Isn’t the purpose of an immutable OS supposed to be for things like specific services that generally aren’t supposed to be logged into? For example a web-proxy, or log-forwarder or maybe some kind of LB front-end?

I didn’t think “daily driving” an immutable OS as a user who needs to invoke a shell was its purpose.

You need to understand subnetting. Allowing 192.168.1.0/24 also allows 192.168.1.135/24 In fact 192.168.1.135/24 shouldn’t be valid syntax at all, but it is easier to accept it and then let subnet math fix the mistake.

I assume your router is 192.168.1.135 for whatever reason, so as long as your router is contained in the configured iptables allowed network, it’ll work with all of the following networks.

192.168.1.135/32
192.168.1.134/31
192.168.1.132/30
192.168.1.128/29
192.168.1.128/28
192.168.1.128/27
192.168.1.128/26
192.168.1.128/25
192.168.1.0/24
192.168.0.0/23
… And 22 even larger networks.

If you don’t configure a subnet mask for the rule, iptables will accept the IP address you put in as a single host, the /32 is implied. The same behavior would be seen using any kind of network filter, though they may not allow you to specify 192.168.1.135/24, they may require a bit boundary, but mathematically, it’s the same.

Why is there a need to comply with foolish laws? I’m sure I type stuff on lemmy.ml or elsewhere on the internet that doesn’t comply with some idiot law somewhere in like Myanmar or the DPRK. Why would I concern myself with those laws.

Not black text on white, but light grey/purple on dark grey was pretty popular with Sun Microsystems. I think OG Apple Macintosh used Black on White, or at least close enough colors.

That said I use something like this for work.

It should be an open floor plan. I’d honestly love a cubicle if I had to work in an office.

This is just using dev/rand/ but with extra steps.

yea, ever since TPM was first making the conspiracy rounds in the 90’s there has been a huge misunderstanding of its purpose, let alone its capabilities. I 100% agree with the author that looking at the TPM as an evil blackbox is really just depriving users of a tool that can be implemented in an open source way to secure user privacy. The GPU however is impossible to implement in an opensource way by everyone except a small handful of semiconductor companies, and even then you would rely on proprietary microcode that woul take millions of manhours to reverse engineer if it were even possible. So if I were some megacorp who relied on Imaginary Property, the GPU that was exclusively created by a fellow megacorp is where I’d place my trust.

I also dont know why Win11 requires a tpm2.0, but since it does, and my current computer doesnt have one, I’m certanly not going to run it.

Ultimately your concerns stem from the philosophy of privacy, but you are weak on what practical privacy means. You have to give up a certain amount of privacy to participate in society at all. This is the case regardless of any technology. Once you decide you need a cell phone, you now have a tracking device on your person that can be used by anyone that wants to track you, specifically. You cannot prevent this regardless of what you do. Assuming you are not a person of interest for a nation-state, this exchange of privacy for convenience is rational.

There are things you can do in-order to increase your privacy in any un-trusted network though. For example: MAC-address randomization. DNS Proxies, VPNs, Privacy focused Browsers block-lists no-script etc etc.

Not all of these are relevant in all situations, and all of them can be made moot as soon as you login to some place. i.e. logging into a lemmy instance means that you now are uniquely identifiable and information can start being collected about you.

Now the question of “trust.” i.e. you don’t “trust” your friends network? Why not? Any argument that you can make about not knowing their network applies 10-fold to the cell network that you have absolutely chosen to trust. So the measures that you take with your own device to protect it from the public phone network, are equally effective on any wireless network. And that is where privacy advocates start getting squirrely.

tl;dr, if you have already taken the above steps, all untrusted networks should be treated the same according to your personal privacy envelope.

This is a great example of someone who has a lot of fear in their life that stems from ignorance, but tries to pass it off as something else. But make no mistake, you have a large gap in knowledge, and that knowledge gap combined with the paranoia of what you read from “privacy advocates” means your life is much harder and more insecure then you realize.

As a senior Network engineer, Macbook Pro is my goto. Jack Black Label is good, but I still prefer Lagavulin 16yr or founders All Day IPA.

I don’t think you should let Nazi’s win the war of language.

How can my JSON response have any concept of Type? If I return a number and you treat it is a string, my API doesn’t have any concept of that. Now in the actual spec of the API I could say that specific URI will return an int, but it’s up to your side to classify the array of bits as an int instead of a str.

Enlightenment is realizing that variables don’t have nor need a type, they are all just arrays of bits.

I can import my_script2.py into my_script.py it doesn’t run the main method unless I specifically invoke my_script2.main() though.

Idk, I guess I should ask why python needs a default function? If I’m running it as a script with commandline invocation I just copy and paste the if main namespace thing from stack overflow and it works as I intended. It also works if I invoke via python my_script.py $args, so I don’t really see why I should philosophically care about how other languages that I’m not using do it.

Partitioning is one of those obsolete Unixisms that is best left in the 90s. Only exception is dual booting, but even there partitioning isn’t really very important anymore

Why does even a modern language syntax insist on having end of line characters like semi colons. Surely we have moved beyond that. What is even the point of those characters?

“YOU NEED A COMPUTER AND DEVELOPER OPTIONS ENABLED FOR THIS TO WORK. DEVELOPER OPTIONS CAN BE ENABLED ON THE PARENT APP.”

So is this just a case where if you have a privileged user i.e. developer options, you can do things like change the time? Maybe i’m misunderstanding the way time-based features work, but surely they can be trivially bypassed by the child in a myriad number of ways if they have privileged access already?

Git is great. Git is Complicated. But assuming you have a protected master branch that requires PRs and will detect merge conflicts before attempting to merge, it’s not really dangerous. It is however frustrating.

Sounds like the perfect evolution of pointers then.