Confirmation of anecdotes or gut feelings is still science. At some point you need data rather than experience to help people and organizations change their perception (see: most big tech companies lighting billions of dollars on fire on generative AI).
Believe me it’s better to be ignorant about this…
deleted by creator
Or… They do what they did last time the lifetime was cut down from 3-10 years down to 395 days… Just issue you a new certificate when the old one runs out and up to whatever the time period you bought it for…?
Let’s Encrypt isn’t the only CA to use ACME, you can auto renew with basically any CA that implemented it (spoiler: most of them have)
I’ve been using this to automatically skip ads on my Chromecasts (youtube ads and in video segments) for the past year.
https://github.com/gabe565/CastSponsorSkip
It’s literally sponsor block but for all of my Chromecasts
That’s correct, NHTSA required it federally on May 1st 2018. I may have mixed up some local laws or regulations that happened in 2015 (when I bought my last car they mentioned that all their cars were required to have backup cameras)
You’re aware that by law most cars after like 2015 2018 have to have a backup camera in the US right?
If it is broken they are literally breaking the law by not fixing it.
Yes, you can have your mirrors and rearview but the camera removes your blindspots that those miss (you know things like a small child that is behind your vehicle). It’s a critical safety feature that is broken and needs to be fixed.
edit: NHTSA required it in 2018 not 2015, Canada probably has similar laws on the books too
I’m not a huge fiction person in general, most of the books I read are textbooks/technical manuals or other non-fiction.
Some documentaries are fine, it’s highly variable based on the subject matter and how much the director tried to make it “movie-like”.
I’m not a fan of music most of the time, I only really listen to it when I’m exercising. It’s basically to set the vibe for my brain.
However I do play role playing games quite a bit, which for some reason my brain has decided is not boring.
Podcasts though, make my brain release that sweet, sweet, dopamine drip… I listened to something like 52 days worth of podcasts last year? Again most of the topics are the same as the books I read.
I do consulting, so podcasts fill the void between meetings, if I need to taking a break, or as an escape hatch so if I have a particularly hellish client, I don’t fire them.
I don’t particularly like having “free time”. If I’m not being productive, my brain goes “Ah, I see we decided on depression as our option. Magnificent choice sir!” I basically have to scratch a particular itch my brain wants me to scratch to maintain my mental health.
Which is partly why I’m in consulting, it scratches that itch and I get paid so it’s kinda a good gig.
What about someone who truly does not enjoy watching TV or movies?
I understand I’m in a very small minority. However watching TV shows or movies doesn’t interest me at all.
Watching TV or Movies to me is like having stare at a blank wall for 3 hours and forced notice how the faint cracks on the paint spider along it for the entire time. Afterwards I’m supposed to feel like it changed my life or it was somehow an enjoyable experience.
It’s absolutely not my cup of tea.
I don’t hate anyone for enjoying them either. I’ll listen to friends or family talk about things they watch. I enjoy seeing how much they enjoyed watching it. It just doesn’t interest me in the slightest.
It is arbitrary. While what classification a substance is may have some grounding in research, it’s mostly up to what interest group has either lobbied to get something under or whatever group law enforcement wants to be able to get easy charges for. Cannabis was Sched I because it made it easy for law enforcement to get big sentences for minorities and the counter culture participants of the day. Same thing with LSD and psilocybin.
All the DEA scheduling is just pick and choose your charge for whatever ideological ax they want to grind. Hence why things don’t line up with reality
They said that it does not represent their values
You’re aware that you can send whatever traffic you want over any port right? Using 123/udp for NTP is just convention. A light bulb that is updating its time over Tor is suspect. TP-Link would have their own infrastructure or use public pools to update the device’s time.
It’s been hacked, the light bulb is likely part of some botnet or under an attacker’s control directly. Which is why it’s sending that much data continuously. IoT/smart devices don’t send a lot of data in this sort of volume as most of the time they’re idle and maybe send a heartbeat or status update every once in a while to prove they’re alive.
This is what is called an indicator of compromise or IoC, it’s some behavior or pattern that can be used to determine what is happening or who is the one doing the attacking.
Likely OP would need to do some analysis to be able to get attribution unless it’s a very well known botnet actor in which case attribution is fairly straightforward.
It’s definitely been popped. Rip.
You’d think, but then again they probably ripped some open source repo off Github that had more features than necessary. Then proceeded to not turn any of those off, hack in their own features that aren’t very optimized because the board has like 4 gigs of storage and who cares. Finally bake in some firmware blobs for other components that probably allow them to figure out what sports you play or what pets you have so they can sell that info so other companies can show you ads.
Add all that together and you probably have a firmware image that’s like a gig.
Due to the hacked in features, they probably need to release patches frequently or add new “features” nobody asked for. It probably also has a phone-home “feature” so it can automatically update itself because you obviously need the “Defunkifier” setting on your washer right now.
It wouldn’t supprise me if it the amount of network traffic from something like a “smart” washer was a few gigs a day because it’s constantly looking for new updates or sending whatever other telemetry data it’s collected to the mothership.
IANAL; However Usually the contracts have a severability clause, meaning even if some parts of that contract are null and void the rest of it stands minus the parts that are illegal. Does that mean those clauses are also null and void depending on locality? Again IANAL, but I believe it’s pretty settled contract law at least in the US.
Yes there is! Great you have a strong, randomly generated password. There’s no collateral damage (you’re having your password manager generate the passwords right?) So your other accounts are safe, you only have to rotate one password.
Well what happens for instance if someone really wanted access to your account? Say it’s a bank, a social media account, or maybe it’s just a game account for an MMO that’s super high value, you have a long and strong password, but let’s say the service’s security wasn’t quite up to snuff or you got phished and gave your password by accident (these things happen, it’s not your fault).
This is where 2FA comes in, if someone manages to break your password the attacker needs your phone, your security key, your fingerprint, etc… To prove to the service they’re you. By having 2FA on the account you’re increasing your defense in depth for your account. If you didn’t have it your account is as good as gone as soon as an attacker cracks or gets your password.
It acts as a second lock that needs to be picked in order to take over your account.
I personally add 2FA to all of my accounts I can, the highest security ones get added to my hardware token. The ones I don’t need as high security go into my password manager (which has 2FA enabled but only available via my hardware key).
Additionally as often as possible I try to use a unique email address for each service (simplelogin, addy.io, or similar, + based email addresses are easily bypassed) they all forward to my email but now you have to guess my email for the service (my own private domains, so not shared with anyone else) and what mailbox it ends up in. As a bonus you can disable emails that are sending spam or see who got breached based on the email.
Again defense in depth, a long secure password is great but that’s only relying on a single lock. By having 2FA you’re doubling your security so to speak by requiring that extra key in order to access your accounts.
I will note that some departments are moving towards encrypted real time communications and then time delayed text transcripts. This is under the guise of “officer safety” but really they hate the fact that civilians were actively monitoring them and calling out possible issues in real time on the bird site and other social media.