didn’t cats already get the virus from drinking the raw milk?

Yes and they had a very high mortality rate too!

Edit: sauce

No problem! I'm just an information sponge and I've lucked out with really good mentors so far in my career to learn from

So from my experience you generally will have different zomes of security. Outside Internet is obviously entirely untrusted so block every incoming connection except those you really need, and even then ideally all remain blocked (especially for a home network). Then you generally have your guest network which might need access to some hosted resources but is largely just used by guests to connect to the internet, next is your client network where your computer likely lives which probably gets access to all hosted resources but no management access (or depending on how much you want to trust your primary PC, limit that to just your main PC) and finally your datacenter network where you hopefully trust everything running in there.

You generally work with these zones and write rules based on the zone the traffic is coming from, with some exceptions, such as I might not want to give the guest network any access to my data center network, except for access to my jellyfin so I'll create a rule allowing only tcp web traffic from that network to a specific port on a specific IP/hostname.

A common way to achieve this is with a DMZ network, a network that sits between all of your networks and relies heavily on routing and firewalls. Public services and routers get IP addresses on the DMZ, and your firewall only allows specific paths. The outside Internet can open connections to the web ports of the web server and nothing else, the web server can't open connections to your other networks, only specific machines/networks are allowed to access the SSH port of the web server, etc. the DMZ is where trusted and untrusted connections mix, hence why its named after the zone that belongs to both North and South Korea where both are allowed but also neither are allowed, where one only goes with specific purpose and explicit permission

I was a bit hesitant to do firewall rules based off of IP addresses, as a compromised host could change its IP address

Realistically any identifier you can write firewall rules based off of can be forged in some way. A rogue machine can change it's host name, IP address and MAC address (and many do randomize their MAC address these days) in enterprises this is generally mitigated through limiting a network to only Ethernet access or via 802.1X authentication on WiFi and potentially even Ethernet. (You can also take the approach of MAC address whitelists, and some switches even allow for "sticky" MAC addresses where the first MAC address that connects is whitelisted until either the switch is rebooted or an administrator explicitly clears/allows the MAC address)

However, if each host is on its own VLAN, then I could add a firewall rule to only allow through the 1 “legitimate” IP per VLAN

You could go crazy and do everything at L3 (which your idea is basically doing but with extra steps) but that sounds like far more effort than it's worth, since now you're making every client also act as a router, and you lose a ton of efficiency both in configuration and in routing & switching, plus you've now changed the type of threats you're vulnerable to.

Generally in the enterprise, risks like what you're trying to mitigate are handled through reporting. An automated alert email is sent when a new device connects to a network that should never have new devices connect to it, then you kill the connection and verify with the team of that was any of them and investigate if it wasn't.

Realistically as a home network your threat model is automated scripts and maybe a script kiddie trying to get in. You really just need higher than average security to mitigate such a threat model (and average security is a shit show)

I feel like I may have to allow a couple CT/VMs to communicate without going through the firewall simply for performance reasons. Has that ever been a concern for you?

Security is always a trade off of convenience and speed. You have to decide what is an acceptable compromise between security and efficiency

Generally anything virtual when you aren't sure what to do, you should look at what the physical solution would be. For example, network storage is very bandwidth intensive, latency sensitive and security intensive. This is usually secured at the physical level as a separate network with no routers so that most security can be disabled. So at the virtual level these would be tackled with a separate virtual network connected to a second interface, and firewall rules on other interfaces to disallow incoming and outgoing connections to the storage network

Edit: I just realized I never answered your first question. In short, from what I've seen most enterprises put one firewall from a vendor like Fortinet, Zscaler, Palo Alto, etc. right on the edge of the network closest to the internet then either entirely rely on that for firewall or rely on that for firewalling off the outside Internet then do additional firewalling with a different tool inside the network. For example, a bank I worked at had a pair of redundant L3 switchs (Nexus N9ks specifically) which handled all of the routing for all of the bank's networks, and connected between those and the internet was the Fortinet box which was managed by an outside vendor and while i was there as part of hardening ahead of a scheduled red team audit we setup firewall rules (I'm blanking on the Cisco term for it, but they're ultimately just firewall rules) on the L3 switches to limit access to more sensitive networks and services

When I read about that like a year ago gorhill had clearly stated that the mv3 version's efficacy is severely kneecapped and while it works as well as it can it's extremely bad in comparison to the present version on Firefox and Edge

Shout-out to the /r/Sysadmin mods who decided subreddit uptime was too important to partake in the blackout. Man that place just had a really toxic tone and really made me strongly want to avoid the Sysadmin career track

I've said it before and I'll keep saying it, one of the fastest ways to pull cars off the road is to pass strong incentives/taxes on businesses to encourage them to adopt a hybrid or remote work model. I live in a rural area where you frequently need to drive to the next town over for this that or the other thing and my hybrid work schedule has allowed my family to become a single car family in about the most eternally car dependant kind of living situation there is

Forgot the ever popular "leak classified documents to the War Thunder forums to win an argument about game (in)accuracy"

Sounds like they're staying extremely tight lipped and not even telling the whole team about it. Either they're being overly-cautious or this one's a doozy

I'm remembering the meme about the girl destroying her cheating now-ex boyfriend by pointing out that "Goku would be so disappointed in you"

my response was sarcasm and an intentional fallacy in the form of an appeal to incredulity for the sake of rhetoric

My bullshit-english translator is a bit rusty, but all I'm getting out of this is "I intentionally wrote a wildly incorrect comment just for funsies" in which case fuck off

Real talk, a good workout 5 days a week will have a noticable impact on your body by the 30 day mark.

I went from literally struggling to lift 50 lbs to being able to do my first full pullup of my life (and immediately after I did a second one to make sure the first one wasn't a fluke) with just 1 month of daily exercise. I also started to feel noticably healthier and felt my body start asking for healthier foods. It actually got kinda finny one time I heated up a steamer bag of veggies because I just wanted a big plate of veggies, then my mouth was going "eww I still hate cauliflower" while my stomach was going "YES GIVE ME THE CAULIFLOWER"

I was following this guide which was extremely helpful in that it explained the terminology, provided different levels for each excercise so you start with what you can do rather than fighting a pushup or pullup that you can't do, and provides clear points where you "level up" and can move up to the next level for the excercise. Nice part is, it's all pushups and leg raises and such, so you just need a patch of floor somewhere to do it

Anyways my tired brain isn't making a fully coherent post, but point is, more people should try excercise because it's really cool!

This is why Idaho, Texas, Florida, and Utah have similar campaigns about “don’t California my state” and by “California” they mean don’t bring your “liberal/socialist/Communist/woke/progressive/democratic” outlook to their states, because they don’t want to be responsible for cleaning up the racism and various other problems that the red states seem to have adopted as their identities.

This also happens to a lesser degree with "the nearest large & fairly progressive city" I grew up in Madison, WI, fell in love with a girl from a small town across the state and we moved in together, got married started a family etc. So the dogwhistling that happens when you talk about the nearest liberal big city is real. I'm selective about who I tell that I grew up in Madison, and I listen for the obvious dogwhistling like "oh I try to avoid Madison as much as possible" "oh I really don't like Madison"

And now that trumpian politics have had a chance to really take hold we're planning on moving to a larger city, in part because we dont want our kids growing up around so much racism. When local online communities, local organizations and local community meeting places (aka the local bars) are riddled with dogwhistley comments because people feel comfortable saying them (which wasn't so bad just a few years ago!) It's just not pleasant

Basically at a big chess tournament a couple of the top players got into a disagreement, one accused the other of cheating, and a theory that spawned online was that they cheated via internet-connected buttplug vibrations which obviously is very memable

Craters also have the added benefit of sheltering the occupants from radiation and falling debris that the non-existent atmosphere couldn't protect from

Hey, this must be that self-documenting code I keep hearing about

Inexpensive for families on very, very tight budgets

This is what I don't trust will happen. Jostens or any number of other shitty companies will happily sell overpriced uniforms that cost hundreds of dollars and partner with school districts to ensure a captive market to pay their insane markups

I mean it looks like an office in their home, which is where such an error is completely understandable and forgiveable

Also, in the right context and to the right person a slightly-comically proportioned phalace can be a very funny and heartfelt gift especially when paired with a good punchline. I have a relative who works for the government, and received a penis-shaped bottle opener as a gift from a colleague in another agency after working a long-term project together with the attached commentary that his team wasn't the easiest to work with. Knowing the recipient plus how he loves to pull it out and tell the story every chance he gets, it's probably the best gift that he could've gotten.

Best case scenario it becomes a Linux Kernel situation where the big players invest heavily into the project, and it becomes corporate-y and boring because it's become the standard and not the weirdo in the corner

I was going to say "to annoy my parents" but this is the better answer

Yeah that kind of a drop looks more to me like a change in reporting

Mass student protests of dozens of kids going to school as furries

This sounds like the kind of protest id participate in when I was in school. As a parent I'd totally wear a fur suit to pick up my kids as a form of protest

The Satanic Temple made pretty good progress fighting state sponsored bullying and indoctorination by using that exact tactic

Oh you want to distribute bible materials at a public school? Well you also have to distribute our Satanic Temple's materials too because you have to consider us equally. Oh gosh darn you've suddenly decided you don't need to distribute religious materials anymore, I guess students won't be receiving religious materials to indoctorinate them in either the Satanic Temple or the Church now

My wife was working at an assisted living facility when those conspiracies were at their peak. She had a coworker who believed in it and tried very hard to convince the residents of the conspiracy too

If somebody told me five years ago about Adversarial Prompt Attacks I'd tell them they're horribly misled and don't understand how computers work, but yet here we are, and folks are using social engineering to get AI models to do things they aren't supposed to

Dude the name alone sounds awesome

edit: I want to post this map but its complaining that the content type isn't html. I don't really see the purpose of linking a webpage when linking directly to the image will allow it to properly embed? Not sure if that's an instance limitation or a community limitation but it seems like not the right choice for meme communities

More like:

“Hey I have a problem with my Samsung”

"Here's a custom ROM you can install instead" (but also glosses over a lot of the finer decisions that go into whether or not to choose to run a custom ROM)

I think cryptocurrency has the best shot at relevance as a medium for internet tipping. Unlike processing most financial transactions its comparatively quite easy to accept tips and donations via cryptocurrency plus it allows very good portability between exchanges if you setup your infrastructure correctly. Almost everything else people and companies try to use it for appears to be nothing more than a grift of some sort, or at the very least profiting off of someone getting grifted

Christmas with my family we had a hard discussion about what kind of end of life care my grandparents need and how to get that setup. Then during Christmas with my wife's family my brother in law who's 40 and now responsible for 3 kids between himself and his ex-wife/girlfriend drank until he passed out on the floor of the garage. His oldest child was clearly disturbed by seeing him that way, but most of my wife's family defended it because "when you're surrounded by family is the best time to drink like that because you know you're safe!"

On the upside, my family was surprisingly well-behaved for once, and never chewed out my kids for being too noisy even when they were visibly struggling as they played with the new musical toys

See also: https://www.explainxkcd.com/wiki/index.php/Category:Cueball_Computer_Problems

I had similar problems and finally realized it was a symptom called executive dysfunction. I'd do easy dopamine drips like video games or watching YouTube videos instead of projects I want to do or tasks I need to do

It's really depressing how malls were built for unsustainable 80s-style commerce and the holding companies basically squeeze them dry instead of trying to reinvigorate them

Edge has been picking and choosing what features to carry over and off the top of my head announced they wouldn't be merging in the most unpopular MV3 changes

My wife was a CNA until a few months ago. The pay rate has gone up to $12-15ish per hour at least but still terrible benefits on top of getting verbally beaten down by the nurses while getting physically beat up by the residents. Could make the same money with less risk of bodily harm working fast food

I think the better option is to start by moving it to the correct spot twice then the third time pull the evil. They're truly asking for it if they don't stop after the first or second time their truck isn't where they parked it

As someone who's gone to college twice, let me just tell you, go to Cupertino for that trip. Even if you have to take out additional student loans for it. Is it financially responsible? Heck no, but its something you'll look back on and be happy you did, plus its a great networking opportunity to both get a feel for the industry you're preparing to enter and to potentially meet people who might help you land a job later on.

The headline says "jail" but the article only refers to cases in prisons. I know the entire criminal justice system is messed up, but did this UN study specifically find both jails and prisons to be severely repressive and racist?

This is an important distinction because jail is where people wait pre-trail, meaning they typically have not yet been found to be guilty of the charges brought against them, while prison is where people who have been charged, found guilty and sentenced to prison will go. Jail is where a cop that decides to arrest someone for dubious reasons will take them, whether that's enforcing an unconstitutional law (such as flag desecration laws which is protected speech under federal caselaw), findings from a blatantly illegal search, or even they arrested the wrong person because they went to the wrong address to execute a warrant, or any number of other reasons

Let kids do their own research.

That...that's the whole point of school! Condensing centuries of human knowledge and research so that you have an educated populace ready to make decisions in the field based on good information they were taught in school (then later on in life making decisions based on the good information they learned in the field and from others)

They are just putting out a point of view in that video that is not crazy.

That's how most indoctorination works, start by using logical fallacies and false premises that aren't immediately obvious to non-experts on the topics

Most posts are not about the issue at hand. They mostly are about claiming the other side is evil.

Climate change isn't something you can "both sides" you're either intentionally threatening the survival of the human race (and most other life on earth) or youre a sane human being. You have to be morally bankrupt to even try to "both sides" climate actions on random Internet forums

The town I live in renovated a park to have a gigantic playground, and every nice weekend day I've been there there's tons of kids and parents there. On Halloween there were tons of kids out despite it being around 0F out that night. But random weeknights? I don't see kids playing in yards much. I don't see kids riding their bikes to convenience stores to get snacks. I think the risk acceptance of parents has shifted a lot plus kids are more able to occupy themselves with fondleslabs so they have multiple reasons to not go outside

IT guy here, the choice of what to ship on the corporate desktops/laptops is a lot more naunced than that.

Are there users in the organization that use Excel heavily? Other windows-only software heavily? If the answer is yes then you're looking at complicating support instantly because now you have 2 separate fleets of workstations that each require different tooling to manage and you either have to have a helpdesk that can be trained to handle questions for both or have different teams to handle each which is more opportunities for helpdesk requests to be miscommunicated, lost, etc. and adds some time to the ticking process. You also have to decide how users are selected for which they get. If you leave it up to the users they'll all choose what they're used to and you'll just get a handful of weirdos which make the cost of allowing it likely higher than it's worth. But if you force it on people by team you run the risk of someone having dual roles or covering duties and being largely hamstrung when they can't use the windows software needed for the other role. Does this create a 2 tier system where users given the Linux workstations have less upward mobility? Or are you potentially creating future hassle where your Linux users will randomly have to come to IT to have their computer switched because they gained a duty that requires Windows software (which is a ton of lost productivity while they get things set how they like)

You also have to now maintain 2 sets of management tooling since generally Active Directory and Linux tend to be a pain to mix. This also means 2 different streams of vulnerability tracking and patch tracking, and 2 different streams of testing if you hold back updates for testing before deployment. And 2 different attack surfaces to keep secure for audits and red teams.

But let's suppose you find that absolutely everybody in your organization can be moved to Linux as nobody uses software that won't work on Linux natively. Awesome this is the best case scenario for Linux workstations in the office. What are the long term ramifications? Are you potentially limiting your options for vendors or contracts your organization can take on? Are some of your employees working at reduced productivity potential because they aren't using the best tool for the job?

These are the considerations that have to be made, and argued politically for Linux to be deployed to user workstations in the office. Extremely similar conversations have historically had to happen (and continue to have to happen!) within IT departments to move things away from Windows Server. A bank I worked at just a year ago was so heavily invested in the Windows server ecosystem that they had Windows server in places it really shouldn't have been and the choice to use Windows Server actually was a hindrance.

I think in the long run it has a chance. Linux has gotten so much better on the desktop in just the last 5 years, plus with the move to webapps across the board (not to mention kids in school right now learning on ipads and Chromebooks and never touching a Windows machine) I'm sure the decision will slowly get easier and easier, but right now, there's very limited opportunities to make Linux workstations happen in a big way in the corporate world, and I don't forsee that changing in the next 5 years