- danparsonsonDedicated servers can configure external firewalls too; there's a tab for it on the server config. It's basic but functional.
- The author mentioned they had other services exposed to the internet (Postgres, RabbitMQ) which increases their attack surface area. There may be vulnerabilities or misconfigurations in those services for example.
Good security is layered.
- No you're right, I didn't mean the firewall would have saved them, but just as a general point of advice. And yes a second VPS running opnSense or similar makes a nice cheap proxy and then you can firewall off the main server completely. Although that wouldn't have saved them either - they'd still need to forward HTTP/S to the main box.
- No firewall! Wow that's brave. Hetzner will let you configure one that runs outside of the box so you might want to add that too, as part of your defense in depth - that will cover you if you make a mistake with ufw. Personally I keep SSH firewalled only to my home address in this way; if I'm out and about and need access, I can just log into Hetzner's website and change it temporarily.
- I can believe that our dystopian future will be powered by dark fusion reactors that only achieve containment through human sacrifice
- The announcement is about several changes they're making, not just about cert lifetimes.
- > They seem to assume an average rate of approximately 11 lines of code written per day which seems a bit too low if you ask me.
I didn't calculate it but if you're just dividing one number by the other then you're assuming the final code arrived fully-formed in one go - don't forget about refactoring, debugging, testing, etc. etc.
- You never having seen the problem doesn't mean it never happens; I have dealt with a serious performance problem in the past that was due to excessive page fragmentation due to a GUID PK.
To your original point, these are heuristics; there isn't always time to dig into every little architectural decision, so having a set of rules of thumb on hand helps to preempt problems at minimal cognitive cost. "Avoid using a GUID as a primary key if you can" is one of mine.
- I had no idea such a thing existed, thanks - did you need to install anything to get it working or does it just plug and go like a normal monitor?
- For anyone like me who is not up to date with this news:
https://www.ohchr.org/en/press-releases/2025/07/uk-palestine...
> “The decision appears disproportionate and unnecessary. It limits the rights of many people involved with and supportive of Palestine Action who have not themselves engaged in any underlying criminal activity but rather exercised their rights to freedom of expression, peaceful assembly and association,” the High Commissioner said. “As such, it appears to constitute an impermissible restriction on those rights that is at odds with the UK’s obligations under international human rights law.” > > Since the UK Government’s ban came into effect on 5 July, at least 200 people have been arrested under the UK Terrorism Act 2000, many of them while attending peaceful protests.
So it seems you're also missing important context when you wave the whole thing away because "it's a proscribed organisation" - that proscription is in fact another example of government overreach.
- The point was not about your skin colour but your ideology - "some people are just better because nature".
To put your example in different terms - I don't have the physique of an olympic athlete, so I'll never be that fast or strong, but going to the gym absolutely improves on what I have already. I don't have to just live with whatever nature handed to me.
- An analogy I like to use is that I enjoy painting - I've become pretty good at landscapes, portraits, still life... and what most employers are looking for is someone who can paint walls, because that's what they or their customers need. Computers to us are a hobby - for most others they are a tool; if you're going to earn money this way then you need to focus more on delivering value to the people who pay you, and try to find someone who will reward you in line with the value you provide. That usually means first and foremost delivering the required functionality within the required time frame; technical excellence takes (usually a distant) second place, unless you're lucky enough to work on something really interesting.
So what do you do, as an enthusiast? The way I have survived is to make the work interesting in small ways - try different techniques, libraries, algorithms; it depends how much time pressure you're under, as to how much leeway you have. Take advantage of training opportunities - there is always a lot to learn, even if you think you're pretty good already, and more skills improves your chances of landing better jobs in the future. Take pride in your work, even if no-one else notices.
Yes, the corporate life is a grind, but so are most jobs, and at least you get a comfortable chair. Make the best of it or do something else.
- > Though I'd go with innate over genetic.... doesn't make one sound like a white supremacist.
Lucky you dodged that bullet, eh? I suppose 'white supremacist-adjacent' is an improvement.
- Yeah good point, the clean room aspect of it is vital - when you're fabricating at the nano scale, a single speck of dust is a giant boulder ruining your lithography.
- Where are you storing your checksums? If the answer is 'on the corrupted drive' then what makes you think that the checksums are correct?
- Sure - once you have dozens of engineers and 5 years under your belt you'll be good to go!
This will get you started: https://youtu.be/B2482h_TNwg
Keep in mind that every wafer makes multiple trips around the fab, and on each trip it visits multiple machines. Broadly, one trip lays down one layer, and you may need 80-100 layers (although I guess DRAM will be fewer). Each layer must be aligned to nanometer precision with previous layers, otherwise the wafer is junk.
Then as others have said, once you finish the wafer, you still need to slice it, test the dies, and then package them.
Plus all the other stuff....
You'll need billions in investment, not millions - good luck!
- With no prior experience? 0%. Those machines are not just like printers :-)
- Use a UPS?
- The products they buy command a premium. Consumers are generally more price-conscious.
- It's just a restatement of 'nature vs nurture' isn't it? And as you say, both of those things are necessary. Broadly, greatness without circumstances likely leads to obscurity; circumstances without greatness likely leads to indolence. The latter being what often seems to happen in families with generational wealth - some family member makes the fortune, and some later generation, lacking the earlier drive, squanders it.