I second that. This practice comes from a time where domain names were expensive, in many ways: SNI didn't exist/wasn't wide-spread, so each domain name on HTTPS needed a dedicated IP, Certificates weren't democratized yet via letsencrypt/acme and most hosts were big enough to run multiple services, because virtualization wasn't as widely available yet. So putting apps on sub-paths made sense.
Now all of those things are basically dealt with and putting each app on its own sub-domain just makes way more sense.
That's probably not a popular opinion here, but: parents do not have a right to their child. If the child was cool with this, then that is the important part (and from what I read I'd guess he would be).
Let's posit it the other way around: a deeply religious pair of parents raises a kid that ends up being strongly anti-religion and comes to some "fame" due to that. Would you describe those celebrating that kid as "cunts" as well? And if not: why?
And no, I'm not religious myself and think a lot of that stuff is stupid and much of it is dangerous, but "those parents deserve better" is an argument that's used in exactly the opposite way in other areas: to oppress kids that don't "submit to the norm" that their parents think are best.
At a quick, manual count the roman catholic church has canonized about 40 new saints since 2000. Not all those other fuckers are in the distant past ;-)
I hear you, but I still think that the idea of the church and saints hasn't gotten any worse: it's "just" that the rest of the world has moved on when they haven't (which is basically their founding principle).
Or put differently: saints haven't gotten stupider, but our standards have changed.
Edit: I have to put my own point into relation: the only saints that actually lived in the 21st century from that list seem to be a pope and 21 IS beheading victims, so yeah, even among those recently canonized saints a huge chunk has bean dead for 100+ years.
Wenn ich sehe wie viel Infos dann öfters mal einfach aus chatprotokollen rauspurzeln glaub ich schon das öfters mal was gefunden wird.
Man muß nicht dumm sein um nicht perfekt in opsec zu sein. Es gibt jede Menge Wege wie man was "liegen lassen" kann, vor allem digital. Und wenn man sich damit nicht regelmäßig beschäftigt kennt man nicht alle.
Einfach aus convenience am Laptop im Chat eingelogged bleiben? Ups, jetzt ist er konfisziert ...
I think the equivalent would be to let the fox guard the hen house.
And no, it's not about having a scapegoat, it's about putting exactly the wrong person with ... let's say "misaligned incentives" into some position (usually one of power).
That's a huge part of the reason why it took so long to put out that official classification: They made sure that their classification would hold up in court. No one is served by getting it in a bit earlier, just for it to be thrown out at the first level of court, because someone got a bit lazy on collecting all the evidence and writing up a thorough report.
That's oversimplifying it. There's a difference between a politician being untruthful of what they promise or some corporation doing some bullshit PR about how much they love cause X and coordinated fake news campaigns to stoke anger and emotions to undermine functioning systems.
The former have to at least try to present with a straight face and can be called on their lies a few month down the line.
The later can make up all manner of bullshit and don't have to hold back, because they have no "public face" other than that piece of fake news. And they don't have to be able to stand up to any amount of journalistic scrutiny because as soon as enough people have read it, it's had its effect: it doesn't matter if it's all proven to be made up after the fact, because the emotions that the initial reaction raised are the whole point: they are not trying to convince anyone about any facts, all they want is to influence emotions and behaviors.
First: love that that's a thing, but I find the blog post hilarious:
We believe this choice must include the one to migrate your data to another cloud provider or on-premises. That’s why, starting today, we’re waiving data transfer out to the internet (DTO) charges when you want to move outside of AWS.
and later
We believe in customer choice, including the choice to move your data out of AWS. The waiver on data transfer out to the internet charges also follows the direction set by the European Data Act and is available to all AWS customers around the world and from any AWS Region.
But sure: it's out of their love for customer choice that they offer this now. The fact that it also fulfills the requirements by the EDA is purely coincidental, they would have done it for sure.
Remember folks: regulation works. Sometimes corporations need the state(s) to force their hand to do the right thing.
I went with iDrive e2 https://www.idrive.com/s3-storage-e2/ 5 TB is 150$/year (50% off first year) for S3-compatible storage. My favorite part is that there are no per-request, ingress or egress costs. That cost is all there is.
Well, except of course the entity that gave you the hardware. And the entity that preinstalled and/or gave you the OS image. And that that entity wasn't fooled into including malicious code in some roundabout way.
like it or not, there's currently no real way to use any significant amount of computing power without trusting someone. And usually several hundreds/thousands of someones.
The best you can hope for is to focus the trust into a small number of entities that have it in their own self interest to prove worthy of that trust.
Like many other security mechanisms VLANs aren't really about enabling anything that can't be done without them.
Instead it's almost exclusively about FORBIDDING some kinds of interactions that are otherwise allowed by default.
So if your question is "do I need VLAN to enable any features", then the answer is no, you don't (almost certainly, I'm sure there are some weird corner cases and exceptions).
What VLANs can help you do is stop your PoE camera from talking to your KNX and your Chromecast from talking to your Switch. But why would you want that? They don't normally talk to each other anyway. Right. That "normally" is exactly the case: one major benefit of having VLANs is not just stopping "normal" phone-homes but to contain any security incidents to as small a scope as possible. Imagine if someone figured out a way to hack your switch (maybe even remotely while you're out!). That would be bad. What would be worse is if that attacker then suddenly has access to your pihole (which is password protected and the password never flies around your home network unencrypted, right?!) or your PC or your phone ...
So having separate VLANs where each one contains only devices that need to talk to each other can severely restrict the actual impact of a security issue with any of your devices.