Heartbreaking: the worst person you know just made a great point.
My favorite single moment so far was the conclusion of the battle between Luffy and Boa Sandersonia.
It really highlights that Luffy is not willing to act against his principles, even if it would further his goals.
Best arc though is a tossup between Arlong Park or Impel Down. Arlong Park has had the best character writing in the series so far, and Impel Down has the highest stakes.
I’m currently going through the One Piece manga for the first time and I’m having a blast.
I’m in the middle of Punk Hazard right now and it’s starting to drag on, but I’m told that everything gets way better afterwards.
I’m not sure I necessarily agree. Your assessment is correct, but I don’t really think this situation is security by obscurity. Like most things in computer security, you have to weight the pros and cons to each approach.
Yubico used components that all passed Common Criteria certification and built their product in a read-only configuration to prevent any potential shenanigans with vulnerable firmware updates. This approach almost entirely protects them from supply-chain attacks like what happened with ZX a few months back.
To exploit this vulnerability you need physical access to the device, a ton of expensive equipment, and an incredibly deep knowledge in digital cryptography. This is effectively a non-issue for your average Yubikey user. The people this does affect will be retiring and replacing their Yubikeys with the newest models ASAP.
Absolutely. If you are the CISO in a place where security is a top priority with adversaries that may have access to the equipment and knowledge to exploit this, you will absolutely want to retire the keys ASAP and replace them with the new model that is not vulnerable to this.
This started happening to me more and more after I hit my 30s, and it stopped happening once I started taking a daily multivitamin.
This game is awful
Sometimes people do the right thing for the wrong reasons.
My certs have all expired, but when I started I didnt have any at all.
The thing that worked for me was to apply to small businesses(Look into local MSPs). Places that have ~20 employees have much less rigor about certs and will more likely test that you’re amicable enough to mesh with the rest of the team. From there you can build experience and often get thr company to pay for your certs.
Not at all.
Unsolicited email is spam. It’s as simple as that. Dont feel bad about flagging them as such if they won’t respect your contact preferences.
They very likely dont have read or write access to the files on your device.
However, they probably do have the ability to remotely wipe the device. This feature is typically used in enterprise if a phone or laptop is lost or stolen to prevent bad actors from getting access to the data stored on the device.
I just glanced over the options it changes. From what I can tell it:
enables GPU rendering for some canvas2d options
doubles cache sizes for almost everything
disables some speculative prefetching
I cant imagine these options are making a 30% speed difference, outside of some very specialized tests. But, I also haven’t tried it so I could very well be wrong.
Not only does password rotation not add to security, it actually reduces it.
Assuming a perfect world where users are using long randomly generated strong passwords it’s a good idea and can increase security. However, humans are involved and it just means users change their passwords from “Charlie1” to “Charlie2” and it makes their passwords even easier to guess. Especially if you know how often the passwords change and roughly when someone was hired.
Ideally, your users just use a password manager and don’t know any of their credentials except for the one to access that password manager.
If they need to manually type them in, password length should be prioritized over almost any other condition. A full sentence makes a great unique password with tons of entropy that is easy to remember and hard to guess.
This is one of those weird things that venture capital does sometimes.
VC is is injecting cash into tech right now at obscene levels because they think that AI is going to be hugely profitable in the near future.
The tech industry is happily taking that money and using it to develop what they can, but it turns out the majority of the public don’t really want the tool if it means they have to pay extra for it. Especially in its current state, where the information it spits out is far from reliable.
On one hand, hosting content online isnt free, so there should be some form of subsidization to offset that. But I feel like selling my privacy to massive firms so that they can analyze my habits to serve me ads about things I would be statistically more likely to buy is a bad solution to this problem.
I dont have a good fix, as the only 2 alternatives that seem to show up are paid subscriptions and decentralization. Which are both useful options, but not one that fits all cases.
I miss when viruses were fun instead of extortionate
I get this too. However, you’ll usually be able to tell the professionals your end goal during the quoting process and if your requirements are reasonable, they’ll work with you.
If they won’t do that, then you get to ask yourself the next question:
If not, then you can just refuse the quote and work with someone else.
More often than not, the professionals know what they’re doing and will be able to work around your requirements, and if they can’t, they’ll have competitors that can.
I am not a material scientist, but I would wonder if molten metals would radiate too much heat to the environment causing an efficiency loss