Doesn’t work for livestreams as far as I know. There’s an open PR: https://github.com/yt-dlp/yt-dlp/pull/6498
Interesting that it can’t reestablish the connection, as the application level protocol should support it just fine. The client should notice the GRE (game rules engine) TCP socket is broken, and reset everything. When…
And thankfully you won’t be looking at it much longer
Just wanted to say thanks for nix2container. I’ve been using it to do some deploys to AWS (ECR) and my iteration time between builds is down to single digit seconds.
Thanks for the link, I've got a bunch of hacky code for running Immich's compose under Nix that this might be able to replace.
I have a similar display, and also use blue noise dithering. Mine is driven in the backend by a web browser, which means I was able to abuse CSS and mix-blend-mode to do the dithering for me: ha-card::after { content:…
Whoa, .alt is finally a proposed standard with a real RFC number. Really happy about this, it's sorely needed in some spaces.
Another option for NixOS is bootspec-secureboot, I'm using it with no real complaints: https://github.com/DeterminateSystems/bootspec-secureboot
There kind of is, but it's not really made for that use case so there's a bunch of caveats (it's read/write, has a limited max number of attachments, io1/2 required, can't be the boot volume):…
https://docs.aws.amazon.com/whitepapers/latest/security-desi....
This was considered a feature back in the day; it was called MASE - Multiple Account, Same Email. I'm pretty sure you can just change the email on one of them to get out of that state.
Somewhat related - I made a bridge server [1] that lets ACME clients use standard RFC2136 to solve DNS-01 challenges for internal names without them needing credentials for the actual DNS backend (Route 53 in my case).…
If anyone's interested in poking around a little bit more, here's a half-finished client for the MTG Arena wire protocol: https://gist.github.com/schlarpc/a58f2f647ee2a640baa62c23a51... There may be something else more…
Just created it yesterday. I don't think there's as much incentive to squat on the S3 namespace like there is for domain names.
Kinesis Firehose uses an IAM role to deliver data, so delivery within the same account does not necessarily depend on permissions on the bucket. Removing s3:* permissions from that IAM role or adding an explicit deny…
The Chrome update only bumped to 3.25.3, so it's likely a commit between 3.24.0 and 3.25.3: https://chromium.googlesource.com/chromium/src/+/c368e30ae55...
In Python 3, all classes are "new style", so omitting the parent is the same as inheriting from `object`.
There's a couple recent products that hit similar niches: GPD Pocket: https://www.indiegogo.com/projects/gpd-pocket-7-0-umpc-lapto... GPD Win 2: https://www.indiegogo.com/projects/gpd-win-2-handheld-game-c... Ockel…
Looks like the "Go support" is just running a precompiled binary that starts a TCP listener (https://github.com/aws/aws-lambda-go/blob/master/lambda/entr...), so might not be that hard to port...
And when you use a role like this, you really should use an external ID to avoid confused deputy attacks. http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_cre...
The relocation benefits have to be paid back (prorated) until two years, so it sounds plausible enough. For what it's worth (not much without numbers on growth and turnover), I've been with them for about 2.5 years and…
SNI puts the DNS names you're connecting to in plaintext at the start of every TLS connection. Running your DNS over an encrypted channel won't stop someone from knowing or blocking the sites you connect to.
There's at least one on the market: https://www.evga.com/articles/01051/evga-powerlink/
AWS uses this isolation pattern internally for just about everything, for what it's worth.
Just to give an example of the pain that can be caused by NotAction in practice: https://www.reddit.com/r/aws/comments/3recc9/this_iam_policy... This policy looks reasonable to a casual observer, but actually gives *…
Doesn’t work for livestreams as far as I know. There’s an open PR: https://github.com/yt-dlp/yt-dlp/pull/6498
Interesting that it can’t reestablish the connection, as the application level protocol should support it just fine. The client should notice the GRE (game rules engine) TCP socket is broken, and reset everything. When…
And thankfully you won’t be looking at it much longer
Just wanted to say thanks for nix2container. I’ve been using it to do some deploys to AWS (ECR) and my iteration time between builds is down to single digit seconds.
Thanks for the link, I've got a bunch of hacky code for running Immich's compose under Nix that this might be able to replace.
I have a similar display, and also use blue noise dithering. Mine is driven in the backend by a web browser, which means I was able to abuse CSS and mix-blend-mode to do the dithering for me: ha-card::after { content:…
Whoa, .alt is finally a proposed standard with a real RFC number. Really happy about this, it's sorely needed in some spaces.
Another option for NixOS is bootspec-secureboot, I'm using it with no real complaints: https://github.com/DeterminateSystems/bootspec-secureboot
There kind of is, but it's not really made for that use case so there's a bunch of caveats (it's read/write, has a limited max number of attachments, io1/2 required, can't be the boot volume):…
https://docs.aws.amazon.com/whitepapers/latest/security-desi....
This was considered a feature back in the day; it was called MASE - Multiple Account, Same Email. I'm pretty sure you can just change the email on one of them to get out of that state.
Somewhat related - I made a bridge server [1] that lets ACME clients use standard RFC2136 to solve DNS-01 challenges for internal names without them needing credentials for the actual DNS backend (Route 53 in my case).…
If anyone's interested in poking around a little bit more, here's a half-finished client for the MTG Arena wire protocol: https://gist.github.com/schlarpc/a58f2f647ee2a640baa62c23a51... There may be something else more…
Just created it yesterday. I don't think there's as much incentive to squat on the S3 namespace like there is for domain names.
Kinesis Firehose uses an IAM role to deliver data, so delivery within the same account does not necessarily depend on permissions on the bucket. Removing s3:* permissions from that IAM role or adding an explicit deny…
The Chrome update only bumped to 3.25.3, so it's likely a commit between 3.24.0 and 3.25.3: https://chromium.googlesource.com/chromium/src/+/c368e30ae55...
In Python 3, all classes are "new style", so omitting the parent is the same as inheriting from `object`.
There's a couple recent products that hit similar niches: GPD Pocket: https://www.indiegogo.com/projects/gpd-pocket-7-0-umpc-lapto... GPD Win 2: https://www.indiegogo.com/projects/gpd-win-2-handheld-game-c... Ockel…
Looks like the "Go support" is just running a precompiled binary that starts a TCP listener (https://github.com/aws/aws-lambda-go/blob/master/lambda/entr...), so might not be that hard to port...
And when you use a role like this, you really should use an external ID to avoid confused deputy attacks. http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_cre...
The relocation benefits have to be paid back (prorated) until two years, so it sounds plausible enough. For what it's worth (not much without numbers on growth and turnover), I've been with them for about 2.5 years and…
SNI puts the DNS names you're connecting to in plaintext at the start of every TLS connection. Running your DNS over an encrypted channel won't stop someone from knowing or blocking the sites you connect to.
There's at least one on the market: https://www.evga.com/articles/01051/evga-powerlink/
AWS uses this isolation pattern internally for just about everything, for what it's worth.
Just to give an example of the pain that can be caused by NotAction in practice: https://www.reddit.com/r/aws/comments/3recc9/this_iam_policy... This policy looks reasonable to a casual observer, but actually gives *…