The client has the private key, the server has the corresponding public key in its authorized keys file.

The server is vulnerable to the private key getting stolen from the client.

Use the DNS challenge instead? You’ll need a DNS provider with an API though

I use this, it’s fine, but development on the open version is very very slow.

And they still haven’t fixed my pet bug: they introduced Unix socket listening, I found that enabling it prevented upgrades, reported the bug with details and repro, and nobody cares. The workaround is simple, delete the socket file before every start. But I remain confused why a bug that prevents upgrades remains.

Not perfect for me, I was also wondering if it would be in this post.

I find the scrolling in the sms display wack, and the copy otp button doesn’t work (just enabled the log follow workaround, so we’ll see), and the right click menu on the system tray icon goes off screen the first try.

By default, unencrypted, and unauthenticated, and permissions rely on IDs the client can fake.

May or may not be a problem in practice, one should think about their personal threat model.

Mine are read only and unauthenticated because they’re just media files, but I did add unneeded encryption via ktls because it wasn’t too hard to add (I already had a valid certificate to reuse)

You could use a reverse proxy to terminate tls, and take the tls off of ad guard itself.

Well, released is a strong word when it’s not on Nvidias site. It was pushed to the cuda repos only, so far.

Same, I’ve been happy with my two play 1s for over a decade. But my secret is not updating, and not using the app (neither phone nor windows), I use Home Assistant (Python) and Noson. My other secret is not adding more Sonos speakers, because I believe you need to use the official phone app for grouping or updates.

Not true, Arch and Ubuntu (the ones I personally checked on) already pushed patches that disabled cups browsed by default, removing the service listening on 631.

You probably don’t need a local Firewall

If the computer never leaves the house, maybe. If it’s ever on public Wi-Fi though, default deny inbound at a bare minimum. Linux computers with cups installed and running but no firewall were revealed yesterday to be vulnerable to RCE.

This is great:

What if my experimental protocol is approaching the 3 month removal period but I am missing ACKs due to reviewer inactivity?

Contributors engaging in good faith protocol development should not be penalized due to reviewer inactivity. It is advised that experimental protocol authors post memes to the base MR until reviewers become active.

What if an experimental protocol author posts memes to the MR for many months rather than furthering development?

It is expected that protocol authors are seriously attempting to reach staging/ status. If it is determined by members that this is not the case for a given experimental protocol after a three month period has elapsed, the one week removal notice may be invoked regardless of how good the memes may be.

Handbrake uses avx512 and zen5 significantly improved on avx512

http://numberworld.org/blogs/2024_8_7_zen5_avx512_teardown/

What hardware? And can you narrow down when during updates?

I had this problem on Arch on a 5 year old Lenovo laptop with an Nvidia 1660ti GPU. With judicious use of set -x I narrowed it down to systemd daemon-reload.

I actually changed my ext4 journal mode and added a pacman hook in that calls sync before any systemd hooks ran, after the second time half of the package updates got lost due to the freeze.

Because the problem only happened most times, and usually not soon after a reboot, I can’t prove it, but the problem hasn’t reoccurred since I switched the Nvidia driver to the open flavor.

I wouldn’t recommend watching it,

So why are you giving him views by prominently linking it? It looks like you’re just bringing the rage bait here.

You can still torrent without forwarding a port, for example by only making outgoing connections. But that may limit your speed, and figuring out forwarding should help.

Of all those, I’ve only heard of Heztner. Am I out of touch?

I’ve been a Linode customer for years, and I used to use Digital Ocean as well. I’ve been happy with them, did you consider them?

None that article, but check my other reply and check your plan. You may be pleased, I was.

The marketing fluff doesn’t, but they actually did increase upload speeds. Mine went from 10 to 20 up. And here is the DSL reports forum thread from when this round started.

Also, they are testing larger increases. I could get 100 up today, if I had a supported modem.

So, check your actual plan and modem to see what you have now.

Yes. 2019 comment from cloudflare: https://news.ycombinator.com/item?id=19828702

On my network, I send dns requests for only the archive domains to a DNS server that archive likes. Adguards, in this case. Everything else goes to cloudflare. Both adguardhome and unbound can do that.

I was happy with my cyber powers for years, but then the batteries died (official replacement batteries, after 3 years - the originals lasted 5) and the ups just stopped even passing power through. This is someone’s old blog about this https://blog.networkprofile.org/cyberpower-ups-avoid/