as the backup processing time.
Maybe they'll get that same feature on zfs one day.
Unless you want me to use refs? But I have tried that, and I've lost a whole volume to iscsi volume mounted to windows and formatted refs due to corruption when a network power loss happened gradually and whatever reason, that network interruption caused the whole volume to be unmountable over iscsi ever again. I'm not keen to retry that.
Xfs is pretty good with 60 disks, I wouldn't trust ext4 with that many but there's nothing factual about ext4 but a feeling.
About to get a second 60 disk nas for another datacentre for the same setup as above to migrate away from Wasabi as offsite. Will build xfs again. Looking forward to it.
It's totally fine to bulk replace some sensitive things like specifically sensitive information with "replace all" as long as it doesn't break parsing which happens with inconsistency. Like if you have a server named "Lewis-Hamiltons-Dns-sequence“ maybe bulk rename that so is still clear "customer-1112221-appdata".
But try to differentiate 'am I ashamed' or 'this is sensitive and leaking it would cause either a PII exfiltration risk or security risk' since only one of these is legitimate.
Note, if I can find that information with dns lookup, and dns scraping, that's not sensitive. If you're my customer and you're hiding your name, that I already invoice, that's probably only making me suspicious if those logs are even yours.
Many of those types while having great brightness and reduced image burn in actually have terrible quality images. Eg no hdr, some may only be 30hz, some may have the contrast ratio which is so low you'll just be sad to watch a movie on it looking at a black grey mush.
Though like all things, there's a gradient. Some of the conference room monitor panels can be better but often >3x more expensive than the consumer model due to much better warranty (eg same day parts).
So I don't have any advice here, just a bit of warning with experience with being around zoom, teams, and display walls from an IT solutions perspective,though generally I use AV partners for model selection and installation on any meaningfully sized conference/boardroom room or special application eg stages.
Who needs 20! Lol. Says more about me than you.
I use Ubuntu, it's the default for ROS. I tried debian but the instructions didn't work instantly so I just as quickly gave up and went back to Ubuntu since I was busy. Lol.
To back off your post, does anyone have one for Australia?
I don't think that works on my Samsung TV, or my partners iPad though. :)
Although not especially effective on the YouTube front, it actually increases network security just by blocking api access to ad networks on those kinds of IoT and walled garden devices. Ironically my partner loves it not for YouTube but apparently all her Chinese drama streaming websites. So when we go travel and she's subjected to those ads she's much more frustrated than when she's at home lol.
So the little joke while not strictly true, is pretty true just if you just say 'streaming content provider'.
100%
They'll be in a hardware security module, just like the computer should be storing encryption keys with the tpm. Tbh I don't know what's actively implemented but definitely on the devices I manage in MDM they're non-compliant without that. I'm sure you probably can get cheap devices without though. Just like you can get home level laptops without tpm.
I love the hand gesture at the end!
If you take an engine out of a car and try to spin it by turning the crank shaft, it will be hard to turn because the cylinders need to compress air (it's required before adding fuel and spark to explode that compressed air so it expands).
When that engine is in the car, and you don't add fuel and spark, then the cars wheels have to turn the engine and compress that air, thousands of times per minute. That force that the wheels have to send to the engine to spin that engine slows you down.
I'm thinking you think the engine itself has a brake on it.. No.
Bring free on cloudflare makes it widely adopted quickly likely.
It's also going to break all the firewalls at work which will no longer be able to do dns and http filtering based on set categories like phishing, malware, gore, and porn. I wish I didn't need to block these things, but users can't be trusted and not everyone is happy seeing porn and gore on their co-workers screens!
The malware and other malicious site blocking though is me. At every turn users will click the google prompted ad sites, just like the keepass one this week.
Anyway all that's likely to not work now! I guess all that's left is to break encryption by adding true mitm with installing certificates on everyone's machines and making it a proxy. Something I was loathe to do.
I'm not in America but the organisation for NIST recommends it in guidance now and its getting backing by the nsa
https://www.zdnet.com/article/nsa-to-developers-think-about-switching-from-c-and-c-to-a-memory-safe-programming-language/ https://www.malwarebytes.com/blog/news/2022/11/nsa-guidance-on-how-to-avoid-software-memory-safety-issues
I see this becoming required in the future for new projects and solutions when working for new governnent solutions. The drum is certainly beating louder in the media about it.
Almost like that xkcd joke...
I can guess at some things but let me first start with what I think is happening:
You have a gateway set. Your device sends a broadcast arp message asking 'who has ip ' and the device with that ip is supposed to send back 'me with this mac address!'.
That device is either sending it so slowly that your machine says 'I can't go past the gateway, the gateway isn't responding' which in your error message is no route to host.
Assuming that you have no custom manual network route in play.
So things that can cause that are usually link layer and layer two issues and sometimes duplicate IPs. Two devices with the gateway ip.
You should watch your mac address table and arp table (arp a) and watch if the router gateway disappears or changes Mac addresses.
Yeah but veeam doesn't support fast block cloning which means you don't need to ever recopy blocks that don't change. From a performance point of view, fast block cloning gives incredible speed up so that in turn means more backups happen in a short time. That's pretty important even at our small business scale. I guess larger veeam service providers solve things differently.
The bypass is to run your own router, distribute locally hosted dns servers (either the router or pihole) and the dns servers get their lookups over dns over https (443) and your provider can't intercept that since it looks like regular encrypted Web traffic just like they shouldn't be able to inspect your netbank.
Australia is different but these isps who do that generally have a +$5 per month plan to go to a static public rout able public Up (instead of cgnat) and unfiltered Internet. They usually are more allowing mum and dad to filter the Web so their kids can't get too far off track. Maybe just double check on your ISP portal settings but I'm going to assume you're not in aus.
It's possible to host a dns server for your domain inside your tailnet, and offer dns responses like: yourwebserver.yourdomain.com = tailnetIP
Then using certbot let's encrypt with DNS challenge and api for your public dns provider, you can get a trusted certificate and automatically bind it.
Your tailnet users if they use your internal dns server will resolve your hosted service on your private tailnet ip and the bound certificate name will match the host name and everyone is happy.
There's more than one way though, but that's how I'd do it. If you don't own a domain then you'll need to host your own private certificate authority and install the root authority certificate on each machine if you want them to trust the certificate chain.
If your family can click the "advanced >continue anyway" button then you don't need to do anything but use a locally generated cert.
Didn't understand that by willing you meant wanting.
April first.
Plex was how last pass got hacked. https://www.howtogeek.com/147554/lastpass-data-breach-shows-why-plex-updates-are-important/
You still need to do stuff even if it is plex.
I think the question is, where can you bet on a single coin flip? Maybe because I'm Australian, there's only one day a year you can bet on a (two) coin flip legally here. Everyone else seems to generally understand that coin flips aren't fair for gambling and therefore is illegal.
If this paper was like 'this is how corruption in sports...' rather than 'this is like that magician cup and balls trick' then I'd understand your concern.
But like you said, you don't even have a coin in the house, so the practical side is day to day, perhaps not even once a year, not only are you not deciding on a coin flip, even if you were, you'd (or whomever was flipping it for you) have to learn a technique to see it affect you.
Sure was! You need to be on top of paid and free and open source software from a security stand point. There's no shortcut no matter what you think you're paying for. Your threat model might be better when the service automates a Web proxy for you, but that's only one facet. You trade problems but should never feel like you can "set and forget". Sometimes it's better for you to do it yourself because there's no lying about responsibilities that way.
100%.Or set host file entries on each endpoint to resolve the mail.domain.com to your internal ip that's available only over vpn. Not going to be easy on mobiles.
There is an assumption though that the mail server has an internal IP address wherever you are hosting. That might not be true. I would always put the public IP on the firewall and then NAT with specific port 25 in to the private IP of the server, but who knows what this particular OP has done.
Does it connect to the same arcgis BIM servers so I can work with my coworkers, in real architecture projects?
There have been a few cases where ports are blocked. For example on many residential port 25 is blocked. If you pay and get a static ip this often gets unblocked. Same with port 10443 on a few residential services. There's probably more but these are issues I've seen.
If you think about how trivial these are to bypass, but also that often aligns to fixing the problem for why they're blocked. Iirc port 10443 was abused by malicious actors when home routers accepted Nat- pnp from say an unpatched qnap. Automatically forwarding inbound traffic on 10443 to the nas which has terrible security flaws and was part of a wide spread botnet. If you changed the Web port, you probably also are maintaining the qnap maybe. Also port 25 can be bypassed by using start-tls authenticated mail on 587 or 465 and therefore aren't relaying outbound mail spam from infected local computers.
Overall fair enough.
Look it depends on the age of the car, but let's take an old manual car for example.
On those cars, there's a fuel map to rpm. There's actually a few maps including throttle and ignition timing. But think of a spreadsheet of rpm and fuel at a certain throttle load.
At 0 throttle: The map says to stop the engine from stealing at under say 800 rpm it needs to have fuel added at rpms lower than that to speed up the engine to avoid stalling. At 800rpm it needs a consistent amount kind of a known amount that keeps it in equilibrium. At over 800rpm it needs less fuel the more rpm it has over the idle 800rpm until it's zero fuel.
And you'll feel that, you'll feel that moment the car starts adding fuel because if you're only engine braking to a stop your car will get near that idle rpm and your engine will start adding power to avoid a stall, and your braking will diminish.
Just fyi, as a sysadmin, I never want logs tampered with. I import them filter them and the important parts will be analysed no matter how much filller debugging and info level stuff is there.
Same with network captures. Modified pcaps are worse than garbage.
Just include everything.
Sorry you had a bad experience. The customer service side is kind of unrelated to the technical practice side though.