Given that The Prisoner is one of my favorite shows, I immediately read it wrong so that the sign made complete sense.
I think multiple comments would reduce clarity. It is rare for any signle point in an opinion to stand on its own as an atomic unit. A reader would need to jump through a thread to follow your line of reasoning in its entirety.
Single points of an argument may be valid or true on their own, but it is the mutual reinforcement of several points in agreement with each other that will educate or convince someone.
Yeah, I believe there’s some kind of bridge mode you must enable on the host’s interface.
As others have said, a reverse proxy is what you need.
However I will also mention that another tool called macvlan exists, if you’re using containers like podman or docker. Setting up a macvlan network for your containers will trick your server into thinking that the ports exposed by your services belong to a different machine, thus letting them use the same ports at the same time. As far as your LAN is concerned, a container on a macvlan network has its own IP, independent of the host’s IP.
Macvlan is worth setting up if you plan to expose some of your services outside your local network, or if you want to run a service on a port that your host is already using (eg: you want a container to act as DNS on port 53, but systemd-resolved is already using it on the host).
You can set up port forwarding at your router to the containers that you want to publicly expose, and any other containers will be inaccessible. Meanwhile with just a reverse proxy, someone could try to send requests to any domain behind it, even if you don’t want to expose it.
My network is set up such that:
I know this is a joke, but I couldn’t be a programmer without some pedantry. LUnix is actually a real OS! I booted it on my Commodore 64 once.
HR Giger is happily dead after seeing this
I kinda get “new-age cult” vibes from some of the interior pictures
Also, while I bet the house is quite heat efficient, the underground design means that rooms in the back will get no natural light, which would be pretty miserable.
Ooh! Thanks for the tip! Been looking for some affordable drives for my next system.
I bought a LFF Dell Poweredge back in the fall, and have been waiting on a good deal for 3.5" disks. My current machine is a SFF HP Proliant, and I hate how much a 2.5" drive with good capacity costs.
These days, it’s not actually a blanket ban on anyone who used cannabis. To join the FBI, you need to be cannabis-free for 1 year before applying for a job.
https://fbijobs.gov/sites/default/files/2023-04/guide_eligibility.pdf
Sounds rough. My fiancé does security, and from what I’ve gathered from him, the best time for security to get involved is at the design stage. They look over the proposal, give their input, and then nobody’s surprised at release time, and teams can follow agile practices. Obviously there’s still a review of the final product, but that can be done asynchronously after the fact to confirm that best-practices were followed.
Easy to say, hard to put into practice. Certainly depends on the kind of service your business provides.
I don’t think the security people would like that idea very much
Why not? How do your feature flags work?
Small releases, on a regular cadence.
How do you ensure that you’re not releasing features before they’re ready? Kinda depends on the application, but you might use feature flags. A system for turning features on and off without deploying the application. It could be a Boolean in a redis cache that your app looks for, or a DB entry, or another API. The point is for you to be able to flick a switch to turn it on instantly, and then if if breaks things in prod you can just as easily turn it off again.
And just a word of advice: Consider the performance impact of your feature flag’s implementation. We had a team tank their service’s performance because it was checking hundreds of feature flags in different DBs on every API call. Some kind of in-app caching layer with a short refresh period might help.
I’ve never seen Mille used in reference to money. Only in advertising (eg CPM = cost per mille = cost per thousand ad impressions)
But to answer your question, the original Bloomberg article says 60 million.
Same as foo, bar, baz, bizzle, and bebop 😋
Adapted from OnlinePersona@programming.dev, no endorsement of this comment is implied.
Despite what the length of their privacy policies might suggest, first party sites are a lot stingier with their user data now than they’ve been in the past. The value of knowing who someone is and what they want is derived when you convince them to pull out a credit card, at which point you need to collect their data anyway.
Thus, I think we’ll see two tiers of data collection: Deep first-party info shared between retailers and data brokers to target advertising on their first party site, and less granular banner advertising based on privacy sandbox, taking the place of drive-by cookie drops. If privacy sandbox is as good for random blogs as industry is expecting (ie, not as perfect as third party cookies, but less impactful than Apple’s ITP was), I don’t think we will see a wave of email signups.
I don’t quite understand the leap from “No third party cookies” to “You need to create an account”.
If you’re visiting a site and they drop a cookie, that’s a first party cookie. You don’t need to log in for that to happen, and they can track you all the same. Taking identifiers from a first party cookie and passing them to advertisers will still be a thing, it’ll just require closer coordination between the site and the advertiser than if the advertiser dropped their own cookie.
Now yes, that first party cookie won’t follow you around to other websites and track your behavior there, but creating an account wouldn’t enable this anyway. Besides, Google’s Privacy Sandbox product suite is intended to fill this role in a less granular way (associating k-anonymized ids with advertising topics across websites).
Sorry, what’s .Net again?
The runtime? You mean .Net, or .Net Core, or .Net Framework? Oh, you mean a web framework in .Net. Was that Asp.Net or AspNetcore?
Remind me why we let the “Can’t call it Windows 9” company design our enterprise language?
As a child, Easter holiday in a cottage in Cornwall. It had a coal fireplace.
If you’re always using a VPN, that’s not necessarily a privacy threat on your VPN’d device, but any other device on the network that doesn’t have a VPN could be exposing itself to the ISP.
Also, you’re at the mercy of whatever firmware updates your ISP issues for the router. Hopefully they remember to support your box when the next CVE is discovered…
We are forced to keep an ISP router/gateway combo in our home because it has certificates necessary to authenticate our subscription. However, behind that router we have the “real” router with settings and firmware updates that we control. The ISP router is just a hop between our router and the outside world. Everything on our network only connects to the router we control.