- 0 Posts
- 11 Comments
By design nothing in the chain can be altered. But of course you could have a block indicating “person X is now person Y”. But you can always read that Y was at some point X (and at what point the change happened). That would not be good, as it would be a public ledger of all trans people. It would also make things like witness protection impossible because inserting a block “today in 2024, person W was born in 1974” is very suspicious
Can’t remember exactly what happened but it involved changing permissions on
/bin/sbinand similar. You know for security …In the end I didn’t have permissions to run
chmod,suorsudoFortunately there is little that can’t be fixed by booting from a live image.
If you want any system to connect to you, you need to open a port. You don’t need to do that for outgoing connections (the OS and your router will automatically open ports for the return connection). So if everybody connects to one central system, nobody needs to (explicitly) open any ports (except for the central connection point)
Most VPNs use UDP. So set up a wireguard, tailscale or openvpn.
But you still need to “open up the firewall”. UDP still works on ports the same way as TCP. I do agree however, that exposing a VPN port is more secure than exposing a port for a game server, as you don’t know about the security of that server software.
A drive label is just a string that can be set by any privileged process. Seems like this installation of the new distro didn’t do that. Or you skipped a step in the install where you could have chosen the drive label.
If it is a bug in the installer or if you missed it, I can’t tell.
But you can just change it in gparted or something else.
The thing that confused me when first learning about docker was, that everybody compares it to a virtual machine. It’s not. Containers dont virtualize anything. They take a (single) process from the host OS and separate that into its own environment. All system calls, memory access, file writes etc are still handled by the same os (same kernel). However the process is separated both on the file system and process level. It can’t see other processes outside of the container and it also doesn’t see the real filesystem. It sees a filesystem provided by the container. This also means it sees different file and user permissions. When you run a alpine Linux docker container on an Ubuntu system, the container only containes the (few) files for alpine but no Linux kernel no desktop environment. A process inside that container only sees the alpine files and not the Ubuntu files. It also means all containers see a filesystem independent of each other and can use libraries and dependencies of different versions (they are only files after all).
For administration it makes running complex services easy. You define how to setup that service (what base Linux distro to use, what packages to install, what commands to run, and how to start the process). You can then be save to assume the setup of that service did not interfere with the setup of any other service. “Service 1 needs a certain system wide config changed? Service 2 needs that config in the default state? And both need a different version of the same library?” In containers you can have all at the same time because they each see a different version of the same config and library.
And all this is provided by the kernel itself. All docker does is provide an “easy” way to create and manage containers but could could do all of that using chroot, runc and a few other.
As a note, containers usually don’t come with systemd as they don’t need an init system. You would run the service directly inside the container and then use systemd outside the container to make sure the container is started/restarted, or just docker as it can already do that.
I found a great article demystifying containers recently
Chrome doesn’t care about closing html tags. If they are mising the document is invalid but chrome will render it anyway and just add the closing tag where it thinks it should be.
At the other end, Firefox goes beyond the standard and will block certain connections that should be allowed by the fetch standard (the setting to disable that is called enhanced tracking protection).
So chrome allows things things it shouldn’t while Firefox blocks some it shouldn’t
They sometimes buy keys using stolen credit cards. When the fraud is found out, the banks will request the money from the developer. They in turn often don’t have a way to lock the fraudulent key, so it remains valid.
The costs for the initial bank transfer, plus the time invested in returning the money to the credit card holder are payed by the developer.
The key reseller has a 100% profit margin, the customer has a valid and cheap game key, and the developer actually lost time and money.
I think it’s about usage rights. People are fine with their post being on their chosen end of the fediverse forever but don’t want corporations and news sites to generate a profit by using the posts. That is independent of federation, federation just makes it easier.
There is a famous experiment , where a person gets 100$, and have to offer an arbitrary percentage of that to a stranger. If the stranger declines, both get nothing.
From the strangers perspective, getting offered even 1$ is a win, but the vast majority rejected anything below 30%