Comment Re: Don't store personal data, baby photos on OneD (Score 2) 53
Anything can fail, which is why the whole point of a backup is to have more than one copy in different places.
Anything can fail, which is why the whole point of a backup is to have more than one copy in different places.
You don't own it.
You can extend this to hardware as well. If you're not allowed to repair or modify something... you don't own it.
We can operate at night, but do we want to? Your comment is precisely why I'm an advocate for permanent DST I'm not a morning person, so fuck any light in the morning. Give me sunlight in the afternoon to sit outside and enjoy myself.
Also no we can't operate perpetually at night, at least not without medical issues. This is one of the reason vitamin D deficiency is a thing.
There is absolutely no reason that work and other mandatory things cannot be done at night, leaving the daytime free for you to do your own things. Wasting what limited daylight hours we have stuck in a cube farm with artificial lights anyway is ridiculous. There are very few jobs that actually require natural light these days.
Further from the equator there is not enough sunlight for that. You'll either be going to work/school in darkness, or coming back in darkness unless you want to severely shorten the duration of the work/school day.
The sun always rises later in the winter, that's the nature of winter... The only thing this changes is the arbitrary numbers that are displayed when the sun is rising.
Instead of fixating around those arbitrary numbers, plan your day around actual environment factors like when the sun rises etc.
The root of the problem is rigidly tying people's daily routines to an arbitrary set of numbers, and then changing those numbers rather than changing the routine.
This reminds me of microtransactions.
We're 50 years overdue for an alternate payment clearing system that doesn't take more to process than the payment is worth. Most of the enshittification we've seen due to an eyeball (now attention) based economy could have been sidestepped if we built a system for people to pay on a transactional basis for compute and content.
Funny how the wave of autonomous agents is once again driving people to revisit this stuff.
https://spellboundproductions....
"Thirty years ago, General Magicâ(TM)s Telescript established a foundation for autonomous agents. The vision behind it sounds like today's promises of Agentic AIââ but in fact was actually enabled by the technology from the outset. Telescript didn't ask users to just trust it. Instead, it built deterministic safety into the system itselfâ"Permits that limited resource consumption, Authorities that enforced accountability, an Engine that prevented agents from touching host resources directly."
There's no reason you can't pay in tenths, or hundredths of a cent. It's the same idea as a cryptocurrency ledger, minus the ridiculous overhead of the blockchain. Building out the infrastructure to do that is beneficial to both humans and autonomous agents.
So... yay?
Assuming that CGNAT makes you immune is a huge error.
Once you compromise a single customer you're now inside the CGNAT pool, where you will see lots of very vulnerable devices because they were left vulnerable on the assumption that they were not reachable. In an ISP with thousands of customers, at least a handful will have some infected devices.
Modern Windows devices absolutely do not become compromised via inbound connections to open ports, they become compromised via vulnerable client software or user error (eg phishing, malware infected downloads etc), all of which only depends on being able to make outbound connections.
You shouldn't be relying on perimeter security anyway, every device should be able to stand on its own in a zero trust scenario.
The russians have been blackmailing ukrainians in ukraine into committing acts against their own government, there are several documented cases of this.
https://www.theguardian.com/wo...
https://www.washingtonpost.com...
https://news.sky.com/story/how...
There have been numerous recently reported cases of russians gaining access to information on ordinary ukrainian citizens, and then blackmailing them to carry out spying or sabogate operations.
You absolutely do have to worry about what hostile foreign governments might do.
There are hundreds of ways an attacker could gain access to the inside interface, even doing so blindly via xsrf where you have predictable legacy addressing.
Many simply don't care.
A lot of ISPs especially in Asia use CGNAT and/or rapidly rotating IPv6 and then do nothing about abuse so the address space is widely blacklisted.
In other countries ISPs aren't forced to use CGNAT, and use at least sticky if not fully static addressing so if customers get themselves blacklisted the ISP generally doesn't need to care as it won't affect other users.
Setting the policy to DROP just means that clients will try multiple times before timing out, which means not only will you waste bandwidth with the retries, but your own clients will experience a delay while they time out instead of receiving an instant rejection.
For legacy IPv4 networks the address space is so congested and in short supply that it's economically unviable to leave unused addresses, so you gain nothing from this. With IPv6 there might be some very limited security-through-obscurity value to someone not being able to identify a live address, but its also not practical to scan sequential address space anyway.
What this article really highllghts however, is how flawed the perimeter security model is. Modern end user devices will actually do perfectly well on an open connection, as they don't have any externally visible services. Indeed people frequently connect their devices to public wifi networks where they are fully exposed to the network owner, other users and potentially beyond and it hasn't caused the apocalypse.
People are relying on the perimeter security model, and then using really lousy insecure devices to actually implement that perimeter so they get the worst possible outcome. User think their devices are inside a secured perimeter when the very device supposed to be enforcing that perimeter has been compromised putting the attacker inside. These devices are often MUCH worse than today's end user operating systems.
The proper solution is zero trust - assume your devices are fully exposed and have to stand alone.
"If you don't want your dog to have bad breath, do what I do: Pour a little Lavoris in the toilet." -- Comedian Jay Leno