I'd love to be a fly on the wall for that conversation.

"Dear MBS... no, the line is not feasible. You'd have to be a fever-dreaming megalomaniac to even imagine one-hundredth of that ridiculous vanity project could ever be built. The ego of such a tyrant would be unmatched... unmatched, that is, except by his stupidity. Wait... what are you doing with that saw? Put it down! MBS! Hey!... AAAAAAAAAA!

Goldman Sachs regrets to inform the public of the disappearance of its consultant to The Line. No effort will be spared to locate him; he was last seen entering a Saudi embassy in Turkey...

And these sociopathic assholes have names: Mark Zuckerberg, Elon Musk, Jeff Bezos, Shou Zi Chew (CEO of TikTok), Steve Huffman, etc...

I am shocked that a company run by an oligarch would employ people whose immigration status is precarious. I am truly gobsmacked that such a company would think to make use of such an imbalance of power to keep its employees under its thumb.

I can't wait for the unionization of Amazon warehouses, which surely will come any day now now that they're forced to hire Americans who know their rights...

Bwahahahaaaa.....

I use Firefox pretty much exclusively, on both mobile and desktop, and it is fine.

I don't get involved with the drama surrounding the people at Mozilla.

From what I understand, it is not easy to toggle those switches accidentally, especially both of them at the same time. They have a metal bar on either side and to move the switch, you can't just push it into the other position... you have to lift it up and then move it; there's a spring-loaded locking mechanism that enforces this.

So it was either deliberate or a massive, massive fuckup by one or both of the pilots.

... is: Who wants to bring a kid into this f*cked-up world?

I have three adult kids. I am almost certain none of my kids will have kids and I can't say I blame them.

... mining for high purity silicon ...

Say what? Silicon comes from quartzite or sand that's found just about everywhere. Sure, you have to purify it, but that's not a super hard problem.

Transmission lines are not the whole story. They're an important component, but not the only one. But also, Trump has imposed steel and aluminum tariffs as well, so even transmission lines will be affected.

And the stupid thing is that aluminum requires a ton of electricity to produce. Quebec has ample electricity and can produce a lot of aluminum, but that's tariffed. For the US to produce more aluminum, it needs more electrical capacity... so... yeah...

Building new electrical infrastructure will be cheap and easy now that Trump slapped tariffs on copper.

Websites run arbitrary code on your system all the time unless you disable Javascript.

It may be hard if not impossible to exploit these vulnerabilities from Javascript, but one should not be complacent about the "arbitrary code" requirement.

His LinkedIn post looks like it was written by ChatGPT, so everything checks out. Maybe "Matt Turnbull" doesn't exist and the AI bots really are taking over?

OK, yes, the free Wifi scenario makes sense.

But I still think it's a bit weird to have proof of identity for IP addresses. For example, if a host presents a valid certificate for "example.com", then I can be reasonably confident that the host I'm talking to is controlled by whoever registered the domain "example.com", barring a compromised machine or leaked private key. There's a trail from the domain registrar to the name servers to the host.

But if someone tells me to visit 16.34.212.76 I have no idea who that is. Great! Whoever controls 16.34.212.76 has managed to prove they control 16.34.212.76 from different vantage points around the Internet... but so what? Who the heck is 16.34.212.76 anyway?

I can see this being useful for DoH if you configure your name servers with IP addresses like 8.8.8.8. Struggling to see other use cases that can't be handled better with a FQDN.

The SSL cert doesn't "encrypt the traffic". It's solely used as proof of identity.

You can have proof of identity without encryption, and you can have encryption without proof of identity.

If an attacker can reroute traffic destined for a specific IP address, then they can also obtain a certificate for that IP address by running the ACME challenge. (Same for the ACME HTTP challenge, actually...)

The only way this would fail is if an attacker can reroute my traffic, but not the traffic needed for the ACME challenge.

I don't understand the use case. If I connect via TCP to some IP address 42.42.42.42, it's rather difficult for an attacker to actually connect me to a different IP address... much more difficult than spoofing a domain name.

So, the certificate tells me "Yes, this really is 42.42.42.42." But I knew that already.

Maybe for UDP, attacks are a bit more feasible, but even so... they're not exactly easy.

I guess the only real use case I can see is to avoid a scary browser warning if you navigate to an IP address instead of a domain name.