Even if you’re using asymmetric cryptography, you still have to trust the insecure channel. If an attacker can replace the URL sent there with their own then they can have the sender encrypt the files with an attacker controlled public key rather than the legitimate one
Here’s an Olympic sprinter powering a toaster. He generates 0.021kWh going flat out: https://youtu.be/S4O5voOCqAQ
It’s not that you change the passwords for each website often, it’s that you use a different password for each site. That way if one site gets hacked and your password is leaked, it can’t be used to access your accounts on other sites.
If you have a nut allergy you probably have never tasted nuts and wouldn’t know that was what you were tasting
It’s a quite entitled view to take that they should make an effort to pass the project on. It would be very hard to build sufficient trust in a new developer quickly, and passing it on without that trust would be undermining the trust that users of the projects have placed in this dev. If I were him, I wouldn’t be staking my reputation on finding someone to take over from me if there wasn’t already an obvious candidate.
The successful fundraiser you mention looks to have had a target of $12k USD (from: https://discuss.techlore.tech/t/divestos-is-unsustainable-needs-community-support-we-sent-250-and-you-can-help-too/6660, the original page has been taken down), and was as a alternative to them taking a full time job. I’d say its a reasonable bet that money was spent on living expenses, and IMO $12k a year is much less than this level of skilled work is worth. It’s certainly not enough money to make it unreasonable to shut down the project a year later, and I doubt anyone who donated feels shortchanged by it.
Why would it need 5GHz? At most it needs to do two audio streams, which aren’t going to need lots of bandwidth
The upside of IANA doing it would be a standardised place for sites to move to. Without coordination, different sites would move to different TLDs, probably mostly based on what isn’t already registered. IANA could create a new TLD for this and give existing whatever.io owners a chance to register whatever.iox before its generally available
If you’re just commuting & riding flat, even-ish trails, you maybe don’t need a MTB at all. You’ll get much bigger changes in handling/comfort/speed from changing the style of bike than the marginal gains from upgrading individual parts.
What are you hoping to gain from a drivetrain upgrade? It might make more sense to look at changing the type of bike you have, rather than trying to transform a MTB to act like a hybrid/gravel/road bike
How exactly is it hashed? There aren’t that many possible phone numbers, so it might be viable to just try every valid number until you find one that matches
Blaming Spotify for this is like blaming the company that made your TV for showing you ads that are part of the broadcast. Unless Spotify makes the specific podcast you’re listening to, they’re just playing you the content someone else made, including the ads they included in that content.
It’s marked solved, but since OP didn’t post the solution:
-e uses basic regular expressions, where you need to escape the meta-characters ((|)) with a backslash. Alternatively, use extended regex with -E
$ echo a | grep -E "(a|b)"
a
$ echo a | grep -e "\(a\|b\)"
a
$ echo a | grep -e "(a|b)"
$ echo a | grep -E "\(a\|b\)"
The xz compromise having demonstrated that FOSS projects are totally immune to interference from state actors…
The male gaze is the idea that we judge things from the perspective of a (heterosexual) man. In particular, it often refers to what society considers to be beautiful. Society often equates being sexually attractive with beauty, and often values people who are considered beautiful more highly.
The article is critizing the video for claiming to subvert this trope in the second half, while still placing emphasis on Katy Perry’s sexual attractiveness.
That seems too harsh a penalty, it makes using an additional PU likely to mean starting from the back for ~5 races. It’d also hurt smaller teams worse - if your average qualifying position is 16th you’d be starting from the back for about 12 races.
Botnets targeting android devices are a thing, here’s an example: https://blog.fox-it.com/2023/09/11/from-ermac-to-hook-investigating-the-technical-differences-between-two-android-malware-variants/
In this example, they’re renting access for thousands of dollars. These people have a clear motivation to find ways to exploit devices and unpatched CVEs are an easy way for them to do that.
Try it. The worst that happens is that it makes things slower and then you turn it back off.
You’re right, my bad. (Source: https://help.kagi.com/kagi/search-details/search-sources.html)
They pay Microsoft for access to the bing index
The x390/x280 are the same era as these but smaller, so might be a better fit here. The X390 has soldered RAM though, so I’d look for the 16GB version if you can find it (there’s not much of a price difference used)
Sure, but then you’ve just shifted the problem up a level. Now I have to trust that the user id you provide me in the insecure channel really is you. Which means either trusting the insecure channel or trusting that the web app has confirmed who you are in some other way before giving you an ID.
We have to reject the first since we could skip all the asymmetric crypt and just send a symmetric key directly in the insecure channel.
If we’re trusting the web app has confirmed your identity, we’ve moved from “just quickly go to this page and it’ll generate you a public key” to “go to this site, upload a photo of your ID and a video of you saying that its you and whatever other verification is needed, then it’ll give you a public key”.
You originally wrote:
The hard part isn’t them going to the site in advance, it’s them establishing trust with the site that they are who they claim to be.