Terminology: revoked means the issuer of the certificate has decided that the certificate should not be trusted anymore even though it is still valid.

If a attacker gets access to a certificates key, they can impersonate the server until the validity period of the cert runs out or it is revoked by the CA. However … revocation doesn’t work. The revocation lists arent checked by most clients so a stolen cert will be accepted potentially for a very long time.

The second argument for shorter certs is adoption of new technology so certs with bad cryptographic algorithms are circled out quicker.

And third argument is: if the validity is so short you don’t want to change the certs manually and automate the process, you can never forget and let your certs expire.

We will probably get to a point of single day certs or even one cert per connection eventually and every step will be saver than before (until we get to single use certs which will probably fuck over privacy)

One reason for the short certs is to push faster adoption of new technology. Yes that’s about new cryptography in the certs but if you still change all your certs by hand maybe you need to be forced …

You don’t need something ever. Sometimes you just want something because the alternative is realy bad. I don’t need to eat. I want to eat because I don’t want to starve.

I want to watch a movie with my partner at the agrees time because otherwise they will be mad. I want to access my digitalized documents to send a letter in time because otherwise I will have to pay late fees. I want to access my gameserver because that’s the one time a week I get to have fun with my friends from my college time.

There are many situations where I’d rather do the thing I want instead of doing maintenance.

There is still a good reason to know about problems early. Without any monitoring you will find out about problems exactly in that moment when you what to use the service that doesn’t work. Sometimes you need something quick and you don’t have time to debug and fix in that moment. If you get an alert early you can decide to fix it right away or in a few hours or tomorrow.

A memory pointer? So it must have been a program sending a pointer using an API to itself so it ends up in the same process again?

I wouldnt blame that on stupidity as much as on ignorance and naivety. Many people simply don’t think about anybody deliberately misusing their design. The idea that somebody could even want to access somebody elses receipts didn’t occur to them. And if they were still doing their studies they might not have known that you can “combine” SQL queries and ask for two things at once.

I don’t blame the girl, but whoever chose her to design a system with sensitive information.

There is already a word for them. You are thinking of diddlers

The first time i realized i could use netcat to send and receive data between two of my computers on a LAN I was giggling like a child. You don’t need fancy programs, email, webbrowsers or whatever. Just a single line in the command line and there appears text on my other computer…

Not like the whole video goes from 1080p to 720p or something but single bits of the drive will fails over time. If that bit is part of your video file, one pixel of one frame will be the wrong color/black. If multiple bits close to each other fail you might get a video stutter. If even more fail your video player will not play the video at all (or just stop playing at the place of the errors).

That is the smallest scale of self hosting. The server and the client are the same device. It is also the most insecure way as you probably don’t have any backups and very limited storage space.

Actually self hosting is the next step when you decide you want 5+ TB of data and have it automatically create backups. Digital storage media degrade pretty quickly and if you just have your movies on a hard drive in your computer, after 5-10 years you might start to lose quality or some files completely.

Portable travel bidet

Sometimes I wonder how people can be so naive. Even if they don’t know just how much money is thrown at AI, just the fact that it is now in literally anything and on the news every day should be a clue that it is a huge industry. You wouldn’t expect the guy that changes your cars tires to be able to single handedly build a car that is better, faster, cheaper and more efficient than all car companies together.

You only get the AI search results. Frequently wrong, hallucinating results that don’t exist and sometimes you reached your token limit and have to wait for a day until you can search again.

Because that is the joke and why the teacher reacted that way.

Or translated into reddit: woosh

Trolley busses still have batteries, they just get charged by the overhead wires while the bus is driving.

German here: in german all nouns have a gender. and virtually all nouns used to describe people in general are male (like user, human, citizen) and a majority of professions as well. As such using male pronouns in documentation is common as you refer to a user (and the word user has male gender). However there is a big debate in Germany about gender inclusive language that moves away from this “generic masculinity” of nouns. And of course the political left is pro inclusivity while the right is against it.

So if a (german) dev is actively defending the use of male-only pronouns they probably fall into the anti-invlusive-language camp in Germany as well. Its reasonable they would make the mistake when just translating from German, but starting a fight over changing it is sus.

Its an exaggerated non-issue

Linux is not a uniform userbase. Many systems will be affected by this. Many users will be fine because they use a well used and maintained distro. Many servers and embedded systems will not be fine.

That raspi running your pihole that is never updated? Yeah that might just stop booting next time there is a poweroutage and you wouldn’t know what’s up.

You most likely pay for a maximum CPU capacity and your Server cant go above that no matter what you run. Your vps provider doesn’t care what that CPU power is used for.

However with limited resources, the tarpit might use up all CPU power and the rest of the webserver will crawl to a halt.

wg-quick creates a systemd service for each wireguard config you have. So if you set up a tunel called wg0, you should be able to run ‘sudo systemctl enable wg-quick@wg0’ This will make your tunnel connect on every boot. I have the same setup on my proxmox, so i can reach certain services of my homelab proxied through a root server (the other end of the wireguard tunnel)

Yeah with lossy compression the future is today!