There's also https://hckrnews.com which is "a chronologic list of items that have made it onto the Hacker News homepage" regardless of the post-made-it-onto-the-homepage flagged status.
I keep on pestering folks who work at Apple to add color filters to the per-app accessibility options, who knows maybe there's someone there who'll read this. (Edit: there is an internal feature request already)
Since iOS of a couple of versions ago, you can trigger color filters on and off from shortcuts, and get a similar behaviour, but it isn't perfect and sometimes glitches. I do this so my photos app and a few others are in color, but the rest are in grey scale.
except of course on the wire, where it's wildly a mess.
TLS 1.3 version in the record header is 3.1 (that used by TLS 1.0), and later in the client version is 3.3 (that used by TLS 1.2). Neither is correct, they should be 3.4, or 4.0 or something incrementally larger than 3.1 and 3.3.
This number basically corresponds to the SSL 3.x branch from which TLS descended from. There's a good website which visually explains this:
As for if someone is correct or whatever for calling out TLS 1.x as SSL 3.(x+1) IDK how much it really matters. Maybe they're correct in some nerdy way, like I could have called Solaris 3 as SunOS6 and maybe there were some artifacts in the OS to justify my feelings about that. It's certainly more proper to call things by their marketing name, but it's also interesting to note on they behave on the wire.
So the internet is a series of pipes, or tubes, whatever. This quintessential personal blog website is hosted somewhere in this inter connected mess of things. There’s a hierarchy of these pipes/tubes, and they all have some ever diminishing capacity as they head from a mythical center to the personal blog website.
When the bad guys want to DDoS the personal blog website they don’t go and figure out the correct amount they need to send to fill up that pipe/tube that directly connects the personal blog website, they just throw roughly one metric fton at it. This causes the pipes/tubes before the personal blog website to fill up too, and has the effect of disrupting all the other pipes/tubes downstream.
The result is your hosting provider is pissed because their infrastructure just got pummeled, or if you’re hosting that on your home/business ISP they also are pissed. In both cases they probably want to fire you now.
This is incorrect. Any decent host/ISP will instead (automatically, sometimes) emit a blackhole request for the given target IP address to their upstreams, causing the traffic to be filtered there (at the 'larger pipe'). In turn, these upstreams can also pass on the same blackhole request further up if necessary. This means the target is down from the point of view of the Internet, but there is no collateral damage.
Interesting, I didn't realise blackholes were special-cased to allow BGP announcements of /32 instead of the usual /24 or larger. I'd just assumed (like the GP) that the traffic ended up on the target's closest network to the source and only then was it filtered.
Man I always hated that phrasing; always tried to get people to use more precise terms like “customer change propagation.” But yeah, who hasnt been punished by a queryplan change or some random connectivity problem in south east asia!
I have to wonder at $760/forever if this feature even pays for itself. The pure dystopian version of this is that VW loses money on this directly (never mind lost sales) because the hardware and service side costs more for all of the cars than what they get from the small percentage of owners who do pay.
It feels really market by market. Where I live, the house I’ve been in is 50-75% mortgage cost vs rent on a comparable property. That mortgage is a bit over 10 years old, and has been below rent rates for nearly the whole time. Sure, I have upkeep, but I also get to make whatever modifications I want (and that’s a thing that’s appealing to me). And yes, I live in a major west coast city.
These broad numbers games feels like rationalizing a decision today. Maybe it’s true for a particular locale (I don’t live in the Bay Area), but these articles feel like they’re painting with too broad of a brush given I can’t maths out a negative for my situation.
tl;dr: The Linux kernel team view all bugs as a possible security issue. The CVE assignment teams tries to minimize the number of Kernel CVEs because corproate policies mandate fixing CVEs in 30/90 days. There's a lot of politics.
