was it ever? I participate in interview rounds at my company (several tech screens a month) and I must say a candidate’s email was not something that drew attention
VPN dependent.
was it ever? I participate in interview rounds at my company (several tech screens a month) and I must say a candidate’s email was not something that drew attention
you’re able to unsubscribe from all those protomtions . . . that is in settings. Personally, a once-a-month newsletter of everything that is new is helpful bc I don’t need to put in the effort tlinto keeping up
newsblur
People like having choice, it was never about saving space in phones.
If you look at which company (apple) and the time of removal of headphone jack (around the time their wireless buds were announced), you’ll notice they removed choice so the consumer can only buy more expensive wireless buds, or many many dongles.
The “save space” is an absolute lie. The international (EU, Asia, etc) version of the iPhone has a dedicated SIM card tray. The US model? No tray, just a freakin placeholder where the international version has the SIM tray. Yes, there is a volume of space that can fit 2 headphone jacks on the US iPhone that is just empty.
Look at this iFixit video where they call apple out on it. The placeholder is huge. at ~1:17+
The statement is very informative. The bug happens under increased read/write operations to the same file causing a race condition.
I also found interesting:
Despite the bug being present in OpenZFS for many years, this issue has not been found to impact any TrueNAS systems. The bug fix is scheduled to be included in OpenZFS 2.2.2 within the next week
I’d really want to know what’s driving them
likely ego
The letter is a post on his own blog . Hard to distill into a summary so I recommend reading it get more context. But it seems to have boiled down to:
How It Was:
How It Is Now:
Brave has superior fingerprint protection, they achieve this by randomizing the browsers fingerprint. Visit EFF’s cover your tracks to test your browser.
To achieve the same functionality that brave achieves out of the box with Firefox I need many extensions and then when I profile both browsers, Firefox is more resource intensive. Brave’s blocking is native to the browser. I will give Firefox the W because I’ve read that uBlock is technically more capable. But as a long time Firefox/uBlock user who switched to brave - this has not been noticable.
As for accessibility, I can configure brave to be really aggressive at ad blocking, tracking blocking, fingerprint blocking, and restricting JS even, and all those options I can set from one place instead of in different settings/extensions. When a website breaks, I click on the button next to the URL and immediately have options to granularly dial down the “protection” or add a website to my trusted list. In Firefox I was annoyed to having go through settings for the extension.
Brave plans to continue supporting Manifest V2 after Google kills it. For Ungoogled Chromium, however, it’s still undecided, likely depending on whether UG contributors are willing to maintain it.
Brave has superior fingerprint protection, they achieve this by randomizing the browsers fingerprint. Visit EFF’s cover your tracks to test your browser.
To achieve the same functionality that brave achieves out of the box with Firefox I need many extensions and then when I profile both browsers, Firefox is more resource intensive. Brave’s blocking is native to the browser. I will give Firefox the W because I’ve read that uBlock is technically more capable. But as a long time Firefox/uBlock user who switched to brave - this has not been noticable.
As for accessibility, I can configure brave to be really aggressive at ad blocking, tracking blocking, fingerprint blocking, and restricting JS even, and all those options I can set from one place instead of in different settings/extensions. When a website breaks, I click on the button next to the URL and immediately have options to granularly dial down the “protection” or add a website to my trusted list. In Firefox I was annoyed to having go through settings for the extension.
Brave plans to continue supporting Manifest V2 after Google kills it. For Ungoogled Chromium, however, it’s still undecided, likely depending on whether UG contributors are willing to maintain it.
thanks for the masterclass in CF tunnels.
I am ready to accept everything you’ve said but there is the SSH case that keeps tripping me up. For reference, here is the CF docs on Connecting SSH through CF Tunnels.
Can you help me clear up the misunderstanding here? From the docs it appears you can create a SSH key pair on a client and then copy the public key to the server. It does not appear that the docs state you need to share those keys with CF, so I assume (perhaps incorrectly) that my session will be encrypted with my private key (on client) and public key (on server).
Again, what you said appears to make sense, perhaps SSH is the only edge case that is implemented differently?
hmm, I’m not sure I agree - or perhaps I didn’t explain myself well previously and caused confusion between us.
Yes I agree with you in your description of how cloudflare encrypts -> decrypts -> encrypts; they are allowing you to ride over their network. If you remove cloudflare from the picture entirely, then you just have the internet facing server.
What I’m saying is, if the client and endpoint (server) talk in an encrypted protocol, then cloudflare cannot MiTM the data, only the IP headers. This is similar if you were to connect to any ol’ website over an ISP’s network. If your session is not HTTPS, then your application data can be read. You can have encrypted sessions inside of CF tunnel-network-tunnel.
If your services support encryption, great. But you can also expose a wireguard endpoint so you have the following
wg client --(tunnel to CF)–> CF network --(tunnel to your server)–> wireguard server
the real advantage to CF tunnel is hiding your IP from the public internet, not poking any holes in your firewall for ingress traffic, and cloudflare can apply firewall rules to those clients trying to reach your server by DNS hostname.
interesting, I’ll have to read about this some more then. thanks for pointing me in the right direction
I apologize, I misread the chain of comments. Your explanation is perfectly adequate for someone who has a basic grasp on networking and VPN and tunnels and encryption.
I would just like to add that if your endpoints communicate via an encrypted transport (HTTPS, SSH, etc) then doesn’t matter if cloudflare tries to inspect your packets. There would be 2 layers of encryption while traversing the public web, then 1 layer when traversing CF’s network.
And to some, packet inspection is not a downside since they can offer more protection - but that is totally up to your attack vector tollerence
WARP (a client) just connects you to CF’s network.
If your server is running cloudflared
(an outbound-only tunnel) then you can enroll your WARP client to reach your server, while your server is never accessible on the public web. That’s the principal behind Zero Trust.
While techinically yes, WARP can be considered as a VPN, it is just a secure tunnel to an endpoint. In which case you can argue any point-to-point tunnel is a VPN.
discovered tailscale from this post and after reading their “how tailscale works” I was hoping to get some clarification from an activer user (you).
CF tunnels setup an outbound-only tunnel from my private network via cloudflared
, I have no ingress holes in my firewall to access my services. cloudflared
does all the proxying. Plus my IP changes monthly as I don’t pay for a static one from my ISP. This “outbound-only” connection is resilient to that.
Tailscale is point-to-point (for data plane) connection and only the control plane is “hub and spoke”. This sounds like I need to allow ingress rules on my private network so my server can be connected to? Is this true or where did I misunderstand?
he was not, nobody cares about his 2 bytes
Gotcha, thanks. Well, I’ll look into it some more. I appreciate you supporting Rebble!
What is incredible about this product is that I can speak normally and fluently as I normally do.
The need to look at the output as you speak is only necessary if you expect there to be errors. FUTO, amazingly, performs extremely well in this regard and I have a high confidence in not being able to trip it up. I don’t feel that I need to look down at a live transcription.
This whole comment was written using FUTO voice input. I’m definitely going to donate to them.
GrapheneOS is the open source android OS on pixel hardware without any google binary blobs.
The advantage of using it is Google develops and optimizes the OS so it works on their hardware. The GrapheneOS project compiles the source code, hardens some parts, and boom
Recently I used Google maps to search for the nearest DHL near me so I could return a package. DHL is not that popular near me and when I specifically typed for DHL, I would get only their competitors in the search results.
There was a DHL service center near me and I had to scroll a bunch to find it. Oh, and apparently big box stores (or anyone) can pay Google to come up in the search on maps, even if unrelated.
I don’t think they have skin the in shipping game but their algorithms are over optimized that they don’t even show what your searching for, but trying to infer why you’re searching for it. That or whoever pays them more. Certainly a search risk