I'm a big LXD and now Incus fan. But I went with NixOS rather than IncusOS for my latest build because I prefer the LTS linux kernel over the mainline kernel.
> the courts don’t care if the license is “as-is”. There isn't any case law to show that. Certainly not in the age of AI. On the criminal side, the CFAA requires "intentionally causes damage" and that's entirely…
Yeah I think I've finally had enough. I need to start seriously advocating for alternatives since this is starting to impact our business. It's clearly not getting any better.
There was another really bad incident today: https://www.githubstatus.com/incidents/zsg1lk7w13cf > We have resolved a regression present when using merge queue with either squash merges or rebases. If you use merge…
If anyone is looking to make a similar thing in go I suggest https://pkg.go.dev/mvdan.cc/sh/v3/interp I've been using it to make my own sandbox that is much more configurable than the default claude code sandbox:…
Tailscale policy tests are a bit hard to write but help us have confidence in our changes. https://tailscale.com/kb/1337/policy-syntax#tests
I guess it was only a matter of time... Part of this is fair since there is a cost to operating the control plane. One way around this is to go back to using check runs. I imagine a third party could handle webhooks,…
I've been using this for a ~year now and it works very well. Thanks!
https://github.com/Foxboron/ssh-tpm-agent works well for me
Working on decently cool things with relatively limited bureaucracy.
Yeah just typical Debian stuff. jwz has been ranting about this for years. It's not worth spending any time on it. Some suggestions: - Only "supporting" the latest mainline kernel and latest tools. I prefer to point to…
I've been patiently waiting to convert my ZFS array to bcachefs. I'm very excited about better SSD promotion logic. But I'm not willing to spend any time on an experimental filesystem on my main systems. > But you can…
Here's a quick example I put together on how to use these runners to accelerate docker builds: https://github.com/gartnera/actions-arm64-native-example
There are attestations that the binaries were built via CI: https://userdocs.github.io/qbittorrent-nox-static/artifact-a... Here's a verification of the latest build: gh attestation verify x86_64-qbittorrent-nox -o…
Spending all their security time/budget on box checking rather than actual security. I'd rather see open ended red team pentest reports.
It seems most if not all google domains are HSTS preloaded so no you can't: https://hstspreload.org/?domain=script.google.com
Yep I'm getting 503's. But the status page says nothing is wrong: https://www.dockerstatus.com/ Update: I configured the gcp docker mirror and can pull images again…
Working well for me on a 7900XT with ROCm 6 and Linux 6.7.5 thanks!
I personally just blocked all the lg domains in AdGuard. That way I can keep using the apps. With full internet access the tv takes significantly longer to load and navigate.
Yes we exclusively use google meet. It's very nice. I feel pain every time I have to use anything else.
Fractional scaling and no screen tearing are the main reasons I chose to adopt Wayland (sway) ~2 years ago.
Using a wildcard domain (*.agartner.com) helps mask the actual subdomain fyi
We blocked the annoying snapd autoupdate behavior by setting a http proxy to a nonexistent server. Whenever we had a maintenance window we would unset the proxy, allow the update, then set the set the nonexistent proxy…
singularity does partially support running without suid: https://github.com/sylabs/singularity/issues/1258 charliecloud is designed specifically not to need suid: https://github.com/hpc/charliecloud docker will…
Scallion (https://github.com/lachesis/scallion) works really good for this. It uses OpenCL to leverage your GPU's to make cracking really fast.
I'm a big LXD and now Incus fan. But I went with NixOS rather than IncusOS for my latest build because I prefer the LTS linux kernel over the mainline kernel.
> the courts don’t care if the license is “as-is”. There isn't any case law to show that. Certainly not in the age of AI. On the criminal side, the CFAA requires "intentionally causes damage" and that's entirely…
Yeah I think I've finally had enough. I need to start seriously advocating for alternatives since this is starting to impact our business. It's clearly not getting any better.
There was another really bad incident today: https://www.githubstatus.com/incidents/zsg1lk7w13cf > We have resolved a regression present when using merge queue with either squash merges or rebases. If you use merge…
If anyone is looking to make a similar thing in go I suggest https://pkg.go.dev/mvdan.cc/sh/v3/interp I've been using it to make my own sandbox that is much more configurable than the default claude code sandbox:…
Tailscale policy tests are a bit hard to write but help us have confidence in our changes. https://tailscale.com/kb/1337/policy-syntax#tests
I guess it was only a matter of time... Part of this is fair since there is a cost to operating the control plane. One way around this is to go back to using check runs. I imagine a third party could handle webhooks,…
I've been using this for a ~year now and it works very well. Thanks!
https://github.com/Foxboron/ssh-tpm-agent works well for me
Working on decently cool things with relatively limited bureaucracy.
Yeah just typical Debian stuff. jwz has been ranting about this for years. It's not worth spending any time on it. Some suggestions: - Only "supporting" the latest mainline kernel and latest tools. I prefer to point to…
I've been patiently waiting to convert my ZFS array to bcachefs. I'm very excited about better SSD promotion logic. But I'm not willing to spend any time on an experimental filesystem on my main systems. > But you can…
Here's a quick example I put together on how to use these runners to accelerate docker builds: https://github.com/gartnera/actions-arm64-native-example
There are attestations that the binaries were built via CI: https://userdocs.github.io/qbittorrent-nox-static/artifact-a... Here's a verification of the latest build: gh attestation verify x86_64-qbittorrent-nox -o…
Spending all their security time/budget on box checking rather than actual security. I'd rather see open ended red team pentest reports.
It seems most if not all google domains are HSTS preloaded so no you can't: https://hstspreload.org/?domain=script.google.com
Yep I'm getting 503's. But the status page says nothing is wrong: https://www.dockerstatus.com/ Update: I configured the gcp docker mirror and can pull images again…
Working well for me on a 7900XT with ROCm 6 and Linux 6.7.5 thanks!
I personally just blocked all the lg domains in AdGuard. That way I can keep using the apps. With full internet access the tv takes significantly longer to load and navigate.
Yes we exclusively use google meet. It's very nice. I feel pain every time I have to use anything else.
Fractional scaling and no screen tearing are the main reasons I chose to adopt Wayland (sway) ~2 years ago.
Using a wildcard domain (*.agartner.com) helps mask the actual subdomain fyi
We blocked the annoying snapd autoupdate behavior by setting a http proxy to a nonexistent server. Whenever we had a maintenance window we would unset the proxy, allow the update, then set the set the nonexistent proxy…
singularity does partially support running without suid: https://github.com/sylabs/singularity/issues/1258 charliecloud is designed specifically not to need suid: https://github.com/hpc/charliecloud docker will…
Scallion (https://github.com/lachesis/scallion) works really good for this. It uses OpenCL to leverage your GPU's to make cracking really fast.