Having a non-garbage domain provider can be a luxury. I used to work at a place where we were paying boatloads of money for certificates from Sectigo for internal services, and they were charging us extra per additional name and even more if we wanted a wildcard, even though it didn’t cost them anything to include those options. Getting IT to set up the DNS records for Let’s Encrypt DNS verification was never going to happen.

I’m pretty sure browsers stopped distinguishing EV certificates years ago.

A large percentage of those hosts with SSH enabled are cloud machines because it’s standard for cloud machines to be only accessible by SSH by default. I’ve never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they’re on a virtual private network managed by the hosting provider for other reasons.

SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.

Shodan reports that 35,780,216 hosts have SSH exposed to the internet.

Moving SSH to ports other than 22 is not security. The bots trying port 22 on random addresses with random passwords don’t have a chance of getting in unless you’re using password authentication with weak passwords or your SSH is very old.

SSH security updates are very infrequent and it takes practically no effort to keep SSH up to date. If you’re using a stable distribution, just enable automatic security updates.

Having SSH open to the internet is normal. Don’t use password authentication with weak passwords.

Children also learn to reading and writing using copyrighted works, often from borrowed books that they aren’t paying for. Some corporations would love if everyone had to pay individually, maybe per use, to access copyrighted material, and New York Times and American pro sport leagues would love if they could actually own recollections of copyrighted material, but neither of these is good for normal people.

https://www.eff.org/deeplinks/2023/04/how-we-think-about-copyright-and-ai-art-0

OpenAI is right. Almost everything of value on the internet is under copyright, and very little on the internet has clearly and unambiguously specified licensing information. If the software can only be trained on content that clearly allows training, the model isn’t going to “know” anything about anything since Steamboat Willie and it isn’t going to use broken dialects of older English from being limited to only public domain works that have been digitized and made available as public domain (reprints may not be public domain).

The article isn’t that clear, but the attacker cannot get Slack AI to leak private data via prompt injection directly. Instead, they tell it that the answer to a question is a fake error containing a link which contains the private data, and then when a user that can access the private data asks that question they get the fake error and clicking the link (or automatic unfurling?) causes the private data to be sent to the attacker.

It’s also ahead of gitea in some aspects: https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo

intel’s WiDi software supported Miracast, which is a standard.

They can most likely prevent further breakdown through software. If the meters and controls are functioning correctly, they can undervolt the CPU. But it’s not really a fix if that comes with a performance penalty. If it’s a bug where the CPU maxes out the voltage when idle so it can do nothing faster, that could be fixed with no performance penalty, but that seems unlikely.

I’ve heard speculation that this is exasperated by a feature where the CPU increases the voltage to boost clocks when running single core workloads at low temperatures. If that’s true, having less load or better cooling may be detrimental to the life of the processor.

Or use Miracast, AKA WiDi, Smart View, SmartShare if you just want to mirror a screen.

You don’t need a static IP to have a domain name, and you don’t always need to pay for a domain name either.

That Pentum is a budget CPU from just over 10 years ago. It has PCIe 2.0. Maybe the “gigabit” ethernet is connected to the CPU by a single 500Mbit PCIe lane.

Built bundles are not affected. The service is supposed to figure out which polyfills are required by a particular browser and serve different scripts. Because it’s serving different scripts, the scripts cannot be bundled or secured using SRI. That would defeat the purpose of the service.

Code pulled from GitHub or NPM can be audited and it behaves consistently after it has been copied. If the code has a high reputation and gets incorporated into bundles, the code in the bundles doesn’t change. If the project becomes malicious, only recently created bundles are affected. This code is pulled from polyfill.io every time somebody visits the page and recently polyfill.io has been hijacked to sometimes send malicious code instead. Websites that have been up for years can be affected by this.

Docker Swarm encryption doesn’t work for your use case. The documentation says that the secret is stored encrypted but can be decrypted by the swarm manager nodes and nodes running services that use the service, which both apply to your single node. If you’re not having to unlock Docker Compose on startup, that means that the encrypted value and the decryption key live next to each other on the same computer and anyone who has access to the encrypted secrets can also decrypt them.

I looked it up before posting. It’s illegal in 48 states, including California where most of these companies are headquartered, and every state where major cloud data centers are located. This makes it effectively illegal by state laws, which is the worst kind of illegal in the United States when operating a service at a national level because every state will have slightly different laws. No company is going to establish a system that allows users in the two remaining states to exchange revenge porn with each other except maybe a website established solely for that purpose. Certainly Snapchat would not.

I’ve noticed recently there are many reactionary laws to make illegal specific things that are already illegal or should already be illegal because of a more general law. We’d be much better off with a federal standardization of revenge porn laws than a federal law that specifically outlaws essentially the same thing but only when a specific technology is involved.

Web services and AI in general are completely different things. Web services that generate AI content want to avoid scandals so they’re constantly blocking things that may be in some situations inappropriate, to the point where those services are incapable of performing a great many legitimate tasks.

Somebody running their own image generator on their own computer using the same technology is limited only by their own morals. They can train the generator on content that public services would not, and they are not constrained by prompt or output filters.

Modern AI is not capable of this. The accuracy for detecting nsfw content is not good, and they are completely incapable of detecting when nsfw content is allowable because they have no morals and they don’t understand anything about people or situations besides appearance.