Seriously, breaking the Internet is their domain.

There’s been a push in IT (and I assume other industries as well) towards inclusive-language.

Part of that is moving away from phrasing that has non-technical historical connotations…like using “leader/follower” or “primary/secondary” instead of “master/slave”.

But another part is also getting away from catagorizing things as good/bad on a white/black spectrum. We no longer blacklist things, we denylist or blocklist them. Likewise we no longer whitelist things…they get allowlisted or permitlisted. We don’t have white-hat/black-hat hackers…we have defensive/offensive, or blue-team/red-team.

Afaik it’s still okay to refer to plugs and prongs as female and male, as that is referring to biological sex moreso than gender. But yet, people gasp when I refer to plugs that have a sheath over them as “uncircumcised”.

Imagine what gon’ happen when you try to tax our whisky.

There’s been a notable uptick in supply chain attacks coming from the odd FOSS dependency.

Fortunately the FOSS environment as a whole, ironically, reflects the best aspects of a “free market” in the capitalist sense. If a package is no longer maintained, or poorly maintained, or the maintainer is a douche/Russian asset, it forks and many users jump ship to the newer package.

Users have full transparency into how the sausage is made. Everybody does.

So if exploitable code is discovered, it can just as well be discovered first by a defensive researcher (non-inclusive term: white-hat) or offensive researcher (black-hat).

And if an offensive researcher discovers it first, they have a choice:

• Use it and risk being spotted. Once discovered in the wild, patching is only a matter of time.
• Sit on it and hope a defensive researcher doesn’t find it.

Submitting bad code to a project in itself though. Some new user with no reputation is going to be heavily scrutinized putting a PR on a large/popular project. And even with a good reputation, you’re still putting the exploit code out there in the open and hoping none of the reviewers or maintainers catch it.

Not to be pro-corporate/anti-repair…but I feel I have to play devils-advocate here…

That sounds like a legal and security nightmare.

If you just give binary blobs and no sources, there’s no way to maintain the code/device long term. As exploits continue to be found in upstream dependencies, the hardware continues to become increasingly insecure.

But if the source needs to be released…I imagine that there are heaps of proprietary code that is still in use on “active” devices even after another model goes EoL…so if that code is released, there’s instantly thousands of nefarious eyes on it.

On top of the regular zero-days that are found out when a popular product reaches EoL.

I think that’s potentially a lot to ask of users. Will your technically-challenged great-Aunt switch to post-support build when her phone hits EoL, or will hackers be able to remote control her banking app and take away your inheritance before the community can even patch it (assuming there’s enough community support out there for an 8-year-old Galaxy A-series…)

Then there could also be licensed code that would need to be released as well…hence the legal nightmare.

Not saying it’s impossible…in fact, I greatly agree with your stance and stated position. Just saying that there are some blockers on this epic.

Quis custodiet ipsos custodes?)

You know…this.

I’ve used AI plenty of times to help troubleshoot some weird error message. Sometimes just an old-fashioned Google just isn’t enough. There needs to be added context, which would just screw up the Google results.

I treat talking to AI for advice (in any category) roughly the same as asking an IRC channel…because that’s basically what it is. It’s taking in data from tons of sources and summarizing it.

Some of those sources might be legitimate and knowledgeable, some of them might be a negative-scored stack overflow comment.

If you have no domain-specific knowledge, you won’t know how to identify an issue in its response, and you shouldn’t be blindly copying code. Trust…but verify.

ETA: another example, just now…I was having trouble getting a specific response from a REST API in Ansible. As it would turn out, doing the lookup with REST would require at least two separate lookups to get what I wanted.

The agent suggested I try using graphql queries instead. I’ve never used the graphql API before…tbh I was slightly intimidated by it. But the agent gave me an example for what I was looking for…and after changing the formatting around a bit it kinda “clicked” for me. I asked for an ELI10 on graphql and I definitely learned a bit from it and will be using this (graphql) more in the future.

I’ve had many instances of that, where I’m deep in the weeds and the robot pulls me out and shows me the flowers. Of course…the opposite has happened, too, and the robot finds a rabbit hole among the weeds and keeps shoving me down it.

It’s also been a good rubber duck, even without hitting send. Start typing out the problem and then have an “aha!” moment.

Many of them have regular, American-sounding names. Like “Jake Sulley”

Wait does solar power work with other suns? Or just our sun (Sol)? Or just yellow dwarf suns?

I mean, it very easily could be. A service like WARP, they can decrypt the traffic, if you allow them to (it is off by default). The warp client will add the certificate to the trust-store, and the traffic will get decrypted on Cloudflare’s end.

For my kid, I kept deep-inspection off. If he figures out how to get past DNS and SNI inspections, he deserves to see a boob or two.

Legislate mandating firewalls and routers have easy to use parental controls for internet settings.

Sorry but no. That would drive up the cost of all firewalls and routers, for no real reason, except that the manufacturers can because the government says they have to. And most firewalls that offer content filtering need some sort of a subscription to keep the filters up-to-date.

Never mind the fact that a router’s job isn’t content filtering (it’s routing).

Todays parents grew up exposed to the internet. If we don’t know how to protect our own kids and teach them how to safely use the internet, then we are hopeless as a generation.

Btw, Cloudflare WARP is free for a small number of users and has a pretty decent web filter built in. It’s far from easy to use, but it’s free and effective. I use it on my 9yo’s Fedora laptop, and as long as he can’t sudo, he can’t turn it off. And if he even tries to sudo, he will be reminded that he’s not in the sudoers file, and this incident WILL be reported.

I would love to see a series of comics featuring Uncle Sam and Auntie Fay as like, a modern Archie and Edith. Or maybe as bitter divorcees but Sam is always shooting himself in the foot and blaming it on his ex-wife Fay, but she’s logical and always catches him in his own trap with some sort of clever fourth-panel punchline.

Even for a post-mortem Crichton film and story?

Have you seen what they did to Jurassic Park? I mean, Timelines was bad enough (unless you’re desperate for Paul Walker eye candy), and that was while he was still alive. So bad that he didn’t have another movie writer’s credit until he’d been dead for 7 years.

Yes but not the 5¢ deposit if you are in CT-HI-IA-ME-MA-NY-OR-VT. MI 10¢. CA CRV.

Strapping you and your almost-ex-wife onto some random pipe in a barn so you can both get sucked up by an F5 tornado?

I’d say that’s worth it.

Nah, Windows XP and 7 get a pass. These were solid consumer OS’s.

You go back 30 years and you’re at Windows 95 (holy shit) and the beginning of massive home PC adoption.

I don’t feel they got hostile towards users until probably midway through Windows 10 lifecycle. The first half wasn’t that bad, aside from changing up 20+ years of muscle-memory…but Gnome did that, too.

Having someone to complain to/point fingers at/sue is incredibly important in the business world, and a big part of why M$ is so big.

In fact, just having support is a big thing. Look at how shitty M$ support is. Or Cisco, for that matter.

Not to mention a steady, predictable, accountable release cadence.

If you want that, in the Linux world, it’s basically Ubuntu/Canonical, RedHat/IBM, or Oracle/Oracle.

I’d call Canonical the lessest of 3 evils here…

Do they accept Walmart gift cards?

I really want to convert my pixel but I’m so damn lazy.

Mostly worried about losing TOTP apps and configurations. I really should be backing those up.

In OpenWRT, I believe it’s in the settings for the “primary” ssid on each radio, which is usually the first one in the list (per radio) on the wireless settings page.

Openwrt also has options to block multicast or convert to unicast. Also make sure you are disabling lower speeds on the radio. That will reduce your max range, but devices that communicate slowly are another killer.

Broadcast and multicast both have to go at the ssid basic rate…the slowest speed supported by the AP. That could be 1Mbps. And then the AP has to repeat it. And depending on the type of traffic, this may also initiate more broadcasts from other devices on the network.

So if you can reduce broadcast/multicast, or increase the minimum speed, you’ll have significantly more time. Since wireless is a shared medium, “time” is really the most critical resource.