blacklisting the rpc module and disabling user namespaces seem to block the exploit on older kernels without having to blacklist ipsec modules according to my limited testing, YMMV. it probably breaks eg. rootless docker user mapping so there is a tradeoff
Historically SMS used to cost money (it still does in most countries outside US) and it's ridiculously expensive, like 10c / text message, so people use alternatives, iMessage being one that is already installed on Apple devices by default.
skip videos that are shorter than 30 seconds (=ads) automatically, same server or otherwise - problem solved
Built on GPG, works with standard text files, supports GIT to share between clients and it has a client for every O/S
"Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities."
10 to the minus 6th power mouthwashes = 1 Microscope
