Is anyone else getting a redirect loop when trying the link? At first I was thinking it had to do with my Firefox settings to force HTTPS but even just:
The biggest reason I flew Southwest was just because with the $20-$25 for early bird check-in each way, I could pretty much guarantee I wouldn't be stuck with a middle seat and would be likely to have control of where on the plane I was (e.g. if I had a tight connection, could be closer to the front).
If being able to pick an acceptable seat ends up costing more than this, I'll be firmly in the territory of just price shopping between the other US airlines and picking whoever has the best price for the route. Admittedly, as someone who flies alone the vast majority of the time, this system worked well for me without much overhead. I can understand how families might be relieved at being able to reserve seats all next to each other as the cost of early bird for say 4 people would really add up. I guess I'll just be enjoying my current setup while I can and then move forward without any sort of loyalty.
You can pay extra to reserve specific seats on basically every airline - it might cost a little more overall but it seems like that you're already just comparison shopping with heuristics.
I love RSS. I take a bit of an unconventional approach and use Discord as my RSS reader. I run a self hosted instance of MonitoRSS (https://github.com/synzen/MonitoRSS). I have a server with just me and my bot instance and I tend to group my feeds into categories and channels (effectively creating a tab system per subscription or group of subscriptions). I have Discord installed on my laptop, phone, and desktop so this means that I can easily look at all my subscribed feeds wherever it's convenient for me. When I'm not set to "do not disturb", I even get push notifications on my devices when content is posted to feeds that go to channels I haven't muted. I think the only real downside of the setup is some days I am very busy and don't check the server that often, so I'll come back to a large backlog of things to read and I'll end up missing or under-appreciating some gems.
Something worth noting: unless I'm missing something, this isn't Beeper Mini (the Android app) but the iMessage-Matrix bridge Beeper created. However, this is still handy if you have a Mac or jailbroken iPhone (edit: for registration, seems like it's not required after the initial setup) as you can self-host it.
Might have learned something today, I always replace the stock router from ISPs.
Easy to test, can someone on a cable box try to reach an open port on their host on IPV6 vs IPV4. My belief is that a majority of setups (maybe not HN hackers) will able to hit a host's open port on v6 and fail on v4.
Yet you continue to speculate about it and spread baseless FUD.
Consumer ISPs supporting IPv6 provide routers blocking inbound access by default. The interface to open IPv6 ports is usually labelled "IPv6 Pinholes" or similar, and you'll find hundreds of web pages on ISP websites describing the functionality -- just as they have pages on IPv4 port forwarding.
The extraordinary claim that ISPs are supplying routers with such a dangerous default configuration requires evidence.
It goes beyond that. With IPV4 you have the further protection of private subnets not even routing across the public internet - it’s broke by default, no configuration necessary.
Your attack surface is primarily your firewall which admittedly might be an easy target - but not as easy as an unprotected Windows box.
Private address ranges are a human convention and there have been instances in the past of upstream routers passing them on.[1] Relying on other people to do your filtering for you is a bad idea. I'm going to put the rules in my own router, whether those addresses are (potentially) globally routable or are designated as private.
The use of small private pools has even helped attackers who would inject browser scripts probing the well-known prefixes.[2]
Exactly! Duplicating my point in a thread below to drive your point home:
NAT was an added layer on top of firewall rules because inbound ports had to be mapped to a particular host and port since the router would not know which host to send to. This created a default opt out experience because for a port on your machine to get accessed, a packet must pass inbound rules and match a port map table entry.
NAT was created for one reason only: because there weren't enough IPv4 addresses to go around.
Port mapping and connection tracking firewalls were invented in 1989,[1][2] while network translation was created in 1994. [3][4] The private address space was only reserved in 1996.[5] The Firewalls book was published in 1994 (which meant that it was being written in the 1992-3 timeframe).[6]
> it’s broke by default, no configuration necessary.
Which is why all sorts of software needs to deal with bullshit like STUN, TURN, etc, to get peer-to-peer connections working. There has to be all sorts of address discovery.
And even that won't work once you get into CG-NAT with tends to have two layers of NAT.
How much of the centralization of the Internet has occurred because people can't just talk to each other (by simply firewall hole punching via UPnP/PCP)?
Who says that they don't? Microsoft has heavily invested in advertising since Windows 10.
Keep in mind that Twitter does the exact same thing (locking accounts and requiring phone numbers to unlock) since a while ago and recently got caught "accidentally" using those numbers for tracking reasons. Facebook also got caught doing the same some time ago.
They certainly aren't using it to verify I am who I am....
I had them lock a MS account I made for a 2nd/alt account (Something I bought years ago to help when I made plugins and game content)..
Account got immediately locked the second I tried to use the launcher for "suspicious activity, give mobile number NOW to regain access".
I tried fighting it for a month, Mojang buried their head in the sand. I've even seen youtubers with multiple millions of subscribers get hit by this bullshit, with no help from Mojang.
They already have the email address I associated with the Minecraft account to begin, that should be good enough...
We discovered a Local Privilege Escalation (from any user to root) in
polkit's pkexec, a SUID-root program that is installed by default on
every major Linux distribution:
"Polkit (formerly PolicyKit) is a component for controlling system-wide
privileges in Unix-like operating systems. It provides an organized way
for non-privileged processes to communicate with privileged ones. [...]
It is also possible to use polkit to execute commands with elevated
privileges using the command pkexec followed by the command intended to
be executed (with root permission)." (Wikipedia)
This vulnerability is an attacker's dream come true:
- pkexec is installed by default on all major Linux distributions (we
exploited Ubuntu, Debian, Fedora, CentOS, and other distributions are
probably also exploitable);
- pkexec is vulnerable since its creation, in May 2009 (commit c8c3d83,
"Add a pkexec(1) command");
- any unprivileged local user can exploit this vulnerability to obtain
full root privileges;
- although this vulnerability is technically a memory corruption, it is
exploitable instantly, reliably, in an architecture-independent way;
- and it is exploitable even if the polkit daemon itself is not running.
My major annoyance with Electron is every app shipping its own version of it, particularly on Linux where most distros tend to ship electron in the repositories. I'd really rather not have 5 different chromium versions - that are lacking security updates - on my system. I wish packagers were more aggressive about not bundling them.
Especially, most of these chat apps have functionally similar web/PWA apps. In those cases, I prefer to install them as desktop PWAs or use Chrome's "Create shortcut" feature to get them into my Dock/Taskbar.
One little bonus is that my browser extensions also apply to these installed PWAs. For example, the Todoist PWA now shows me the Toggle icon next to each task as an easy shortcut to start the time tracker.
Whenever the web alternative catches up with the Electron app, I move to the PWA. Probably the biggest drawback of this is that Firefox is not a suitable alternative for me anymore :( https://bugzilla.mozilla.org/show_bug.cgi?id=1407202
It is interesting that you say that. This is fact already exists. An unbundled version of electron, that can be used by multiple applications, is called a web browser. Applications using it are called websites (or PWAs if you must)
Unfortunately, certain applications are gimped if you don't use the electron version. A notable example of this for me is Discord where push-to-talk doesn't function in the web version due to API limitations.
Another app I use that has this problem is Spotify. While it isn't electron, it is using CEF (chromium embedded framework) and can be dynamically linked to a distro one with some effort. Using the web version means I dont have my music available offline for listening.
Are you running an antimalware program with real-time scanning enabled on Windows? I've found that typically causes a lot of the slowdowns on builds if you don't have your worktree excluded from it. Linux still ends up faster for me even without the anti-malware on Windows but its not as dramatic.
curl -L lukedeniston.com/memory-leak-mystery
> curl: (47) Maximum (50) redirects followed
isn't working.