At one point it was definitely not so deep... carriers were literally looking at the IP TTL and seeing whether it was a recognised value from the phone or a few hops less than one of the common defaults, in which case…
Great to see you posting on HN! I still remember making the decision to replace Crunchy Data PGO. CNPG was newer and smaller at the time, so maybe riskier, but seeing the way your team had responded to issues, had a…
Totally agree with you there, as much as I love to hate non-transferability, revokable licenses, permanent VAC bans on accounts that got hacked, I still find Steam the most convenient path to "owning" games in one…
We use Barman inside Kubernetes via CloudNativePG's plugin, as it is the default backup plugin. Barman has always been solid for backup and restore, however configuring backup in CNPG is a little more interesting - WAL…
I remember switching from Win95 to NT4.0 just to be able to use SoftICE properly under Windows without all the stability problems, it was an incredible time! SoftICE felt like absolute wizardry at the time.
Did you use SELECT FOR UPDATE at all, or just never had to update dependent data? If the complex operations are implemented using stored functions / procedures then the a transaction is implicit. If the data is fairly…
Respect to Bose for taking a better stance on this. I still remember Sonos implementing "Recycle Mode" that they thankfully backtracked on.
Yes, you're right, the last sentence is definitely a mistake on my part, I should have written less! Thanks for the links, paulirwin's sibling response is helpful too. We had code using WCF and AppDomains that were…
Yes, you are right, if you are on 5.0+, however the 4.x stuff is definitely out of support. Sorry, I did not know they had actually brought non-Core ASP.NET forward into 5.0+, but it makes sense given how much of .NET…
There is no .NET Core or .NET Framework since .NET 5.0 in 2020. Maybe you mean ASP.NET Core, but then there is no ASP.NET Framework so the comment still does not make sense to me. The vulnerable component is ASP.NET…
Ignoring CR is often how two systems end up parsing the same file differently, one as two lines the other as a single line. If the format is not sensitive to additional empty lines then converting them all CR to LF…
At the very least Windows Update can offer you two versions, a stable version of the driver and a newer but potentially less stable version through the "Optional Driver Updates" page in Windows Update.
True, it has never been in an HTML standard, however it was definitely a documented part of early HTML. The blink element was in Netscape Navigator's HTML dialect in 1993/94, when early HTML was still just hitting IETF…
The act of turning AIS off can attract unwanted attention (higher resolution local satellite monitoring), less likely if you are entering waters where piracy is common and many vessels disable AIS. If a vessel turns AIS…
It may be an unpopular opinion, but I suspect treating juveniles with kid gloves all the time and the popularization of the view that they are entitled not be exposed to anything that may upset or offend them has lead…
As a user of Keycloak on a production project, I'm a little sad there is currently no support for opaque tokens. Sure, you can treat the access token as an opaque token... but at the end of the day it could be a lot…
gpg supports using public / private keypairs to encrypt any amount of data you like. I use it for uni-directional backups from machines where trust is an issue. Or is the reality of this that it's just encrypting a…
Funnily enough based off Lenovo's reputation for their higher end laptops, in April I bought a Lenovo X1 Carbon Gen10, pretty much as they came out. The machine is a nightmare, and has been through about 10 firmware…
If you want to use it, the firmware will need to be updated, and therefore quickly no longer vulnerable once Sony patches it. If you wait until later, the units in the shops will also have patched firmware.
I remember having NT3.51 and NT4.0 checked build CDs from MSDN. I think they also came with full symbol definitions, it was an absolute treasure-trove of information about the OS.
What scares the hell out of me, it would be so easy to backdoor an implementation of the open core in a well-hidden way. Whereas the "big" CPU providers are staking their reputation and therefore future business on…
My only annoyance with GitLab on that front is the lack of tags for "14.8-ce" to enable use of watchtower to keep the minor/security patch up to date, like we have on other images. I definitely do not want to use…
I will be interested to see how HTTP/3 fares on Virgin in the UK. I believe the Superhub 3 and Superhub 4 have UDP offload issues, so it's all dealt with by the CPU, meaning throughput is severely limited compared to…
Out of interest, do you have Kubernetes enabled in Docker for Desktop? I had regular problems very like yours, then one day it just stopped happening, suddenly WSL2 Docker Desktop worked fine. I'm suspecting it might be…
We also remained on Yarn 1 because developing packages using the workspaces feature is really nice. We did make an attempt at moving to Yarn 2, it did not work out well. At that time (probably 12 months ago or more)…
At one point it was definitely not so deep... carriers were literally looking at the IP TTL and seeing whether it was a recognised value from the phone or a few hops less than one of the common defaults, in which case…
Great to see you posting on HN! I still remember making the decision to replace Crunchy Data PGO. CNPG was newer and smaller at the time, so maybe riskier, but seeing the way your team had responded to issues, had a…
Totally agree with you there, as much as I love to hate non-transferability, revokable licenses, permanent VAC bans on accounts that got hacked, I still find Steam the most convenient path to "owning" games in one…
We use Barman inside Kubernetes via CloudNativePG's plugin, as it is the default backup plugin. Barman has always been solid for backup and restore, however configuring backup in CNPG is a little more interesting - WAL…
I remember switching from Win95 to NT4.0 just to be able to use SoftICE properly under Windows without all the stability problems, it was an incredible time! SoftICE felt like absolute wizardry at the time.
Did you use SELECT FOR UPDATE at all, or just never had to update dependent data? If the complex operations are implemented using stored functions / procedures then the a transaction is implicit. If the data is fairly…
Respect to Bose for taking a better stance on this. I still remember Sonos implementing "Recycle Mode" that they thankfully backtracked on.
Yes, you're right, the last sentence is definitely a mistake on my part, I should have written less! Thanks for the links, paulirwin's sibling response is helpful too. We had code using WCF and AppDomains that were…
Yes, you are right, if you are on 5.0+, however the 4.x stuff is definitely out of support. Sorry, I did not know they had actually brought non-Core ASP.NET forward into 5.0+, but it makes sense given how much of .NET…
There is no .NET Core or .NET Framework since .NET 5.0 in 2020. Maybe you mean ASP.NET Core, but then there is no ASP.NET Framework so the comment still does not make sense to me. The vulnerable component is ASP.NET…
Ignoring CR is often how two systems end up parsing the same file differently, one as two lines the other as a single line. If the format is not sensitive to additional empty lines then converting them all CR to LF…
At the very least Windows Update can offer you two versions, a stable version of the driver and a newer but potentially less stable version through the "Optional Driver Updates" page in Windows Update.
True, it has never been in an HTML standard, however it was definitely a documented part of early HTML. The blink element was in Netscape Navigator's HTML dialect in 1993/94, when early HTML was still just hitting IETF…
The act of turning AIS off can attract unwanted attention (higher resolution local satellite monitoring), less likely if you are entering waters where piracy is common and many vessels disable AIS. If a vessel turns AIS…
It may be an unpopular opinion, but I suspect treating juveniles with kid gloves all the time and the popularization of the view that they are entitled not be exposed to anything that may upset or offend them has lead…
As a user of Keycloak on a production project, I'm a little sad there is currently no support for opaque tokens. Sure, you can treat the access token as an opaque token... but at the end of the day it could be a lot…
gpg supports using public / private keypairs to encrypt any amount of data you like. I use it for uni-directional backups from machines where trust is an issue. Or is the reality of this that it's just encrypting a…
Funnily enough based off Lenovo's reputation for their higher end laptops, in April I bought a Lenovo X1 Carbon Gen10, pretty much as they came out. The machine is a nightmare, and has been through about 10 firmware…
If you want to use it, the firmware will need to be updated, and therefore quickly no longer vulnerable once Sony patches it. If you wait until later, the units in the shops will also have patched firmware.
I remember having NT3.51 and NT4.0 checked build CDs from MSDN. I think they also came with full symbol definitions, it was an absolute treasure-trove of information about the OS.
What scares the hell out of me, it would be so easy to backdoor an implementation of the open core in a well-hidden way. Whereas the "big" CPU providers are staking their reputation and therefore future business on…
My only annoyance with GitLab on that front is the lack of tags for "14.8-ce" to enable use of watchtower to keep the minor/security patch up to date, like we have on other images. I definitely do not want to use…
I will be interested to see how HTTP/3 fares on Virgin in the UK. I believe the Superhub 3 and Superhub 4 have UDP offload issues, so it's all dealt with by the CPU, meaning throughput is severely limited compared to…
Out of interest, do you have Kubernetes enabled in Docker for Desktop? I had regular problems very like yours, then one day it just stopped happening, suddenly WSL2 Docker Desktop worked fine. I'm suspecting it might be…
We also remained on Yarn 1 because developing packages using the workspaces feature is really nice. We did make an attempt at moving to Yarn 2, it did not work out well. At that time (probably 12 months ago or more)…